A new paper out of Microsoft Research yesterday goes into why 419s are written using poor English – it is used by the scammers as a screening tool.

Tech It Up news reports on it here:

Have you ever wired money to an overseas bank account simply because you received an email asking you to do so? Probably not, but there are plenty of people who have done just that, and they have paid the price with ruined credit histories and even identity theft. A Microsoft researcher named Cormac Herley did a bit of homework on this scam (PDF here) — typically referred to as a "Nigerian" or "419" scam — and found why the attack still works after all these years.

We've all seen the emails littering our spam folders: Written in broken English, the attacker claims to be a member of a Nigerian royal family wanting to move a large quantity of money to the United States. The sender offers a large chunk of this cash to the recipient in exchange for some assistance. Usually the scam involves sending some "good faith" money to an overseas account in order to get the process started — a request that only the most naive web user would agree to.

This is where all but the most gullible individuals detect that something is up and promptly cut off all communication with the scammer, but the blatant obviousness of the situation is exactly what the perpetrator wants to convey. The thieves have kept the same "Nigerian prince" story for so long that the only people who actually take the time to respond are also the ones that are the most likely to hand over huge amounts of money to someone they've never met.

Herley's research shows that spam emails claiming to be from a country other than Nigeria are actually more work for the scammers. In situations like this, the sender often has to spend time coaxing individuals who may eventually realize they're being taken advantage of. Those who respond to emails from the Nigerian prince are often gullible enough to hand over their money with much less effort.

The scammers have gone from targeting everyone with an email account, to only focusing on the very narrow portion of the population that is somehow oblivious to this type of attack. It seems that by never changing the tactic, the scam is now more efficient than ever before.

The key takeaway from this study is that the 419 spam emails you see — and probably laugh at — are still costing innocent internet users loads of cash. Make sure your friends and family understand that these emails are a fraud, regardless of what country the scammer claims to be from. You may save yourself or someone you know a lot of heartache.

This sounds like a hiding-in-plain-sight theory.  It’s so obvious that if you fall for it, you’re really going to fall for it.  Thus, bad spelling and grammar, and the theory that you might get rich, is used by the spammers to weed out the people who will clearly recognize it and go to the people who won’t.

And if you don’t recognize it, chances are good (better) that you might take action.  It’s a little bit like a hypnotist getting a bunch of people up on stage and then only using the people who respond positively to his initial suggestions.

One of the interesting parts of the paper is the answer to the following: Why do the scammers so frequently choose Nigeria as the country of origin? After all, all scams take place from Nigeria.  Why not Turkey? Or Poland? Nigeria is so obvious after all these years.

The answer is because Nigeria is so obvious, that’s why scammers choose it.  If you search for Nigeria on Google, “Nigeria scams” is one of the top 5 searches:

image

What scammers are doing is weeding out potential victims. They are trying to disqualify as many people as possible and if someone does a  Google search on Nigeria, they’ll probably discover that what they see in their inbox is a scam.  Those who don’t recognize it as a scam and don’t do the research are more likely to fall for it – they aren’t familiar with the spam and they haven’t taken the time to do a basic background check.

By making it so easy to figure out they’re being scammed, spammers are cutting through the fluff.

An interesting paper. You’ll want to read the whole thing… well, I guess you’ll want to skim the whole thing, that’s what I did.