why you say from nigeria

[161488303349]

is a really interesting paper about this by Cormac Herley

http://research.microsoft.com/pubs/167719/WhyFromNigeria.pdf

+

basically the paper says is about identitying and discarding false positives

the objective is to get the absolute most guillible people to self identity. reducing the number of false positives and increasing the hit rate on true positives. so reducing the scammers costs. as the biggest cost for them is not the emails. is the follow up

+

so the scammers imply in their email stuff like:

"i am a nigerian oil prince with a secret stash. as a intelligent person you are well aware there is a 99.9999% chance of me being a scammer who is going to loot you. this the reputation that has been inflicted on my country by others. but there is a .0001% chance that i am not a scammer and i can make you rich"

is quite clever how that works. the paper helps to explain why

+

is also lots of math/modelling in the paper as well. ROC curves and stuff like that

[Pussycat Catnap]

---

16 wrote:

.0001% chance that [...] i can make you rich"

---

WOOT!!!

I Play SL, I'm among the elite 0.0001%.

I r X-clue-siv.

---

16 wrote:

the objective is to get the absolute most guillible people to self identity. 

---

Oh... oops... drats...

:matte-motes-nerdy:

[161488303349]

---

Pussycat Catnap wrote:

Oh... oops... drats...

:matte-motes-nerdy:

---

jejejejeeje (:

16,000 (or about) people a day cant all be true negatives and false positives can they?

[Tiffy Vella]

"Finally, in Section 4, we offer a simple explanation for
the question posed in the title, and suggest how false
positives may be used to intentionally erode attacker
economics."

Heheh.....those scambaiters know what they're doing

 

Fascinating article, 16...thanks!

 

 

 

[Dillon Levenque]

I've been mentioning this article to people all day. I would never have thought of this but it makes perfect sense. When you've eliminated everyone in the world who has a clue, or has a friend who has a clue, or is cautious, or can use google, or reads emails from their bank, or knows what a scam is, but STILL can use the Internet—boy oh boy you've got something to work with there.

I can imagine the 'Nigerian' sender seeing replies in the Inbox, leaning back in his chair, and cracking his knuckles.

 

ETA: Oops. I meant to reply to 16 but replying to Tiffy works just as well :-)

[CCTV Giant]

 

I used to play with these guys about 10 years ago and got involved with a group of scambaiters. At first it was a ton of fun -- and then a group of us starting hacking their email addis and warning potential targets and then would ultimately synchronize a shut down of all of their email addresses and aliases. At one point, I targetted a 'family' in which I collected over 300 email addresses and correspondences, in a spread sheet, and sent it off to the FBI's 419 division in Massachusetts. I put up a website while I was doing this, with my minimal html and pshop skills however got way burnt out on doing it - I think I spent about as much time on it as I did in SL in the early days. Check out the story of Tobi -- I threw as much crap as I could at him and spent about 10 months baiting him.

May I introduce to you, my good friend Dr. Nuutz Onurchin

http://lettersfromlagos.com/default.htm

 

 

[Pussycat Catnap]

Its pretty similar to those jokes people used to email around.

They always started at a spam house - and when the joke finally cycled back, it was essentially a list of valid email addresses of people who will 'open anything'... good for spamming and hacking...

 

I predict that in a few years, I won't be getting called from a businessman in Nigeria, but an EU resident who hid all his money 'in some bank' right before the collapse and just needs my help moving it out...

- both of whom are probably sitting in a call center in Beijing...