Brad Plumer in Wonkblog:
So why don’t Internet scammers try to change up their tactics? Everyone knows about the Nigerian prince. It’s tired and cliched. Why don’t more scammers try to dupe us with the fake inheritances of a Kazakh prince instead, or with Greek bonds or fancy credit default swaps or something clever like that? Something we haven’t seen before?
A fascinating new paper (pdf) from Microsoft researcher Cormac Herley actually tries to answer this question. He notes that 51 percent of all e-mail scams still originate from Nigeria, even though this is the most obvious scam known to mankind. And Corley argues (with math and graphs) that it’s not because scammers are stupid. Most of them are actually quite clever. Rather, they’re explicitly trying to weed out everyone but the most gullible respondents:
Our analysis suggests that is an advantage to the attacker, not a disadvantage. Since his attack has a low density of victims the Nigerian scammer has an over-riding need to reduce false positives. By sending an email that repels all but the most gullible the scammer gets the most promising marks to self-select, and tilts the true to false positive ratio in his favor.
Scamming people, after all, costs time and money. Herley notes that everyone who responds to a scamming ploy “requires a large amount of interaction.” The worst thing that can happen, from the scammer’s point of view, is that a savvy person starts responding and toying with the scammer.
More here.