facebook linkedin twitter

Computerware Blog

There’s a Reason Some Scams are Painfully Transparent

There’s a Reason Some Scams are Painfully Transparent

“Hello sir/ma’am, I am a member of royal [sic] family and I am in grave danger in my country. If you send me money to get out safely, I will share my great riches with you as reward.”

Scams like this one have become a punchline for many, which makes you wonder why they are still commonly used by cybercriminals. As it turns out, there’s a very compelling reason that they do so, one that’s been known for years.

Understanding Advance-Fee Fraud

The kind of scam that we’re referencing, officially known as advance-fee fraud, has been around for centuries. Many scams were conducted in the 18th and 19th centuries that involved letters sent to victims requesting a small amount of money, with the promise of a large reward in return. One such scam, known as the Spanish Prisoner, purported that the writer was trying to help smuggle a wealthy captive out of a prison in Spain and needed money to bribe the guards.

The famed French investigator Eugene Francois Vidocq included an account of a similar letter in his memoirs, and transnational scams have been charted from 1922.

The name “Nigerian Prince scam” comes from perhaps the most famous example, where a royal seeking to escape from some danger requests assistance in transferring their great wealth—with a significant cut going to the person who assists them, of course.

Once the Internet entered the equation, these scams became even more prevalent, as there were no longer postal costs restricting the number of messages that these scammers can send.

Why Are These Scams So Sloppy?

As we’ve established, these scams are something of a modern punchline. The premise of the scam alone has become an instant red flag for most people, which begs the question: why is it still used at all?

A few years ago, in 2012, a Microsoft researcher named Cormac Herley wanted to find out, and so he underwent a research project to dig into the tactics of the cybercriminals who launch these transparent advance-fee fraud scams. His research revealed a fascinatingly simple concept: these scams are effectively a hacker’s litmus test for promising victims.

Here’s the crux of the matter. False positives (or an incorrect assumption that something worked) influence tests and analyses of all kinds. For an attacker, they are anyone who is targeted but doesn’t ultimately take the bait. As cyberattacks require some investment from the perpetrator, the greater the number of false positives they target, the less worth their time a scam will be.

Through many complicated mathematical formulas and the analysis of assorted cybercrime statistics, Herley found that by mentioning “Nigeria” in the very beginning of a scam, it was possible for cybercriminals to only attract the most gullible people from the very beginning. This meant that the investment that was necessary for the rest of the scam was more likely to pay off.

By optimizing their target pool through outlandish stories and obvious spelling and grammar errors, scammers are simply taking the most economical option.

You can see Herley’s research article here for the full equations and details.

Protecting Your Business

However, this doesn’t mean that all scams are so obvious, so it is important that you and your team are aware of what to keep an eye out for. The Federal Bureau of Investigation has a few suggestions to help you and your users keep an eye out for advance-fee scams that Computerware can get behind:

  • If something sounds too good to be true, it is safe to assume it is.
  • If you receive correspondence from someone asking for money or information, go through the proper steps to confirm the message’s legitimacy through other means, like a phone call.
  • Have a professional go over any agreement you’re about to enter so that you can fully understand what it says.

As for your business, your team needs to be able to spot the warning signs that a message isn’t all that it says to be. This kind of activity is now known as phishing and comes in many forms.

To learn more about phishing and other threats (and how to keep them from becoming a problem for your business), subscribe to our blog! Of course, we’re always available at (703) 821-8200 to discuss your business’ cybersecurity needs as well. Give us a call today.

Tip of the Week: Easing the Shift Between Remote a...
What Are Your Biggest Issues, IT Challenges and Pr...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, July 10, 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cwit.com/

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Business Computing Privacy Internet Cloud Software Data Hackers Business Management Hardware Microsoft Workplace Tips Network Security Backup Managed Service Provider Hosted Solutions Business Productivity Productivity Email Malware IT Services Saving Money Efficiency Google Computer Small Business User Tips Innovation Collaboration IT Support VoIP IT Support Quick Tips Smartphones Data Backup Mobile Devices Network communications Business Continuity Microsoft Office Gadgets Social Media Cybersecurity Data Recovery Disaster Recovery Android Upgrade Communication Mobile Office Server Smartphone Virtualization Phishing Miscellaneous Mobile Device Management Ransomware Vendor Management Holiday Windows Outsourced IT Managed IT Services Windows 10 Tech Term Passwords Apps Operating System Remote Monitoring Internet of Things Mobile Device Facebook Users Unified Threat Management BDR Automation Mobile Computing Analytics Managed IT services Data Management BYOD Remote Computing Apple WiFi Windows 10 The Internet of Things Cloud Computing History Marketing Artificial Intelligence Training Browser Save Money Firewall Big data Spam Business Technology Help Desk Encryption Alert App Information Technology Health Bandwidth IT Consultant Office 365 Office Two-factor Authentication Access Control Going Green Government Windows 7 Cybercrime Managed IT Bring Your Own Device Hard Drives Antivirus Budget Maintenance Printer Gmail Content Filtering Best Practice Lithium-ion Battery Recovery Healthcare Employer-Employee Relationship Retail Hiring/Firing Wireless Technology Cost Management Outlook Managed Service Windows 8 Saving Time Search Computers VPN Virus Tech Support Information Computing IBM It Management Phone System Data Security Augmented Reality Money Blockchain Document Management Remote Work Data Loss Hacking Project Management Travel Networking Humor Education Customer Service iPhone Update SaaS Storage Website File Sharing Save Time Hard Drive Law Enforcement Downtime Customer Relationship Management Voice over Internet Protocol Mobility Current Events Patch Management Solid State Drive PowerPoint Compliance Applications Password Data storage Value Proactive IT Computer Repair Running Cable Flexibility Hacker Covid-19 Administration Data Breach Conferencing Vendor Legal Twitter Intranet Avoiding Downtime Regulations Risk Management Wireless Net Neutrality DDoS Disaster Vulnerabilities Hosted Solution Business Intelligence Excel End of Support Digital Payment Robot Securty Router Google Maps Word Comparison Tablet Social Engineering Cortana Company Culture Scam Black Market Cryptocurrency Social Networking Meetings Fax Server Laptop Private Cloud Wi-Fi Business Growth Cooperation Telephony Digital Websites Monitoring Machine Learning User Telephone Systems Virtual Desktop Paperless Office Social Software as a Service Sports Management Entertainment Uninterrupted Power Supply Telephone Teamwork Professional Services Heating/Cooling Identity Theft Vulnerability Chrome Integration Bitcoin IT service Data Protection Virtual Reality Politics Computer Accessories Automobile User Error Emails eWaste Managed Services Provider Downloads Co-managed IT Gaming Console Bluetooth Trending Chromebook Mouse Text Messaging Computing Infrastructure Hack Webcam Distribution How To How To Employee/Employer Relationship Redundancy Managed Services Lifestyle Memory Statistics Download Managed IT Service Processors Google Docs Programming Experience Network Congestion Cost USB Evernote Presentation Virtual Assistant Cleaning Monitors Inbound Marketing Microchip Taxes Processor Office Tips Distributed Denial of Service Specifications Safety Start Menu Tech Terms Streaming Media Smart Devices Mobile Technology YouTube Solutions Unified Communications Settings Multi-factor Authentication Documents Pain Points Public Cloud Licensing Google Drive Windows Server 2008 Turn Key Migration Connected Devices Banking Botnet Data Analysis Employees Video Conferencing Drones Printer Server Wireless Headphones Relocation Tablets eCommerce Network Management Sync SQL Server Communitications Trojan Equifax Fleet Tracking GDPR Managing Risk PCI DSS Spyware Mobile Payment Device Management Permissions Language Business Managemenet Device security MSP Notifications CCTV Tech PDF Hypervisor Supply Chain Management Electricity Printing Organize Content Management Upselling Desktop Finance Video Surveillance Business Metrics Computer Malfunction Fileless Malware Hybrid Cloud Internet Service Provider Nanotechnology Social Network Reliable Computing Best Available Keyboard Holidays online Currency Business Cards Service Level Agreement In Internet of Things Proxy Server Azure Domains IT Assessment Music Startup Saving ZTime Asset Tracking Modem Strategy Regulations Compliance cache Television switches Writing Electronic Medical Records Transportation Public Speaking Username Term Remote Working WannaCry Upgrades Unified Threat Management Backup and Disaster Recovery Time Management Freedom of Information LiFi LinkedIn Gamification Debate Motion Sickness Directions Display Corporate Profile Webinar Harddrive Screen Reader Customer Resource management Scalability Recording Shortcut Optimization Piracy GPS Upload Dark Web Troubleshooting Free Resource Electronic Health Records Smart Tech Messenger Tracking SSID Entrepreneur Financial Data Assessment SharePoint Health IT HIPAA Memes Tip of the week Work/Life Balance Skype External Harddrive HTML Rental Service Processing Environment Google Calendar Deep Learning Archive Fiber-Optic Database Touchscreen News Visible Light Communication Mobile Security Web Server Electronic Payment Wasting Time Managing IT Services VoIP Telephone System Cabling Logistics Competition Virtual Machines Software License 3D Trends Ebay Administrator Bookmark Business Owner Surveillance Knowledge Point of Contact Multi-Factor Security Thin CLient Books Workers Cyber security Telework Consultation IT consulting Employer/Employee Relationships IP Address IT Best Practives Smart Phones Devices Supercomputer Google Play Telephone Service Remote Workers Technology Tips Fraud Tactics Fake News Advertising Flash UTM Content Managing Costs Human Resources Virtual Private Network Audit CIO Worker Microsoft 365 Application Windows XP Microserver Recycling IT Plan Adminstration Enterprise Resource Planning Pirating Information Browsers Development Staffing Google Wallet Analytic Legislation Leadership Error Reading Samsung Medical IT Trend Micro FinTech Data Warehousing email scam Addiction G Suite User Tip Proactive Maintenance Emergency Hard Drive Disposal Society Product Reviews Accountants A.I. Employer Employee Relationship Security Cameras Threats Data Storage Access Displays Digital Signature Microsoft Excel Get More Done Hacks Physical Security Navigation Virtual Machine Procurement Computer Care Micrsooft Read Printers CrashOverride Managing Stress 3D Printing Personal Information Regulation Capital Financial Productuvuty