A Classic Scam Slides Into Your Twitter DMs

Everyone has, at one time or another, received an unsolicited email claiming that a wealthy person has died, and that you've been chosen as the sole heir to the pile of riches they left behind.

It seems not even Twitter can escape this classic scam.

"Good morning, my name is Emmanuel Godwin," read a Twitter DM I received earlier this week. The message was sent from an account with the default Twitter egg as its avatar, and only had a couple of tweets to its name.

"No matter very important I would like to discuss with you," the message continued, "because of the confidentiality of the subject, please contact me back directly on this my private email address provided on this message here [email address]. that will allow me to explain it to you (sic)."

Although I had my doubts, I thought there was a chance it could be a tip-off to a story—I leave my Twitter DMs open for this purpose. So I emailed this "Emmanuel Godwin" pretty much straight away, just in case.

But shortly after, it became clear that Emmanuel was just covering for a scam. He explained he was "a personal attorney to my Late Client who is having the same surname with you, who died with his family without no one coming to claim his fund valued of (US$9.6M) deposited in the Bank of Lome Togo." Apparently the client, along with his family, had died in a car crash.

Naturally, I was offered a 50/50 split of the Late Client's fortune. "All I will require from you is your honest co-operation to enable us see this transaction through ASAP," Emmanuel wrote.

These scams are sometimes referred to as 419 scams after the section of the criminal code that deals with fraud in Nigeria, where many of these scams originate.

"I can't recall hearing about 419 scams over Twitter DMs," said Jérôme Segura, a senior security researcher at MalwareBytes, a company that regularly tracks online scams and malware.

Segura thinks that to tackle these annoying messages in public DMs, Twitter might have to change some of its spam monitoring practices. "I think Twitter could tackle some of the spam issues, whether it is via DMs or fake accounts, by looking into the account creation process and how to detect fraudulent sign ups," he said. "Contrary to other social networking sites, it is trivial to create a Twitter account in a few seconds with a throwaway email address and start spamming right away."

In August 2014, Twitter announced one of its anti-spam measures. The so-called "BotMaker" system led to a 40 percent decrease in tweet spam, according to the company's own figures. BotMaker tracks tweets to prevent spam from being created, reduce the amount of time spam is visible, and decrease the reaction time to new spam attacks, Twitter explains in a blog post.

Twitter did not respond to multiple requests for comment for this article.

Segura said it's up to users to play their part too. "I also think that to help improve spam filters, we as users play a big role in reporting malicious or spammy content to Twitter," he added. This can be done by clicking the "Flag this message" icon next to the message, and then marking it as spam.

When I did reply to Emmanuel, he never got back to me.