We’ve all encountered them before—the too-good-to-be-true email promising millions from a long-lost prince in exchange for a “small” fee. Advanced fee scams are as old as the internet itself, typically relying on email correspondence and official-sounding legal jargon to trick victims out of their money.
Fortra Brand Protection uncovered a new variation: an advanced fee scam built around a fake but sophisticated banking website. This scheme starts with a familiar pitch, supposedly from a lawyer in Togo, claiming inheritance funds are locked in a foreign bank. To bolster the ruse, the scammers provide a link to a fabricated bank site — complete with login credentials — and even registered a deceptive domain name to make the ploy appear legitimate.
The credential theft site was built from the ground up, even utilizing a database structure to handle user accounts.
Figure 1. MySQL database creation script for fake website.
The login page is easily mistaken for a legitimate banking login page (Figure 2). Once on the site, the user then enters the previously provided login information.
Figure 2. Fake login page allowing users to log in to transfer funds in scam.
Once logged in, victims are greeted with a seemingly impressive account balance and a prominently displayed transfer button. To reinforce the illusion of legitimacy, the fake bank portal even offers features like editing account details and uploading a profile photo.
Figure 3. Fake bank account showing available funds for transfer in advanced fee scam.
The user is asked for a required “Cost of Transfer Code" which requires several thousand dollars — a small price to pay for a soon-to-be millionaire. After agreeing to pay the fee, the curious individual, now turned victim, can proceed with the fictitious transfer.
Figure 4. Cost of transfer code ($3,200) required to “transfer" funds.
The victim is required to enter bank account details, further convincing them that funds will be transferred.
Figure 5. The fake login site requires bank account information to transfer funds.
Victims are funneled through a series of polished pages, complete with international banking details, disclaimers, and transfer progress screens. The elaborate design isn’t just for show; it’s a deliberate tactic to distract, stall, and keep victims invested before they realize the entire operation is a sham.
Figure 6. Declarations and acceptance requirements designed to deceive victims.
Not Your Typical Advanced Fee Fraud
At first glance, the site appeared to be a standard phishing page. However, deeper analysis revealed a far more elaborate setup: a counterfeit banking portal complete with fake balances, carefully engineered to facilitate advanced fee fraud.
For financial institutions, the risk goes beyond individual victims losing money. These schemes erode customer trust and damage the reputation of banks whose names are misused as bait. Raising awareness among account holders and encouraging skepticism toward unsolicited offers of large sums is critical to limiting the impact of such scams.
Additional Resources:
Phishing Isn’t new ... But it Never Stops Evolving
Learn how your organization can combat the threat of phishing through a demo with Fortra Brand Protection.
