Do you find e-mail pleas for help from the widow of Democratic Republic of the Congo strongman Mobutu Sese Seko unconvincing or downright silly? That may be the point, according to Microsoft researcher Cormac Herley.

The outlandish claims of Nigerian Letter – or “419” – scams serve a critical purpose: separating the skeptics from the suckers. That’s the conclusion of a new paper published by Microsoft Research and scheduled to be presented on June 25th at the Workshop on the Economics of Information Security (WEIS) 2012 Conference in Berlin, Germany.

The paper, “Why do Nigerian Scammers Say They are from Nigeria?” (PDF) by researcher Cormac Herley analyzes the methods that online scammers use to navigate around a common problem in any detection program: false positives.

In the context of online scams, a “false positive” is any individual who is attacked, but yields nothing to the attacker.

As the density of potential victims decreases, Herley observes, the share of them that can be profitably attacked plummets. That leaves scammers in a Catch-22: only by targeting large numbers of potential victims can scammers find enough viable targets to make a profit. But the incremental cost of running 419 scams makes it unprofitable to target a large number of potential victims. That is, unless the attackers have an easy (and cheap) way to distinguish between the suckers and the non-suckers.

And that’s where “Nigeria” comes in. Basing the attack on an absolutely absurd and unbelievable premise (i.e. far-fetched stories of West African riches) is, according to Herley, an advantage to the attacker.

“By sending an email that repels all but the most gullible the scammer gets the most promising marks to self-select, and tilts the true to false positive ratio in his favor.”

Herley is the principle researcher at Microsoft’s machine learning department. The work on Nigerian scams isn’t his first try at parsing the economics of fraud. His past research has debunked industry claims about the size of the underground economy and the utility of cybercrime surveys, among other topics. You can read more on the WEIS 2012 conference Web site here

Categories: Scams, Social Engineering

Comments (4)

  1. Anonymous

    Just wait until the kindly Mr. Umbatwu sends me my check for $50,000,000.00, you will see that they are honest and that this article is written by a bunch of haterz.

  2. Anonymous

    Nice conclusion, Cormac (“Cormac”? If I saw that name in a scamogram, I’d KNOW it was a fake).

    No-one can disprove his hypothesis about a planned dumbitdown tactic, but the proposition is just as absurd as the flim-flamming gambit he drubs. These crims aren’t masterminds. Schlock is their schtick. In fact, the first time I saw a 419er, I was reminded of those cockamamie lottery-winner ads the Readers’ Digest used to stuff into one’s front-gate mailbox, years ago, with [YOUR NAME] crookedly inserted into the text in a misfit font by an IMB mainframe line-printer. 

    “Imagine how your neighbours in [YOURTOWN] will feel when they see you driving down your [YOURTOWN] street in your new car [YOUR NAME]! “

    So, would ol’ Cormac assert that the RD had specifically targeted dumb people in its lame, junk-mail promotions?

    That’s dangerously close to treason, Cormie. Why, the Digest is admired and trusted and believed by Mr and Mrs Middle America. A US institution. It’s mentioned in the Constitution, I hear. The 419ers are observing a tradition as time-honoured as Norman Rockwell and magazine writers who use three names, and they should get Green Cards, and a Congressional Medal, and a yard of pavement outside Grauman’s Chinese. 

    Congratulations, Mr Herley! You may already be a winner.








Comments are closed.