Inside the SCAM Jungle: A Closer Look at 419 Scam Email Operations

Nigerian scam is a popular form of fraud in which the fraudster tricks the victim into paying a certain amount of money under the promise of a future, larger payoff. Using a public dataset, in this paper we study how these forms of scam campaigns are organized and evolve over time. In particular, we discuss the role of phone numbers as important identifiers to group messages together and depict the way scammers operate their campaigns. In fact, since the victim has to be able to contact the criminal, both email addresses and phone numbers need to be authentic and they are often unchanged and re-used for a long period of time. We also present in details several examples of Nigerian scam campaigns, some of which last for several years - representing them in a graphical way and discussing their characteristics.

[1]  Michalis Vazirgiannis,et al.  c ○ 2001 Kluwer Academic Publishers. Manufactured in The Netherlands. On Clustering Validation Techniques , 2022 .

[2]  G. Choquet Theory of capacities , 1954 .

[3]  Frank Stajano,et al.  Understanding scam victims , 2011, Commun. ACM.

[4]  Marc Dacier,et al.  A strategic analysis of spam botnets operations , 2011, CEAS '11.

[5]  L. Shapley A Value for n-person Games , 1988 .

[6]  Jude Oboh,et al.  Nigerian Advance Fee Fraud in Transnational Perspective , 2010 .

[7]  Michel Grabisch,et al.  K-order Additive Discrete Fuzzy Measures and Their Representation , 1997, Fuzzy Sets Syst..

[8]  Vicenç Torra,et al.  Modeling decisions - information fusion and aggregation operators , 2007 .

[9]  Gang Zhao,et al.  Knowledge-Based Information Extraction: A Case Study of Recognizing Emails of Nigerian Frauds , 2005, NLDB.

[10]  Vicenç Torra,et al.  The weighted OWA operator , 1997, Int. J. Intell. Syst..

[11]  Olivier Thonnard A multicriteria clustering approach to support attack attribution in cyberspace , 2010 .

[12]  菅野 道夫,et al.  Theory of fuzzy integrals and its applications , 1975 .

[13]  Feng Qian,et al.  Botnet spam campaigns can be long lasting: evidence, implications, and analysis , 2009, SIGMETRICS '09.

[14]  Michel Grabisch,et al.  A decade of application of the Choquet and Sugeno integrals in multi-criteria decision aid , 2010, Ann. Oper. Res..

[15]  Aurélien Francillon,et al.  The role of phone numbers in understanding cyber-crime schemes , 2013, 2013 Eleventh Annual Conference on Privacy, Security and Trust.

[16]  Lotfi A. Zadeh,et al.  A COMPUTATIONAL APPROACH TO FUZZY QUANTIFIERS IN NATURAL LANGUAGES , 1983 .

[17]  Ronald R. Yager,et al.  Quantifier guided aggregation using OWA operators , 1996, Int. J. Intell. Syst..

[18]  Grzegorz Kondrak,et al.  N-Gram Similarity and Distance , 2005, SPIRE.

[19]  Mountaz Hascoët,et al.  Cluster validity indices for graph partitioning , 2004, Proceedings. Eighth International Conference on Information Visualisation, 2004. IV 2004..

[20]  Aurélien Francillon,et al.  Inside the scam jungle: a closer look at 419 scam email operations , 2013, 2013 IEEE Security and Privacy Workshops.

[21]  Cormac Herley,et al.  Why do Nigerian Scammers Say They are From Nigeria? , 2012, WEIS.

[22]  Stefan Savage,et al.  Spamscatter: Characterizing Internet Scam Hosting Infrastructure , 2007, USENIX Security Symposium.

[23]  Leyla Bilge,et al.  Industrial Espionage and Targeted Attacks: Understanding the Characteristics of an Escalating Threat , 2012, RAID.

[24]  Angelos D. Keromytis,et al.  An Analysis of Rogue AV Campaigns , 2010, RAID.