Michael Kahn

Business Solutions Group has been serving the Mt. Prospect area since 2009, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Yeah, There’s a Reason Some Scams are So Obvious

Yeah, There’s a Reason Some Scams are So Obvious

We’ve all seen them: the scam emails that are so obviously a scam, you have no idea why a scammer or a cybercriminal would even bother sending them. It just so happens that there is a very good reason that criminals continue to use these transparent attacks, as they have done for centuries.

Advance-Fee Fraud and Its Origins

Believe it or not, those emails have their roots in the 18th and 19th centuries, where scammers wrote letters to their targets begging for some small financial assistance in exchange for a significant reward. Rather than a Nigerian prince seeking escape from political turmoil, one such attempt featured a wealthy Spanish prisoner that needed to be smuggled out of Spain and required some investment to bribe the guards. These scams continued over the years, appearing in French investigator Vidocq’s memoirs and reports of other transnational scams exist from 1922.

Today, these advance-fee scams are most recognizable in the form of the Nigerian Prince scam, as referenced above… and thanks to the Internet, they are far more prevalent, as there aren’t even postal costs to prevent scammers from using them on a widespread basis.

Why These Scams are Notoriously Obvious

One would think that, as a scam that has become the go-to example of a scam, cybercriminals would have abandoned it long ago—or at least worked to make them more convincing. So, why are these scams still around, and still so transparent?

In 2012, a researcher for Microsoft named Cormac Herley asked the same question and conducted a project to find the answer. His conclusion was brilliantly simple: these scams allowed hackers to weed through potential victims to find the ones most susceptible to their efforts.

Cyberattacks aren’t free for cybercriminals to carry out. So, just as anyone who invests in something would want, they want to see the greatest return for that investment. In a cybercriminal’s terms, this translates to the highest number of successfully scammed people who comply with their demands. Just like in any business, a cybercriminal will want to minimize the number of false positives (in this case, targets that never send over any money). Looking at it from an economic perspective, the higher the number of false positives the cybercriminal invests in, the lower the net payout for them.

After compiling statistics and going through the numbers, it became apparent to Herley that cybercriminals use the now-infamous word “Nigeria” in their scams to eliminate these false positives more effectively. Essentially, by using that word early on in their interaction with a potential victim, cybercriminals were able to shrink their target pool to only the most gullible or naïve people they had found.

By cutting out the false positives early in the game, scammers could minimize their investment without sacrificing any payoff. All the grammatical errors, misspelled words, and far-fetched tales just serve to eliminate the people who ultimately wouldn’t be fooled anyway. For more detail, you can find documentation of Herley’s process here.

How to Keep Your Business Safe

Of course, not all scams operate this way, so it is still important for you and your team to know what to keep an eye out for. The Federal Bureau of Investigation provides the following list of rules to follow to avoid scams:

  •  If something sounds too good to be true, it is safe to assume it is.
  • If you receive correspondence from someone asking for money or information, go through the proper steps to confirm the message’s legitimacy through other means, like a phone call.
  • Have a professional go over any agreement you’re about to enter so that you can fully understand what it says.

At Business Solutions Group, we agree, and would like to add that it is also crucial that your team is able to recognize phishing messages like these and knows how to handle them.

To learn more ways to help ensure your business’ cybersecurity, make sure that you subscribe to our blog, and don’t hesitate to call us directly. We’re more than happy to help you figure out how to improve your cybersecurity. Call 866.546.1004 to get started.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 12 July 2020
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Newsletter Sign Up

  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      QR-Code dieser Seite

      Recent Comments

      Tip of the Week: Improving Your Organization Throughout the New Year
      25 June 2020
      Today, I was just browsing along and came upon your blog. Just wanted to say good blog and this arti...
      A Brief Introduction (No, Really) to Virtual Private Networking
      24 June 2020
      I don’t think that these reviews are authentic. https://fr.altounlockpdf.com/reviews can you check t...
      A Brief Introduction (No, Really) to Virtual Private Networking
      19 June 2020
      Uttar Pradesh Devi Ahilyabai Yojana Chief Minister Yogi said that ‘the government is working in ever...
      BYOD Is a Must for Today’s Businesses
      08 June 2020
      Thanks for an interesting blog. What else may I get that sort of info written in such a perfect appr...
      Protect Your Privacy on Facebook, Part 3
      07 June 2020
      TBSE HS 11th Model Question Paper 2021 Tripura XIIth Suggested Question Paper Download Tripura Bluep...

      Upcoming Events

      No events