Spooky Phishing Scam Targets Traditionally-Published Writers

This content has been archived. It may no longer be accurate or relevant.

From Writer Beware:

The New York Times has published the story of a strange international phishing scam: unknown actors targeting traditionally-published writers, posing as their agents or editors to obtain copies of their unpublished manuscripts.

Earlier this month, the book industry website Publishers Marketplace announced that Little, Brown would be publishing “Re-Entry,” a novel by James Hannaham about a transgender woman paroled from a men’s prison. The book would be edited by Ben George.

Two days later, Mr. Hannaham got an email from Mr. George, asking him to send the latest draft of his manuscript. The email came to an address on Mr. Hannaham’s website that he rarely uses, so he opened up his usual account, attached the document, typed in Mr. George’s email address and a little note, and hit send.

“Then Ben called me,” Mr. Hannaham said, “to say, ‘That wasn’t me.’”

Mr. Hannaham was just one of countless targets in a mysterious international phishing scam that has been tricking writers, editors, agents and anyone in their orbit into sharing unpublished book manuscripts. It isn’t clear who the thief or thieves are, or even how they might profit from the scheme. High-profile authors like Margaret Atwood and Ian McEwan have been targeted, along with celebrities like Ethan Hawke. But short story collections and works by little-known debut writers have been attacked as well, even though they would have no obvious value on the black market.

The phisher, or phishers, employ clever tactics like transposing letters in official-looking email addresses (like “penguinrandornhouse.com” instead of “penguinrandomhouse.com”) and masking the addresses so they only show when the recipient hits “Reply”. They know how publishing works and appear to have access to inside information, utilizing not just public sources like acquisition announcements in trade publications, but details that are harder to uncover: writers’ email addresses, their relationships with agents and editors, delivery and deadline dates, even details of the manuscripts themselves. 
And they are ramping up their operations. According to the Times, the scam began appearing “at least” three years ago, but in the past year “the volume of these emails has exploded in the United States.”
So what’s the endgame? Publishing people are stumped. Manuscripts by high-profile authors have been targeted, but also less obviously commercial works: debut novels by unknowns, short story collections, experimental fiction. The manuscripts don’t wind up on the black market, as far as anyone can tell, and don’t seem to be published online. There have been no ransom demands or other attempts at monetization. 

One of the leading theories in the publishing world, which is rife with speculation over the thefts, is that they are the work of someone in the literary scouting community. Scouts arrange for the sale of book rights to international publishers as well as to film and television producers, and what their clients pay for is early access to information — so an unedited manuscript, for example, would have value to them.

I heard about the scam a couple of months ago, from an author who was targeted after their forthcoming book was announced on Publishers Marketplace. What they reported to me tracks with the information above, including the credible approach by the writer’s own editor or agent (complete with authentic-looking email signature), a credible excuse for why they wanted the writer to send the manuscript again, and the altered sending address. The writer did send the ms., and didn’t discover until they talked to their agent that they’d been tricked.

Link to the rest at Writer Beware