Nigerian email scams: They’re actually working

Emails claiming to be from a Nigerian prince used to be the running joke of IT security. Who would actually fall for those things?

Well, it turns out West African cybercriminals have gotten a lot better over the years. And similar scams targeting businesses are making them big money. 

According to a report by Interpol, the international policing organization, and Trend Micro, many cybercriminals from West African nations (not just Nigeria) have turned to more advanced methods of fraud in order to target businesses and individuals.

The report found fraudsters stole an average of $2.7 million from businesses and $422,000 from individuals from 2013-2015.

Who are the attackers?

According to the report, these attackers are young men who are well-educated. Some engage in low-level scams for a quick buck and bragging rights. These are the so-called “Yahoo Boys,” the report says.

But of bigger concern for businesses are the next-level attackers. These are typically older fraudsters who engage in Business Email Compromise (BEC) fraud.

These attacks focus on fooling businesses or individuals therein into paying out large sums of money by posing as company officers or people who would have a legitimate request for the payments. Alternatively, they may engage in tax fraud schemes, asking for W-2s or other documents and using the information from those to steal workers’ refunds.

Location doesn’t matter

These days, cybercrime is a global industry. And it likely won’t matter whether the person who stole your money is from Europe, Asia, Africa or the good ol’ USA. You’re probably never seeing it again.

Focus less on the location of attackers and more on the types of attacks you want to prevent. Make sure users know the signs of a phishing or fraudulent email and that they report it to IT.

Oh, and if someone asks for USD$1,300 to get to America where they will pay you millions, it may be a scam. Proceed with caution.