Classic Cyber Caltrops

Wednesday, April 27, 2011

What’s a Caltrop?  It could be the start of a lame joke like, “what’s a hen way” or “what’s a Grecian earn?”  In fact, a Caltrop is an ancient land mine of sorts.  It is usually a multi-sided spiked object that could seriously tear up a bare foot, an unshod hoof or a pair of Bronze Age sandals.  Today the modern version of caltrops is used against vehicles with unreinforced tires.  Think televised car chase on some freeway.  They are not sophisticated and certainly not anywhere as bad as an IED.  Yet, given the right circumstances, they are very effective. 

The cyber version of the caltrop is the classic phishing scam.  They are relatively easy to spot and very easy to avoid.  They pale in comparison to the sophisticated phishing schemes that recreate entire web sites and use personalized spear phishing techniques.  Those can occasionally fool even seasoned web users. But these cyber caltrops still catch the unwary, the unwise and the uneducated.  To most of us that have any level of cyber security training, or even pay attention to the news, these scams seem painfully obvious.  It boggles our minds how anyone would fall for them.  Yet they are still in frequent and widespread use.  Why?  Because they work!  Throw in a million hooks.  If you grab two fish, you have yourself a good meal.  If I were a cyber bad guy, that strategy would be perfectly acceptable.

So for some people’s entertainment and other’s education here are the exact beginnings of a few of the phishing emails that came in to a personal email address in the past month. The words and spelling are exact.  The format was altered to fit the page. These are not the slick ones.  Yet remember, somewhere, with somebody, these work.


Sir/Madam, I am Mrs marie James, from Kuwait.

I am married to late Mr Paul James, who worked with Kuwait Embassy in Cote d'Ivoire for Twenty-Six years before he died in the year 2006 after a brief illness that lasted for only five days.  We were married for Eighteen years with a duaghter (Lilian)who later died in a motor accident. Before the untimely death of my husband, we were both born again Christians. Since after his death I decided not to remarry or get a child outside my matrimonial home which the Bible is against. When my late husband was alive he deposited the sum of (Five Million,Five Hundred Thousand United States Dollars) in a General Trust Account with a prime bank in Abidjan Cote d'Ivoire.


Good Day To You My Friend.

It is understandable that you might be a little bit apprehensive because you do not know me but I have a lucrative business proposal of mutual interest to share with you. I got your reference in my search for someone who suits my proposed business relationship.

I am Mr. Peter. Lee a South Korean, happily married with children, and i am a Director of Hang Seng Bank Ltd, in charge of the International Remittance department. I have a confidential business suggestion for you. I will need you to assist me in executing a business project from Hong Kong to your country. It involves the transfer of a large sum of money. Everything concerning this transaction shall be legally done without hitch. Please endeavour to observe utmost discretion in all matters concerning this issue.


From Hospital
Dearest Beloved,

This is Miss Jennifer Kipka Williams from Trinidad &Tobago. I am writing from the hospital in Cote d Ivoire, therefore this mail is very urgent as you can see that I am dying in the hospital. I was told by the doctor that I was poisoned and has got my liver damaged and can only live for some months.

I inherited some money ($3.5 Million) from my late father and I cannot think of anybody trying to kill me apart from my step mother in order to inherit the money, she is an Ivorian by nationality.


 If you fall for one of these, not only have you been caught by an unsophisticated crook, but you will have to explain it to somebody – police, family, or boss – at some point.  Most of us would die of embarrassment.  How about you?

The On Cyber Patrol © cartoon and supporting articles are created and made available by the U.S. Army’s Office of Information Assurance and Compliance, NETCOM, CIO/G6. For more information on the OCP program or to submit ideas for upcoming cartoons/articles, contact

Enjoyed this article? SUBSCRIBE NOW to keep the content flowing.