This one's been linked to a few times before but it's not really compelling enough to beat the alternate hypothesis: slavish copying from people who are lazy, greedy and not particularly inventive, and also usually ultimately need a reason for their mark to specify Nigeria as the destination country for their money transfer.
Same goes for the Nigerian scammers who go off piste by pretending to be a little old Scottish lady with an expensive item to sell via PayPal but ruin their probably much higher hit rate by using their obviously Nigerian male personal email address for correspondence and not writing English in the manner of a little old Scottish lady. Being able to scam people by actually acknowledging their Nigerian origin is as much down to lacking the ability to pretend to be non-Nigerian as selecting for a more gullible audience (It's not like sending initial carbon-copy responses asking for deposits/money-transfer fees or bribes is especially time consuming, or like there isn't a huge number of somewhat-less-naive people willing and able to send a competent scammer a "deposit" for an imaginary good or service if they have access to accounts on reputable online payment systems)
There's a danger in attributing to counter-intuitive interpetation of statistics what can adequately be explained by ignorance and impotence.
This came up via the HN story on "$80k/month App Store Scam"[0].
If the person is intelligent enough to get past the App store approval process and everything that's required to build and publish an app, it counters the slavish-copying hypothesis. Instead,
1. It acts as a sieve that filters in gullible persons. Someone like yourself wouldn't give it a second thought and move on. The $99/week subscription is only seen once the gullible person has downloaded the app and passed the gullibility-filter.
Interestingly HN's own terse commenting interface, lack of humour and strict voting policies serve to filter in only on-topic discussions and ends up setting a very different tone from say, r/programming. The sieve effect is very noticeable in the tone, the crowd and the commentary itself between the two communities.
2. Letting only gullible people in is not enough. This strategy also keeps the smart/adversarial users far at bay. If an intelligible user were to somehow get in the door, that wouldn't bode well for the $99/week subscription scam -- things would escalate. It would jeopardise the entire scam and that's just what happened with the medium.com post. The guy notices the $99/week subscription within the app requiring only a fingerprint scan to activate. His blog post will get the app shut down. It will provoke QA improvements within Apple and it will rally the community at large to highlight further problematic apps.
I think a lot about the inverse Hanlon's razor, which is "if you want to do something malicious, make sure you can get away with attributing it to stupidity".
Or if your most stupid con act works on a particular set of people, you have struck gold. This is very deliberate on their part. They are not looking for someone possessing any iota of critical thinking skills (the IRS scammers in contrast look for the most easily "scared" demoraphic). They are phishing a different kind of fish.
This is conversation reuse. A particular point or observation occurs so frequently that it is documented and described in a common place, and then invoked when needed.
To expand on paulddraper's argument, I felt reusing that conversation spares you and I from my non native english while making my point clearer than I could by myself.
I would however be happy to expand on my view if you have more relevant remarks than a meta argument on the form of my response.
In a narrower sense, you're choosing between interpreting a phenomenon (obvious red flags in scams such as Nigerian emails) as being either calculated malice, or malicious in intent but bumbling in implementation. Hanlon's razor still seems to apply.
As another commenter noted, I believe the more appropriate razor is Occam's, since this is not a question of malicious vs. non-malicious, but a question of the complexity of the malicious methods used by the attacker, but we can agree to disagree.
When I was in college, there was this guy named Arman, that, at parties or bars and etc. would simply walk up to girls and would, after perhaps a moment of small talk, ask them straight away if they would like to sleep with him. I thought that was crazy but his explanation was that although true, it did not often work, but when it did, you had a sure thing. I think the Nigerian scam is based on the same principle Arman was using.
Yes if success is finding a girl who is willing to sleep with a stranger immediately then this would probably be the fastest way to find one. Not so good for finding a future companion/potential wife. So the suggestion is Nigerian scammers are using the same technique to identify the most gullible person as fast as possible? Putting even a small amount of extra effort is not worth because if the target is not immediately gullible they may uncover the rouse later anyway. May be, but I don't feel like wanting to give them that much credit but they are the scammers so may be they're really doing this.
So, the next time you read such an email and think "Only a total moron would fall for that" bear in mind that the total morons are the target audience here :) Unfortunately, the world seems to have an endless supply of them.
From the linked article: "The goal of the email is not so much
to attract viable users as to repel the non-viable ones,
who greatly outnumber them."
My one useful insight in life is realizing that this is how street catcallers work as well. By crudely whistling and making loud vulgar remarks, they efficiently weed out all but the most self-disrespecting and compliant of potential partners, with little effort.
It's also the reason why a certain species of scam email almost always has typos. Absurdly incompetent spelling and grammar instantly weeds out the non-idiots, leaving only the easy marks.
True, yet they also do it because they believe women like it. They can't see the woman's perspective, and because they would love to be catcalled by a woman they think the woman feels the same way about being catcalled.
Advance fee fraud scams originated in Lagos in the mid eighties with Lebanese immigrants who fled to Nigeria as a result of the civil war in their country.(Obviously they did not use email )
In the nineties, young males entrepreneurial and unemployed, seized upon the opportunities offered by globalization and entered the game. It was fairly high level stuff, with the targets being mostly rich corporations, governments and high networth individuals. A slew of iconic cult figures emerged due to their successes - Ade Bendel, Eze Ego, and Fred Ajudua (the last's claim to fame was successfully duping Ghadaffi of millions of dollars under the guise of seeking support for a military coup in Nigeria to oust the sitting Head of State Ibrahim Babangida).
The internet made things easier and 'democratized' the industry putting it within reach of anyone with a laptop and cell phone.
To address the point raised by the title of the article.
Not all Nigerian scams originate from Nigeria. While advance fee fraud, love scams and such are indeed a cottage industry in the country, many "Nigerian" scams originate elsewhere: Ghana, Liberia, Cote D'Ivore, South Africa, Dubai, USA, Malaysia, Japan, Italy, Spain, Russia and the UK -where scam artists of Nigerian origin may or may not be involved.
The steady barrage of Nigerian e-mail scams alongside those originating elsewhere effectively blinds many people to the possibility of being fleeced by a non Nigerian operator.
Second, internet scam artists from countries other than Nigeria are unwilling to expose their nationalities and claim to be Nigerians when apprehended. This is perhaps due to shame at being caught or perhaps the legal consequences are graver in their countries of origin.
Third "Yahoo boys" (as they are known locally), exploit the ignorance of their targets who most of the time believe that Nigeria is a land of unbelievable wealth with gold mines and oil wells just sitting pretty and waiting to be bought, or looted dollars ripe and ready to be wired. It is more difficult to make a target believe that he/she will score a hundred million dollars from a dodgy deal that originates from say, Togo or Liberia which are perceived as less wealthy nations.
One more thing, the spelling errors in email scams are (to the best of my knowledge) genuine , and not some sophisticated attempt to weed out less gullible recipients.
"Nigerian" scammers tend to strike a raw nerve in the West -nobody particularly likes the idea of pensioners being defrauded of their money; but credit card fraud, sophisticated phising software written by Brazilian and East European programmers and botnets from Russia make far more money for their criminal operators than any Nigerian ever could using crude email attacks.
In sum I am not sure this problem has a technological solution as Microsoft believes. As long as there are lonely people looking for love or businesses willing to take blind risks and the means of communication that link them to fraudsters, the phenomenon will exist
(Apologies for the many edits. Typing from a cell phone)
I am a Nigerian, and I am an studying to take up a career in tech (focusing on software engineering, but I have interests in data science, and education). I see these stories of Nigerian scam artists presented in a stereotypical way that tends to casts a whole nation in that image, and it saddens me.
In 2016, and through the first quarter of 2017, at the peak of the ponzi schemes frenzy that caught Nigeria (did you hear of MMM and the likes?), some friends asked me to create a similar platform for peer-to-peer donations for them. They wanted a matrix scheme with themselves at the top; they'd later take the site down suddenly after making much money; whoever came in last or invested much would be wrecked.
I refused taking the job, and some other developer friends declined similar requests. I know some that took such jobs. So there are the dishonest ones, and there are the genuine ones.
While there are scammers raising the country's flag everywhere, I am certain many are not Nigerians.
As Chimamanda Adichie said, the problem with stereotypes is not that they are false, but that they are only half the truth.
When I was a college student in the US, a classmate of mine wanted my help automating an online poker site. Slightly more "victimless," but not necessarily any more ethical.
On flip side programmers hired from Nigeria via upwork are pretty damn good once committed, excellent grasp of English and timezone compatible with UK. I say committed because despite initial warm reception on next job they dropped off face of earth with no further communication.
Interestingly, the stereotype, has caused a large dent in the country's reputation (Paypal won't allow Nigerians to recieve funds) and there's a percievable reduction in the number of scammers from Nigeria. I believe many scams that claim to be Nigerian now are only taking advantage of the stereotype.
This stereotype has also made getting jobs considerably harder for sincere freelancers like me. And if I happen to find a client, I treat them like gold; I always work beyond expectation in an attempt to prove I'm not a stereotype.
It's frustrating though.
I have had a few customers from Nigeria and I also worked for 6 years with a Nigerian programmer, who was my sub-contractor on dozens of usually smaller projects. It all worked out perfectly fine. Nobody ever complained. It was great business. Not everybody in Nigeria is into these scamzillas. ;-)
Same goes for the Nigerian scammers who go off piste by pretending to be a little old Scottish lady with an expensive item to sell via PayPal but ruin their probably much higher hit rate by using their obviously Nigerian male personal email address for correspondence and not writing English in the manner of a little old Scottish lady. Being able to scam people by actually acknowledging their Nigerian origin is as much down to lacking the ability to pretend to be non-Nigerian as selecting for a more gullible audience (It's not like sending initial carbon-copy responses asking for deposits/money-transfer fees or bribes is especially time consuming, or like there isn't a huge number of somewhat-less-naive people willing and able to send a competent scammer a "deposit" for an imaginary good or service if they have access to accounts on reputable online payment systems)
There's a danger in attributing to counter-intuitive interpetation of statistics what can adequately be explained by ignorance and impotence.