A 419 scam via snail mail

One of the researchers in SophosLabs waltzed up to my desk the other day and said:

"Would you like to see the latest 419 scam?"

“Sure!” I replied, and out of his back pocket he plucked an envelope and a neatly printed letter.

419 scam via snail mail

Sign up to our free newsletter.
Security news, advice, and tips.

Yep, it’s a 419 scam via snail mail – sent via the postal service to land on your doormat rather than emailed into your inbox.

The gentleman who contacted my colleague calls himself Tim Wu, and claims to be a private investment manager based in Hong Kong.

It seems that a former client of his (who had the first name “Anderson” and came to a sticky end in a hiking accident in mainland China) didn’t leave a will, and because there is no next of kin some of his $21 million fortune could be coming to my colleague here at Sophos instead!

Snail mailSpeaking as someone who is still waiting for the three million euros that Bill Gates awarded me earlier this year, I have to admit to some skepticism.

Tim Wu is offering to split the money 50:50 with my colleague – claiming “this practice is not unusual in the banking sector here in my Country China”.

He continues:

"The other option is that the funds will revert back to the state, where it may be shared by State officials for their personal use and enrichment, I worked for that money and telling you the fact Anderson still owes me my percentage for service and naturally I deserve to have that money but cannot do it alone so me need your help."

Scams being sent out via the regular post are nothing new, of course, but they have perhaps been overshadowed by the avalanche of nuisance emails many of us receive in our email inboxes each day.

Maybe we should be encouraged that scammers are using the postal service (and presumably costing themselves some cash in the process) rather than using the more cost-effective method of spamming out the scams?

Could it be that some scammers are turning to fraud via the postal service because users have learnt to treat unsolicited emails with greater suspicion?


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.