[cryptography] Why do scammers say they're from Nigeria?

Kyle Creyts kyle.creyts at gmail.com
Wed Jun 20 16:23:13 EDT 2012


Emphasis on _most profitable_ here. Clearly not the only one employed.
Also, this mode applies mostly to spam; there are a number of other
ways of filtering the victims who will take interest, be more
gullible, or get hooked that do not require being obviously dubious.

On Wed, Jun 20, 2012 at 1:56 PM, Tim Dierks <tim at dierks.org> wrote:
> This is an interesting paper that presumably has implications for other
> social engineering schemes beside financial
> scammers: http://research.microsoft.com/pubs/167719/WhyFromNigeria.pdf
>
> ABSTRACT
> False positives cause many promising detection technologies to be unworkable
> in practice. Attackers, we show, face this problem too. In deciding who to
> attack true positives are targets successfully attacked, while false
> positives are those that are attacked but yield nothing.
>
> This allows us to view the attacker’s problem as a binary classification. The
> most profitable strategy requires accurately distinguishing viable from
> non-viable users, and balancing the relative costs of true and
> false positives. We show that as victim density decreases the fraction of
> viable users than can be profitably attacked drops dramatically. For example,
> a 10× reduction in density can produce a 1000× reduction in the number of
> victims found. At very low victim densities the attacker faces a seemingly
> intractable Catch-22: unless he can distinguish viable from non-viable users
> with great accuracy the attacker cannot find enough victims to be profitable.
> However, only by finding large numbers of victims can he learn how to
> accurately distinguish the two.
>
> Finally, this approach suggests an answer to the question in the title.
> Far-fetched tales of West African riches strike most as comical. Our
> analysis suggests that is an advantage to the attacker, not a disadvantage.
> Since his attack has a low density of victims the Nigerian scammer has an
> over-riding need to reduce false positives. By sending an email that repels
> all but the most gullible the scammer gets the most promising marks
> to self-select, and tilts the true to false positive ratio in his favor.
>
>  - Tim
>
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>



-- 
Kyle Creyts

Information Assurance Professional
BSidesDetroit Organizer



More information about the cryptography mailing list