We’ve all seen them: the scam emails that are so obviously a scam, you have no idea why a scammer or a cybercriminal would even bother sending them. It just so happens that there is a very good reason that criminals continue to use these transparent attacks, as they have done for centuries.
Advance-Fee Fraud and Its Origins
Believe it or not, those emails have their roots in the 18th and 19th centuries, where scammers wrote letters to their targets begging for some small financial assistance in exchange for a significant reward. Rather than a Nigerian prince seeking escape from political turmoil, one such attempt featured a wealthy Spanish prisoner that needed to be smuggled out of Spain and required some investment to bribe the guards. These scams continued over the years, appearing in French investigator Vidocq’s memoirs and reports of other transnational scams exist from 1922.
Today, these advance-fee scams are most recognizable in the form of the Nigerian Prince scam, as referenced above… and thanks to the Internet, they are far more prevalent, as there aren’t even postal costs to prevent scammers from using them on a widespread basis.
Why These Scams are Notoriously Obvious
One would think that, as a scam that has become the go-to example of a scam, cybercriminals would have abandoned it long ago—or at least worked to make them more convincing. So, why are these scams still around, and still so transparent?
In 2012, a researcher for Microsoft named Cormac Herley asked the same question and conducted a project to find the answer. His conclusion was brilliantly simple: these scams allowed hackers to weed through potential victims to find the ones most susceptible to their efforts.
Cyberattacks aren’t free for cybercriminals to carry out. So, just as anyone who invests in something would want, they want to see the greatest return for that investment. In a cybercriminal’s terms, this translates to the highest number of successfully scammed people who comply with their demands. Just like in any business, a cybercriminal will want to minimize the number of false positives (in this case, targets that never send over any money). Looking at it from an economic perspective, the higher the number of false positives the cybercriminal invests in, the lower the net payout for them.
After compiling statistics and going through the numbers, it became apparent to Herley that cybercriminals use the now-infamous word “Nigeria” in their scams to eliminate these false positives more effectively. Essentially, by using that word early on in their interaction with a potential victim, cybercriminals were able to shrink their target pool to only the most gullible or naïve people they had found.
By cutting out the false positives early in the game, scammers could minimize their investment without sacrificing any payoff. All the grammatical errors, misspelled words, and far-fetched tales just serve to eliminate the people who ultimately wouldn’t be fooled anyway. For more detail, you can find documentation of Herley’s process here.
How to Keep Your Business Safe
Of course, not all scams operate this way, so it is still important for you and your team to know what to keep an eye out for. The Federal Bureau of Investigation provides the following list of rules to follow to avoid scams:
- If something sounds too good to be true, it is safe to assume it is.
- If you receive correspondence from someone asking for money or information, go through the proper steps to confirm the message’s legitimacy through other means, like a phone call.
- Have a professional go over any agreement you’re about to enter so that you can fully understand what it says.
At Advanced2000, we agree, and would like to add that it is also crucial that your team is able to recognize phishing messages like these and knows how to handle them.
To learn more ways to help ensure your business’ cybersecurity, make sure that you subscribe to our blog, and don’t hesitate to call us directly. We’re more than happy to help you figure out how to improve your cybersecurity. Call (703) 370-7520 to get started.