Just a come-on for people to launder money for the Russian Mafia, but I found it amusing.

Just a come-on for people to launder money for the Russian Mafia, but I found it amusing.

I originally posted this on 9/29/07, but spam really hasn’t changed that much. These scams are still very much alive. And the copy continues to be amusing, in a kind of horrific way.
—Kee Hinckley. Jul 19, 2019. La Conner, WA


Okay, actually they already have one, but it’s an expanding business, I’m sure they’ll want more.

The following message (quoted in part) showed up in my mailbox today.

Like most spam, it was unintentionally humorous in places, but overall it’s actually fairly well written--only a few language translation problems. What I found particularly amusing, however, were the meaning translations. As follows…

Original Translation
Hello, I am writing to inquire if you might be interested in part-time employment in the field of accounting/clerical services. We’d like you to handle some money for us.
Elbrus Financial, Co., a major Russian investment bank and asset management company, Organized crime syndicate.
is looking for chargeable and determined individuals I particularly like the “chargeable” part. That’s not what they meant, but it is probably accurate both financially and legally.
to fill the specialist and associate positions within the Receivables department of our Transactions/Finance group in the United States. As a specialist or associate, you will be in charge of monitoring and processing funds transfers initiated by our US clients and reporting to the Receivables department manager in Russia. People will send you money, and you’ll send it to us.
We are looking for numerate individuals I had to look that “numerate” up, but they got it right. Then again, they probably looked it up too.
who are also capable team-players, Who won’t cheat us.
preferably with some college education and/or previous accounting/clerical experience. So we can butter you up by telling you that you can have the job even though you are underqualified.
… Our mission is to provide investors with reduced emerging market risk and superior returns through broad diversification and conscious risk-taking. You’ll be taking the risks, of course.
To learn more about our company, please visit us online at www.Elbrus.com We’ve got a .com domain, so we must be real. Let’s see, they say they are based in Russia, their mail also says they have offices in Lithuania and Cyprus. The domain is registered in Israel, the domain servers are in the US, and a DNS lookup of the web site shows that it is currently (these things tend to move around every hour or so) hosted on someone’s PC via a Comcast Cable connection in Chelmsford, Massachusetts (US).
...[Extensive detail on how you'll manage incoming email and money transfers, and what cut you'll get.]...

You will never be required to cash a check, make a remittance before the funds are cleared into your account or engage in any other financially risky activity.
It should also be understood that being a foreign entity, Elbrus is not subject to the US IRS supervision. You will be the sole person liable for reporting the commissions that you receive as your personal or business income.
You just make good with the IRS and you'll be fine... (of course, we won't mention federal statutes about transferring money in and out of the country, not to mention money laundering laws).
You can apply for the position online at: http://elbrusfinancial.com/?menu=par Please note that only applicants under serious consideration will be contacted. Please use the following vacancy code: EL-SEP07. Look, we have two domains. We must be real! This one is actually registered in Russia. DNS in the US. Web site hosted on half a dozen cable modems.

Haven’t you always wanted to join the Russian Mafia? Go for it! :-)

P.S. It occurs to me that I ought to expand on this for people who don’t know what’s really going on here. It’s really quite simple. In order to run scams selling non-existent, stolen, or counterfeit goods, you need to have a U.S. address that will receive the money--otherwise it sets off everyone’s fraud alarms. So they are looking for people who will receive the money and then forward it on to them. That’s generally called Money Laundering.

There’s also an equivalent come-on for people to handle receiving goods bought with stolen credit cards. In those cases they want people who will receive packages and then forward them out of the country. That’s usually referred to as Receiving Stolen Goods.

P.P.S. There’s another scam running that this is even more likely to refer to. It relies on the fact that American banks will credit checks before they have entirely cleared. You’re sent a check and asked to deposit it. You then transfer 90% of the money offshore. A few weeks later, the check is discovered to be a forgery and you owe the entire amount to the bank. (See Spam-scam crackdown nets $2 billion in fake checks).

P.P.P.S. What with my previous posting extolling the virtues of Messagefire’s anti-spam technology, I should probably mention that this came in on my .Mac account, and thus wasn’t filtered by Messagefire. Messagefire would have rejected it with extreme prejudice:

  1. Received line is in a DNSBL list.
  2. IP address is in Russia (which I might or might not have been blocking)
  3. Direct to MX (message left their mail server directly, no initial mail application).
  4. Message passed through two countries to get to me (Russia and France)
  5. Sender domain doesn’t match the IPs (combined with #3 that gives us extra bad points)
  6. Hosts in SMTP From, From:, Return-Path and Message-ID from and message-id don’t match received headers (extra points)
  7. and so on…

All that stuff obviously wrong--but it walked right through .Mac’s content filters.