Just to clarify that this is not a fairy tale: in Austria, companies have already gone bankrupt because the management believed they could make big money here. In the largest reported case in Austria (still in the pre-Internet era), the amount involved was ATS 44,000,000 (approx. EUR 3,200,000).
From 2006 onwards, the fraudster' scam changes in part: by now, so many unsophisticated Internet users get into their net that the main problem is now money laundering: they are now looking for people into whose account the money is deposited. They can really keep a part of it (for now), the rest they pay out via Western Union (or Bitcoins) to unknown recipients.
Since payments via Western Union (or Bitcoins) are generally untraceable, the only person who can be identified is the account holder, from whom the entire amount is usually reclaimed - in addition to the not inconsiderable penalties for money laundering and fraud.
Internet auction houses (e. g. eBay) and sales portals (e. g. willhaben.at) have been "discovered" as another "scam": the fraudsters offer to buy an item, then overpay for it, e. g. by check, have the difference (minus an apparently generous commission) paid out in cash (or via Western Union) - and a few days later the check bounces!
From about 2011, another method is on the rise: cheap properties are advertised that either do not exist or do not belong to the advertiser, but a deposit is required before the viewing - this money is then never seen again.
Since then, individual OUs have been attacked again and again, the sender addresses unfortunately no longer correspond to the above-mentioned scheme and are therefore difficult to block automatically, making it all the more important to configure the email client securely, i. e. to always display the sender's entire email address and, ideally, to trust only signed emails.
As a reaction to such attacks, a culture of its own has developed in the meantime to deceive these criminals themselves and to get them either to deposit money themselves or at least to keep them on their toes for days or weeks by email or to get them to perform senseless actions and to have themselves photographed in the process.
In various forums you can find hints on how to scam the scammers yourself or read some really funny email correspondence.
If you are interested in a scambait yourself, please notify ZID so that we do not block your account if we see that you are communicating with a scammer or phisher!
A similar scam is the fake president trick, where also via "social engineering" attempts are made to intervene in the chain of command for payouts, until 2019 with fake emails, from 2019 on even with fake phone calls and soon there will probably be live fake video calls ("real time deep fake").