“Hello sir/ma’am, I am a member of royal [sic] family and I am in grave danger in my country. If you send me money to get out safely, I will share my great riches with you as reward.”
Scams like this one have become a punchline for many, which makes you wonder why they are still commonly used by cybercriminals. As it turns out, there’s a very compelling reason that they do so, one that’s been known for years.
The kind of scam that we’re referencing, officially known as advance-fee fraud, has been around for centuries. Many scams were conducted in the 18th and 19th centuries that involved letters sent to victims requesting a small amount of money, with the promise of a large reward in return. One such scam, known as the Spanish Prisoner, purported that the writer was trying to help smuggle a wealthy captive out of a prison in Spain and needed money to bribe the guards.
The famed French investigator Eugene Francois Vidocq included an account of a similar letter in his memoirs, and transnational scams have been charted from 1922.
The name “Nigerian Prince scam” comes from perhaps the most famous example, where a royal seeking to escape from some danger requests assistance in transferring their great wealth—with a significant cut going to the person who assists them, of course.
Once the Internet entered the equation, these scams became even more prevalent, as there were no longer postal costs restricting the number of messages that these scammers can send.
As we’ve established, these scams are something of a modern punchline. The premise of the scam alone has become an instant red flag for most people, which begs the question: why is it still used at all?
A few years ago, in 2012, a Microsoft researcher named Cormac Herley wanted to find out, and so he underwent a research project to dig into the tactics of the cybercriminals who launch these transparent advance-fee fraud scams. His research revealed a fascinatingly simple concept: these scams are effectively a hacker’s litmus test for promising victims.
Here’s the crux of the matter. False positives (or an incorrect assumption that something worked) influence tests and analyses of all kinds. For an attacker, they are anyone who is targeted but doesn’t ultimately take the bait. As cyberattacks require some investment from the perpetrator, the greater the number of false positives they target, the less worth their time a scam will be.
Through many complicated mathematical formulas and the analysis of assorted cybercrime statistics, Herley found that by mentioning “Nigeria” in the very beginning of a scam, it was possible for cybercriminals to only attract the most gullible people from the very beginning. This meant that the investment that was necessary for the rest of the scam was more likely to pay off.
By optimizing their target pool through outlandish stories and obvious spelling and grammar errors, scammers are simply taking the most economical option.
You can see Herley’s research article here for the full equations and details.
However, this doesn’t mean that all scams are so obvious, so it is important that you and your team are aware of what to keep an eye out for. The Federal Bureau of Investigation has a few suggestions to help you and your users keep an eye out for advance-fee scams that Horne & Benik can get behind:
As for your business, your team needs to be able to spot the warning signs that a message isn’t all that it says to be. This kind of activity is now known as phishing and comes in many forms.
To learn more about phishing and other threats (and how to keep them from becoming a problem for your business), subscribe to our blog! Of course, we’re always available at (603) 499-4400 to discuss your business’ cybersecurity needs as well. Give us a call today.
Comments