MacKenzie Scott, the former wife of Amazon boss Jeff Bezos, has given away billions of dollars through her philanthropic work – and is still among the wealthiest women in the world. Scammers have noticed.
While checking their morning emails, a Cybernews team member has noticed a message purportedly sent from MacKenzie Scott. She was apparently on a quest to part with a sizable chunk of her fortune – $4 billion, to be exact.
"You're one of the lucky winners," the message read, promising a grant of over $100 million if only the recipient replied. The email said the money was going to charities, individuals, and colleges across the globe to provide support to people suffering economically from Covid-19.
The scammers did their homework. The sum they mentioned – $4 billion – is close to what Scott said she had donated to various charities since June last year in her blog post in March.
Forbes has recently described Scott as "giving away her fortune faster than any billionaire in modern times," with an estimated total of her donations over the course of two years reaching $12 billion.
Given Scott's track record, she will likely continue donating more. It is just improbable that she will make donations via random emails to "lucky winners."
Spray and prey
The Cybernews team member did not respond to the message – it was riddled with grammatical errors, and there was no plausible reason someone like Scott would have reached out to them. But they were not the target.
"These scammers are generally preying on people being gullible and naive. From the scammers' point of view, they just need one person who is naive enough to believe that a celebrity is contacting them in order for the scam to be profitable," Peter Strahan, head of cybersecurity firm Lantech, said.
Other security experts echo this sentiment. Scammers know that many of their targets will ignore and delete their emails. Chances are, however, that those who respond will take the bait.
"The scammers are playing a numbers game with this spray and prey style attack. Success is achieved even if only a small percentage of recipients respond," Troy Gill, threat intelligence manager at OpenText Security Solutions, said.
The scam appears to be a social engineering attempt. It counts on a victim responding to the email, which should lead to more exchanges to build trust and credibility. The ultimate goal for the criminals is to defraud the victim or steal their personal information.
"They also use social engineering and phishing tactics to conduct business email compromise, steal sensitive information or credentials, commit fraud, or even launch a ransomware attack. Social engineering attacks rely on the fact that humans are the weakest link in any organization's security posture," David Endler, cybersecurity professional at SpyCloud, said.
Emotions at play
Experts point at the base human desire to feel special as one of the reasons driving the rise of celebrity impersonation scams. The legitimacy a big company or a celebrity name bears is also enough for some targeted individuals to let their guard down.
"These crimes are increasing because criminals utilize social proof and celebrities' connections to charity nonprofits to get past the victims' skepticism of scams. They do it because it works," Paul Tracey, head of the managed security service provider firm, Innovative Technologies, said.
Celebrity endorsement of specific cryptocurrencies and investment opportunities also contributes to the proliferation of impersonation scams.
"We see celebrities and influencers promoting products, services, and investment opportunities on social media much more regularly than we ever have. It makes it harder for some people to distinguish between emails like this and genuine celebrity-backed opportunities," Aaron Drapkin, senior writer at Tech.co, noted.
One time-honored rule to help people make that distinction could almost sound banal if it weren't so true: if something sounds too good to be true, it usually is.
More from Cybernews:
Subscribe to our newsletter