You’ve received these e-mails. Someone (Nigerian, British, South African, Libyan) wants to wire you an absurd sum of money. The writer, who is almost illiterate, urges you to please get in touch immediately.
The security world knows this as the advanced fee fraud (AFF) e-mail scam. It goes by many names but may be most commonly known as the Nigerian or 419 scam; the number refers to an item in Nigeria’s penal code. E-mails of this type offer riches that are purportedly parked in foreign banks, if you will just help the author get that money out of his or her country. If you reply, the scammer will demand various fees; the scam ends only when you are unwilling to pay any more.
Hard though it may be to believe, as much as $10 billion is lost annually to this scam. Over the past four years, I have researched the phenomenon and uncovered six things that few people know about it.
1. The scam predates the Internet.
Although similar scams appear as early as the 16th century, the modern AFF scam has its roots in the late 1970s and early 1980s — when its perpetrators utilized physical mail. Nigerian scammers used stolen or counterfeit letterhead to target mainly American and British businesses.
2. This isn’t small-time crime. It’s big business.
The e-mails may suggest small-time scammers, but Nigeria’s Interpol believes that those who write them are more likely to be professionals working as part of an organized hierarchy, not unlike other forms of organized crime. Many scam networks are organized along ethnic or linguistic lines, especially in Nigeria. That makes it easier to coordinate efforts — and harder to operate these scams solo.
Furthermore, while the basic contours of the e-mails seldom change, evidence suggests that scammers are increasingly testing variations to identify which receive a higher response rate. For example, appeals to religion and references to recent religious conversions are often deliberately included.
3. The e-mails may be intentionally unbelievable.
These e-mails become profitable at an incredibly low response rate: Most estimates suggest that the scam needs a response rate of less than one-tenth of 1 percent to be profitable.
You have probably read the offers and wondered who could possibly fall for the stories they peddle. The scammers themselves likely know this, too. Cormac Herley of Microsoft Research suggests that these are not blanket appeals. Rather, they are attempts to quickly identify the gullible. Similarly, the poorly constructed English narrative attempts to encourage pity and a sense of adventure.
The large monetary offers are also a way to target the naïve. I collected more than a half-million AFF e-mails from www.419scam.org, a site dedicated to online-scam prevention. Through content analysis software, I found that nearly two-thirds (64.2 percent) made offers in the millions and 1.8 percent in the billions.
4. It’s not just in Nigeria.
Although the scam is primarily associated with Nigeria, perpetrators have been found throughout West Africa, Hong Kong and Western Europe. Early letters were almost exclusively in English, but increasingly scammers have been sending e-mails in Spanish, Portuguese and French, among other languages.
Nor do most of the e-mails claim to be from Nigeria. After analyzing more than a half-million of them, I found that only 12.6 percent mentioned Nigeria. Another 43.6 percent mentioned other African countries, and 36.2 percent mentioned European countries. Even if most AFF scams originate in West Africa, which is debatable, scammers appear to be diversifying their stated country of origin.
5. The scam intentionally uses trust language.
The scam e-mails commonly appeal to both trust and greed, which separates them from spam that tries to lure the unwary through a misleading Web design. The AFF email narrative, rather, works to build a sense of a mutual relationship, including references to trusting the recipient and suggesting that the sender is taking a significant risk.
In my analysis, a clear majority of e-mails (60.9 percent) included references to trust, using such words as “trust,” “trusting,” “confide.” Interestingly, the higher the monetary offer, the more trust language is used. “Trust” words were in 68.1 percent of those e-mails that mentioned thousands of dollars; trust language appeared in fully 85.3 percent of the billion-dollar offers. Meanwhile, 60.6 percent of e-mails with lower or no monetary offers did not include a single reference to trust.
6. Variation in the e-mails influences perceptions.
I designed an experimental Web survey to identify whether variations in the text of scam e-mails influenced perceptions. Within this survey, American respondents were randomly assigned one of four scam letter templates that differed in one of two ways: the monetary offer of the scammer ($3 million vs. $30 million) and the use of trust language (no references vs. eight references to trust).
Using trust language did not increase the number of respondents who said they believed the author could be trusted. However, those who received trust-laden e-mails were slightly more likely to say that they would respond to such an offer and that they saw no harm in responding to such an e-mail.
Using trust language also meant that those who read the e-mails were less likely to remember how much money was offered, as I found using statistical models. In other words, trust language seemed to distract the recipients from paying attention to the monetary offer.
Overall, scammers may be better off with generic blanket appeals without the trust language and attempting to nab only the most gullible.
How can we prevent those gullible people from sending money and bank account information to strangers? Public education does not appear to be a useful approach. Here’s what will probably be more fruitful: using content analysis software to construct better spam filters, filters that pay less attention not just to what country the e-mail came from and instead focus on the many references to trust.
Timothy S. Rich is an assistant professor of political science at Western Kentucky University.