How to spot fake emails like "Asian Continental Lottery"

What kind of scam is "Asian Continental Lottery"?

Upon reviewing the email, it has come to our attention that it originates from a fraudulent individual (or individuals) seeking to deceive recipients into believing they have been awarded a substantial amount of money. The ultimate objective is to obtain sensitive information and (or) solicit funds. It is strongly advised to disregard and promptly delete such emails.

More about the "Asian Continental Lottery" scam email

The email claims to be from the Asian Continental Lottery Commission, congratulating the recipient on winning a cash prize of $1,000,000. It states that the selection was made through a random email selection system, and the recipient's email was chosen from a database of over 250,000 addresses. The email provides a ticket number and the lucky numbers that allegedly won the lottery.

In order to claim the prize, the recipient is instructed to contact a fiduciary agent named Mr. Hassan Bayu, who is supposedly assigned to assist with the winning claim. The email includes Mr. Bayu's contact details and requests the recipient to provide personal information such as name, address, nationality, copy of an international passport, occupation, sex, phone/fax, and present country.

The email warns that if the claims agent is not contacted within five working days, the winnings may be revoked. It also emphasizes the importance of keeping the winning details private to avoid fraudulent claims. The email is signed by Mr. Niran Moor, identified as the lottery coordinator.

Overall, the email is an attempt to deceive recipients into believing they have won a large sum of money and to provide personal information that could be used for fraudulent purposes. Also, scammers behind this email may ask recipients to pay some advance fee or similar "taxes".

Threat Summary:

Name	Asian Continental Lottery Email Scam
Threat Type	Phishing, Scam, Social Engineering, Fraud
Fake Claim	The recipient has won $1,000,000
Disguise	Letter from Mr. Niran Moor, a lottery coordinator
Symptoms	Unauthorized online purchases, changed online account passwords, identity theft, illegal access of the computer.
Distribution methods	Deceptive emails, rogue online pop-up ads, search engine poisoning techniques, misspelled domains.
Damage	Loss of sensitive private information, monetary loss, identity theft.
Malware Removal (Windows)	To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner. ▼ Download Combo Cleaner To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Similar scam emails in general

Lottery scam emails typically share common characteristics that help identify them. They often begin with congratulations on winning a prize, claim the selection was based on random or computerized processes, and request personal information from the recipient. These emails create a sense of urgency, urging quick action to claim the prize while emphasizing the need for confidentiality.

It is important to be cautious and skeptical of such emails, as legitimate lotteries do not require upfront fees or personal information in this manner. A couple examples of similar scams are "Boxes Of Money Email Scam", "Proposal Letter Email Scam", and "Help With A Family Visa Email Scam". It is also important to mention that emails can be used to deliver malware.

How do spam campaigns infect computers?

Users can infect computers via email when they interact with harmful files or links embedded in the messages they receive. These emails may contain various types of files, such as archives, executables, documents, JavaScript files, or ISO files, which appear legitimate or enticing to the recipient.

When users execute, run, or open these files, the malware hidden within them gets activated, infecting computers. For example, some malware may be concealed within seemingly innocent Microsoft Office documents that request permission to execute harmful macro commands upon opening.

How to avoid installation of malware?

To maintain a secure system, always keep your operating system and programs up to date with the latest versions and security patches. Exercise caution when opening email attachments or links, especially if they come from unfamiliar or suspicious sources. Install trustworthy antivirus software and update it regularly to safeguard your device.

Additionally, refrain from downloading software from untrustworthy sources, and be cautious when dealing with pop-ups or advertisements on dubious websites. If you've already opened malicious attachments, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate infiltrated malware.

Text presented in the "Asian Continental Lottery" email letter:

Subject: Re: Congratulations...You have won USD$1,000.000.00

ASIAN CONTINENTAL LOTTERY COMMISSION
BOARD OF ASIAN LOTTERY COMMISSION
HEAD OFFICE: Jl. GAJAH MADA NO.111, RT.1/RW.1, KRUKUT,
KEC. TAMAN SARI, KOTA JAKARTA BARAT, INDONESIA PHONE:+628-453-793-8645
Congratulations.
We wish to congratulate and inform you on the selection of the (ASIAN CONTINENTAL LOTTERY COMMISSION AWARD) of cash prize USD$1,000,000.00 (Dollars) held on the 24TH June 2023 in Indonesia.The selection process was carried out through random selection in Our computerized email selection system (ESS) from a database of over 250,000 email addresses all over the the Asia and the whole World Entirely drawn from which your email were selected. And Your e-mail address attached to ticket number: 56475600545 188 with Serial number 5368/02 drew the lucky numbers: 05, 06, 17, 20, 28, 42 (Bonus 33),which subsequently won you the lottery in the 1st category i.e match 5 plus bonus.
Below is your complete winning information for your own perusal:
Ref: ACLC/9420X2/68
Batch: 074/05/ZY369
Ticket number:56475600545 188
Lucky Numbers: 05,06,17,20,28,42(Bonus33)
Therefore you have been approved to claim a total sum of USD$1,000.000.00,(One Million United States Dollars) credited to file KTU/ 9023118308/03.
For due processing of your winning claim, Please contact the FIDUCIARY AGENT, Mr.Hassan Bayu, who has been assigned to assist you. You are to contact him with the following details for the release of your winnings.
Agent Name: Mr.Hassan Bayu
Email: bayuhassan1@gmail.com
Phone: +628-152-785-8820
Note Please:Contact him as soon you get this notification and provide him with the following Requirements below along with your winning information:
1.Name in full---------
2.Address----------------
3.Nationality-----------------
4.Copy of your International passport-------------------
5.Occupation------
6.Sex -------------
7.Phone/Fax-----------
8.Present Country------
If you do not contact your claims agent within 5 working days of this Notification, your winnings would be revoked. Winners are advised to keep their winning details/information from the public to avoid Fraudulent claim (IMPORTANT) pending the prize claim by Winner.
*Winner under the age of 18 are automatically disqualified. *Staff of the Asian Continental Lottery are not Authorize to partake in this Lottery.
Accept my hearty congratulations once again!
Note that you are not to reply to this E-mail, please contact your claims officer directly to start the processing of your claims application form
Thank you for your understanding and cooperation.
Yours faithfully,
Mr Niran Moor
LOTTERY CORDINATOR.

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

• What is Asian Continental Lottery scam campaign?
• Types of malicious emails.
• How to spot a malicious email?
• What to do if you fell for an email scam?

Types of malicious emails:

Phishing Emails

Most commonly, cybercriminals use deceptive emails to trick Internet users into giving away their sensitive private information, for example, login information for various online services, email accounts, or online banking information.

Such attacks are called phishing. In a phishing attack, cybercriminals usually send an email message with some popular service logo (for example, Microsoft, DHL, Amazon, Netflix), create urgency (wrong shipping address, expired password, etc.), and place a link which they hope their potential victims will click on.

After clicking the link presented in such email message, victims are redirected to a fake website that looks identical or extremely similar to the original one. Victims are then asked to enter their password, credit card details, or some other information that gets stolen by cybercriminals.

Emails with Malicious Attachments

Another popular attack vector is email spam with malicious attachments that infect users' computers with malware. Malicious attachments usually carry trojans that are capable of stealing passwords, banking information, and other sensitive information.

In such attacks, cybercriminals' main goal is to trick their potential victims into opening an infected email attachment. To achieve this goal, email messages usually talk about recently received invoices, faxes, or voice messages.

If a potential victim falls for the lure and opens the attachment, their computers get infected, and cybercriminals can collect a lot of sensitive information.

While it's a more complicated method to steal personal information (spam filters and antivirus programs usually detect such attempts), if successful, cybercriminals can get a much wider array of data and can collect information for a long period of time.

Sextortion Emails

This is a type of phishing. In this case, users receive an email claiming that a cybercriminal could access the webcam of the potential victim and has a video recording of one's masturbation.

To get rid of the video, victims are asked to pay a ransom (usually using Bitcoin or another cryptocurrency). Nevertheless, all of these claims are false - users who receive such emails should ignore and delete them.

How to spot a malicious email?

While cyber criminals try to make their lure emails look trustworthy, here are some things that you should look for when trying to spot a phishing email:

• Check the sender's ("from") email address: Hover your mouse over the "from" address and check if it's legitimate. For example, if you received an email from Microsoft, be sure to check if the email address is @microsoft.com and not something suspicious like @m1crosoft.com, @microsfot.com, @account-security-noreply.com, etc.
• Check for generic greetings: If the greeting in the email is "Dear user", "Dear @youremail.com", "Dear valued customer", this should raise suspiciousness. Most commonly, companies call you by your name. Lack of this information could signal a phishing attempt.
• Check the links in the email: Hover your mouse over the link presented in the email, if the link that appears seems suspicious, don't click it. For example, if you received an email from Microsoft and the link in the email shows that it will go to firebasestorage.googleapis.com/v0... you shouldn't trust it. It's best not to click any links in the emails but to visit the company website that sent you the email in the first place.
• Don't blindly trust email attachments: Most commonly, legitimate companies will ask you to log in to their website and to view any documents there; if you received an email with an attachment, it's a good idea to scan it with an antivirus application. Infected email attachments are a common attack vector used by cybercriminals.

To minimise the risk of opening phishing and malicious emails we recommend using Combo Cleaner Antivirus for Windows. 

Example of a spam email:

What to do if you fell for an email scam?

• If you clicked on a link in a phishing email and entered your password - be sure to change your password as soon as possible. Usually, cybercriminals collect stolen credentials and then sell them to other groups that use them for malicious purposes. If you change your password in a timely manner, there's a chance that criminals won't have enough time to do any damage.
• If you entered your credit card information - contact your bank as soon as possible and explain the situation. There's a good chance that you will need to cancel your compromised credit card and get a new one.
• If you see any signs of identity theft - you should immediately contact the Federal Trade Commission. This institution will collect information about your situation and create a personal recovery plan.
• If you opened a malicious attachment - your computer is probably infected, you should scan it with a reputable antivirus application. For this purpose, we recommend using Combo Cleaner Antivirus for Windows.
• Help other Internet users - report phishing emails to Anti-Phishing Working Group, FBI’s Internet Crime Complaint Center, National Fraud Information Center and U.S. Department of Justice.

Frequently Asked Questions (FAQ)

Why did I receive this email?

Scammers send identical letters to a large number of recipients, hoping that they will deceive someone. These spam emails are not personalized and are sent in bulk to a wide audience.

I have provided my personal information when tricked by this email, what should I do?

If you have provided other personal information (such as credit card details, ID card information, etc.), notify your bank, credit card companies, or any other financial institutions involved and inform them about the situation. If you have provided any account credentials, change the passwords for your email account, as well as any other accounts that may have been compromised.

I have downloaded and opened a malicious file attached to an email, is my computer infected?

If the file you interacted with was an executable, it is highly likely that it could have caused an infection. However, if it was a document file such as PDF or DOC, there is a chance that you may have avoided the infection, as simply opening the document is not always sufficient for malware to infiltrate your system.

I have sent cryptocurrency to the address presented in such email, can I get my money back?

Due to their virtual untraceability, it is unlikely that you will be able to recover or trace such transactions.

I have read the email but did not open the attachment, is my computer infected?

No, simply opening an email poses no harm by itself. However, interacting with links within the email or opening attached files can potentially lead to system infections.

Will Combo Cleaner remove malware infections that were present in email attachment?

Combo Cleaner has the ability to identify and eliminate the majority of known malware infections. Nonetheless, it is crucial to acknowledge that advanced malware tends to hide extensively within the system. Consequently, it is imperative to perform a thorough system scan to ensure comprehensive detection and removal.

▼ Show Discussion