HackDig : Dig high-quality web security articles for hackers

Beyond the Nigerian Prince: Modern 419 Scams

2014-08-15 01:13


Once upon a time, there was a Nigerian Prince who reached out across the Atlantic Ocean to his most trusted advisors in the United States. It seems his money was locked away beyond his reach, and if only a helpful American could help him by moving his money to their account, he would grant them riches beyond their dreams. Sadly, countless people have fallen for email scams similar to this every day. These so-called “419 attacks”—named for a Nigerian criminal code article regarding fraud—are growing in number, and fake emails are becoming increasingly resilient to standard spam filters.

But why do these scams still proposer if this scam is so well known and there are much more advanced hacking tools available to fairly unskilled attackers? Economics, of course: 419 Scams offer a low barrier to entry, require little investment and are still successful. All scammers need to get started is an Internet connection and the ability to manipulate people using social engineering. When compared with other attacks, which can require a powerful PC, purchasing or leasing hacking tools, and more technical understanding, 419 scams are a quick and easy start-up. They also still make a lot of money: According to Dutch investigation firm Ultrascan, Internet users have been defrauded out of over $80 Billion dollars to date, including $10.9 billion in 2012 and $12.7 billion in 2013.


More recently, scammers have even sent emails claiming to be from The Red Cross and requesting donations in the aftermath of huge natural disasters. These scammers play on the seriousness and urgency of situation, as well as victims’ human compassion, to cynically divert donations from the needy.

Many recognize these scams for what they are, but 419 scammers are increasingly clever and manipulative, constantly devising new scams and weaving current events into their scams. They are devising new ways to be more efficient in their attacks by using self-selection to more quickly find the most gullible among us.  In Steven D. Levitt and Stephen J. Dubner’s "Think like a Freak", the authors claim 419 scammers are much smarter than their typo-ridden emails imply. According to them the typos act as a false-positive filter, weeding out anyone just smart enough not to fall for the scam, leaving only the most gullible as respondents.

The Ecosystem

419 scammers commonly refer to victims or marks as a “mugu”, a Nigerian word for “big fool” popularized by the YouTube song “I Go Chop Your Dollar”.  The song’s lyrics include “you be the mugu/I be the master” and “419 is just a game”. Scammers themselves are sometimes referred to as “YahooBoys”, due to their heavy use of web-based email services such as Yahoo.

Also helping these scammers is the general public’s unwillingness to report it out of embarrassment, meaning that many cases go undetected. Some scammers have also switched tactics to scam only nominal amounts from victims, but to scam a larger amount of victims. The rationalization of this is that most people won’t report a loss of only a few dollars, allowing them to scam mugus for years.

Fighting Back

Websites such as 419Hell.com have become known for wasting the time and money of scammers in the name of justice, but the truth is the simplest way to eliminate 419 scammers is to delete their emails or block them from your network using products such as Symantec Messaging Gateway or Symantec Email Security.cloud. It’s not as exciting as playing along, but it is much simpler. By allowing spam filters to do their job and not opening or responding to emails promising something for nothing, you are denying scammers the attention they crave. You also take one potential mugu out of the scammer’s game.

Source: smacs-914-nredom-ecnirp-nairegin-dnoyeb/sgolb/tcennoc/moc.cetnamys.www

“Beyond the Nigerian Prince: Modern 419 Scams”0 Comments

Submit A Comment



Blog :

Verification Code:


Tag Cloud