LinkedIn is a popular social network for connecting professionals, and I have an account there. Every day I get an invite to connect with someone. Typically I ignore these invites unless I know the person. But I’ve never received invites to connect from a chair of board of directors of a bank. Till yesterday. So I’ve accepted the invite.
Then I’ve received an LinkedIn email from this woman stating that she had a business proposition for me, and if I was interested, she was ready to explain. She also provided her email that ended in outlook.com. I checked her LinkedIn profile again. Looked legit. She even had a Twitter account with recent tweets in two languages.
I responded that I was ready to hear about this business proposition. Next day I’ve received a long email from her explaining how she had a private client named Lewis Fain who initially deposited €19M in their bank and she helped him to grow the wealth to €22M, but unfortunately he died in a car crash. She’s ready to wire transfer me the money, in one condition: we’d split the amount in half so she could improve the wellbeing of her family. She also asked me not to ruin her career in the bank if I was not interested.
At this point it was clear that it was a new type of a scam that involved creating fake LinkedIn accounts and impersonating themselves as someone else. Still I decided to continue my treasure hunt and responded to my fake banker asking her to send me any email from her bank email account. She responded again, stating that she understood my concern, but couldn’t use her bank email for such a delicate matter. But to establish trust, she attached a photo of her bank ID.
At this time I had enough of materials for this blog and responded wishing her good luck in finding another heir of poor Lewis Fain. Then I decided to report this scam to LinkedIn. To my surprise this banker was not in my connections list any longer. I searched by her name in LinkedIn, and found the account of that banker, the profile looked different and she didn’t have any connections.So either someone else reported this as a stolen account, or the con artists have removed it programmatically. I’ve reported this account to LinedIn anyway.So beware of LinkedIn initiated scams.
One more warning. Even if this banker would have sent me an email from the account that ended with the bank name, this would not be enough. Being a programmer, I can easily write a program that would send an email with any address in the “Reply To” field. Here’s how a fragment of the Java code to wannabe con artists:
Message emailMessage = new MimeMessage(session);
emailMessage.setFrom(new InternetAddress("MaryLou@thefakebank.com"));
emailMessage.setRecipients(Message.RecipientType.TO,
InternetAddress.parse(emailRecipient, false));
emailMessage.setSubject(emailSubject);
emailMessage.setSentDate(new Date());
emailMessage.setText(emailText);
So if you want to confirm someone’s identity, you need to send an email to the provided email address and receive a response back. Hope this helps.
yakovfain.com 
I would have rejected the offer because it is dishonest, not because the woman was not who she pretended to be.
The Java code fragment is interesting, will you include the complete example in your upcoming book?
This code was a part of the first edition of my book. I had a chapter there on sending mails from Java.
Lesson 19, page 199. I found it! I think we didn’t cover this in the online training with you, but I’ll read it this weekend. Incidentally, today, after a long while, I compiled a Java program and I felt good and clever 🙂
Yakov, it seems there is an explosion of similar scams in many places (emails, odnoklassniki, facebook, mail.ru, etc. Haven’t seen on LinkedIn yet). Usually it is by some attorney (or from plain folks from Ghana or Nigeria), offering you $10Ms for winning lottery or inheritance of some deceased guy with the same last name, but you need to give them all your info. I usually delete it without opening. Be careful!
— Being a programmer, I can easily write a program that would send an email with any address in the “Reply To” field. —
Majority of the email servers will automatically mark such e-mail as a spam (when replyTo has no connection with the actual sender’s domain)
I have another question regarding LinkedIn (in case if you know): is it true that HR people are rewarded somehow for having a large connections network on LinkedIn? Otherwise, how to explain their spam-like requests to connect?
1. I’m using SMTP server of one company specifying the other company domain in the reply-to field without any problems.
2. I don’t think HR people are rewarded. They just want to have a “rolodex” with as many people as possible. If there’s a job opening to fill they can search inside their connections.
Having now learnt how to send/receive emails, I’m wondering if and how making phone calls could be done from Java. I found something on the internet about JTAPI, but only rather old information. Do you know, Yakov, what’s going on (if anything ) with the Java Telephony API?
Look into SIP Servlets
https://blogs.oracle.com/enterprisetechtips/entry/adding_voice_to_java_ee
Thank you!
It looks difficult, but I’ll try to understand.
thats some bigtime scam