So why don’t Internet scammers try to change up their tactics? Everyone knows about the Nigerian prince. It’s tired and cliched. Why don’t more scammers try to dupe us with the fake inheritances of a Kazakh prince instead, or with Greek bonds or fancy credit default swaps or something clever like that? Something we haven’t seen before?
A fascinating new paper (pdf) from Microsoft researcher Cormac Herley actually tries to answer this question. He notes that 51 percent of all e-mail scams still originate from Nigeria, even though this is the most obvious scam known to mankind. And Corley argues (with math and graphs) that it’s not because scammers are stupid. Most of them are actually quite clever. Rather, they’re explicitly trying to weed out everyone but the most gullible respondents:
Our analysis suggests that is an advantage to the attacker, not a disadvantage. Since his attack has a low density of victims the Nigerian scammer has an over-riding need to reduce false positives. By sending an email that repels all but the most gullible the scammer gets the most promising marks to self-select, and tilts the true to false positive ratio in his favor.
Scamming people, after all, costs time and money. Herley notes that everyone who responds to a scamming ploy “requires a large amount of interaction.” The worst thing that can happen, from the scammer’s point of view, is that a savvy person starts responding and toying with the scammer. (Teddy Wayne, a writer for The Awl, recently conducted an amusing three-month Facebook correspondence with a man from Malaysia pretending to be a beautiful woman — this is a nightmare for scammers!) Better to keep the e-mails predictable and tired. That way only the most unsuspecting suckers respond.
At any rate, the scammers must be doing something right. In 2009, these “advanced-fee fraud” efforts managed to pry $9.3 billion out of unwitting victims around the world. And the business is growing at a 5 percent rate each year — especially as more people in developing countries get connected to the Internet.
(Link via The Verge.)