Unmasking the Nigerian Email Scammers

A SCARS Insight

Nigerian Email ScamsScams A Scam is a confidence trick - a crime -  is an attempt to defraud a person or group after first gaining their trust through deception. Scams or confidence tricks exploit victims using their credulity, naïveté, compassion, vanity, irresponsibility, or greed and exploiting that. Researchers have defined confidence tricks as "a distinctive species of fraudulent conduct ... intending to further voluntary exchanges that are not mutually beneficial", as they "benefit con operators ('con men' - criminals) at the expense of their victims (the 'marks')". A scam is a crime even if no money was lost.

BY BOWEN XIAO, Epoch Times
October 17, 2018 Updated: October 17, 2018

The following was excerpted to assure its continued availability. Source

Stolen Profits From BUSINESS EMAIL COMPROMISE (BEC) Schemes, Including The Infamous “Nigerian” Email Scams, Have Grown Exponentially Across The Globe Over The Past Decade.

From January 2015 to February 2017, identified losses from such scams had increased 1,300 percent, totaling over $3 billion globally. By May 2018, the losses had grown to $12.5 billion, according to the FBIFBI FBI - Federal Bureau of Investigation The Federal Bureau of Investigation (FBI) is the domestic intelligence and security service of the United States and its principal federal law enforcement agency. Operating under the jurisdiction of the United States Department of Justice, the FBI is also a member of the U.S. Intelligence Community and reports to both the Attorney General and the Director of National Intelligence. A leading U.S. counter-terrorism, counterintelligence, and criminal investigative organization, the FBI has jurisdiction over violations of more than 200 categories of federal crimes, including financial fraud.’s IC3 (Internet Crime Complaint Center).

Losses Increased 1,300 Percent

BEC scams, also known as “cyber-enabled financial fraudFraud In law, fraud is intentional deception to secure unfair or unlawful gain (money or other assets), or to deprive a victim of a legal right. Fraud can violate civil law (e.g., a fraud victim may sue the fraud perpetrator to avoid the fraud or recover monetary compensation) or criminal law (e.g., a fraud perpetrator may be prosecuted and imprisoned by governmental authorities), or it may cause no loss of money, property, or legal right but still be an element of another civil or criminal wrong. The purpose of fraud may be monetary gain or other benefits, for example by obtaining a passport, travel document, or driver's license, or mortgage fraud, where the perpetrator may attempt to qualify for a mortgage by way of false statements. A fraud can also be a hoax, which is a distinct concept that involves deliberate deception without the intention of gain or of materially damaging or depriving a victim.,” use deceptive emails that employ phishing and social media fraud tactics to target victims. Common conventional methods include spoofed emails and malwareMalware Short for "malicious software," this term means computer viruses and other types of programs that cybercriminals use to disrupt or access your computer, typically with the aim of gathering sensitive files and accounts.; tracked real estate and romance. Victims are often persuaded to make wire transfers to bank accounts controlled by perpetrators.

These schemes have been reported in all 50 states in America and across 150 countries worldwide.

“I know you have banking trojans and different kinds of ransomwareRansomware Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies that are used for the ransoms, making tracing and prosecuting the perpetrators difficult. Ransomware attacks are typically carried out using a Trojan virus disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. However, one high-profile example, the WannaCry worm, traveled automatically between computers without user interaction., but when you go and look at the numbers, BEC and related fraud is the number one financial threat to the industry,” Ronnie Tokazowski, a senior malware analyst at Flashpoint and founder of the BEC List, told The Epoch Times.

“Just looking at the money that’s lost, it’s not a linear graph. It kind of starts peaking up. More and more people are getting into this game because they are able to see profits.”

The BEC List is a sequestered industry group with 530 members including Fortune 500 companies, law enforcement, researchers, and internet companies who have been privately collaborating against Nigerian email schemes for the past three years—and it recently went public. The group has contributed to over a hundred fraud-related arrests worldwide.

Prominent destinations of laundered funds include “Asian banks located in China and Hong Kong” according to the FBI. Recently, financial institutions in the United Kingdom, Mexico, and Turkey have also been identified by the FBI as primary locations, based on financial data.

Foreign criminals perpetrate many of the BEC scams, some individuals are members of transnational criminalCriminal A criminal is any person who through a decision or act engages in a crime. This can be complicated, as many people break laws unknowingly, however, in our context, it is a person who makes a decision to engage in unlawful acts or to place themselves with others who do this. A criminal always has the ability to decide not to break the law, or if they initially engage in crime to stop doing it, but instead continues. organizations that originated in Nigeria but have since spread globally.

Nigerian Culture

Tokazowski said that many of the common BEC tactics come from Nigeria. Probably the most widely known involves a foreign perpetrator who states that his money is tied up temporarily and offers his victim a large sum of money if they pay the “taxes.” Many of these scams try to appeal to the victim’s emotions.

According to Tokazowski, the culture in Nigeria plays a significant role in encouraging BEC schemes. He said Nigeria has infamously become a “hotbed” for it.

“With Nigeria, one of the bigger culture shifts is really the level of corruption—the kind of culture that in some places, this is acceptable and this type of fraud is acceptable. You also have cases where previous BEC actors who go under the handle the ‘Yahoo Boys’ were very highly praised.”

The Yahoo Boys, young Nigerian men, employed a range of internet fraud tactics to get rich and often flaunted their lavish spoils, promoting a desirable way of life for the con-artists.

The schemes also infiltrated Nigeria’s music industry.

“A lot of these Nigerian rappers they’ll go and start singing, they’ll make rap songs singing praises of their operations and how they were able to wire money off and things like that,” Tokazowski said. “It’s this culture that developed to a kind of legitimize the business of stealing money from different clients.”

Tokazowski referenced one rap video titled “I Go Chop Your Dollar” as an example. The lyrics referenced wire fraud profusely and the rapper was eventually arrested several years later.

The song includes lyrics such as: “I be the master. I go take your money and disappear, you are the loser and I am the winner. The contract na you I go give em. But you go pay me more money, make I bring em.”

Operation Wire Wire

Several members from Tokazowski’s BEC group were also involved with an FBI operation dubbed “Wire Wire” that aimed to disrupt BEC schemes and culminated in the arrest of 74 people in the United States and overseas. In Nigeria, 29 perpetrators were arrested, according to the Justice Department.

The operation seized nearly $2.4 million and recovered approximately $14 million in fraudulent wire transfers.

Tokazowski also described the BEC schemes from Nigeria as not too technically complex when compared to other countries.

“From a technical perspective, I would consider it lower level … it’s usually more simple with how they do it,” he said. “If Nigeria were to become a nation-state threat, I would say that they are probably a couple of years away from that.”

He also noted that Nigerian scammers are evolving and what they do still affects people today.

“Just with the way that they are operating its a very difficult crime to look at and solve,” he said. “There’s no malware associated with it. With a lot of fraud going on with this stuff, you have human lives that are affected.”

Scammers also are constantly trying to figure out new and creative ways to steal money.

Tokazowski said of the emerging tactics he has seen recently involved the use of gift cards to get personal information, often through the use of a romantic phishing account.

“A lot of the actors are learning, it’s starting to become a problem,” he added.

The foregoing was excerpted to assure its continued availability. Source: https://www.theepochtimes.com/unmasking-the-nigerian-email-scammers_2692031.html – Third-party copyrights acknowledged