ABSTRACT
Most of cyberscam-related studies focus on threats perpetrated against the Western society, with a particular attention to the USA and Europe. Regrettably, no research has been done on scams targeting African countries, especially Nigeria, where the notorious and (in)famous 419 advanced-fee scam, targeted towards other countries, originated. How- ever, as we know, cybercrime is a global problem affecting all parties. In this study, we investigate a form of advance fee fraud scam unique to Nigeria and targeted at Nigerians, but unknown to the Western world. For the study, we rely substantially on almost two years worth of data harvested from an on-line discussion forum used by criminals. We complement this dataset with recent data from three other active forums to consolidate and generalize the research. We apply machine learning to the data to understand the criminals' modus operandi. We show that the criminals exploit the socio-political and economic problems prevalent in the country to craft various fraud schemes to defraud vulnerable groups such as secondary school students and unemployed graduates. The result of our research can help potential victims and policy makers to develop measures to counter the activities of these criminal groups.
- L. Ablon and A. A. Libicki, M. C.and Golay. Markets for Cybercrime Tools and Stolen Data: Hacker's Bazzar. http://www.rand.org/content/dam/rand/pubs/research_reports/RR600/RR610/RAND_RR610.pdf, 2014. Accessed: 2014-07-24. Google ScholarDigital Library
- A. Adeniran. The Internet and Emergence of Yahooboys sub-Culcture in Nigeria. International Journal of Cyber Criminology, 2(2):368--381, July-December 2008.Google Scholar
- C. C. Aggarwal and C. Zhai. A Survey of Text Clustering Algorithms. https://pdfs.semanticscholar.org/88c2/5e2481ba49cbac75575485cba1759fa4ebcc.pdf, 2012. Accessed: 2016-05-03.Google Scholar
- C. Akwaja. NCC Fines MTN Nigeria N1.04trn for SIM Deactivation Default. The Leadership, 26 October 2015. http://www.leadership.ng/news/469815/ncc-fines-mtn-nigeria-n1-04trn-for-sim-deactivation-default.Google Scholar
- R. Anderson, C. Barton, R. Bohme, R. Clayton, M. Eeten, M. Levi, R. Clayton, and S. Savage. Measuring the Cost of Cybercrime. http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf, 2012. Accessed: 2012--11-05.Google Scholar
- M. Bastian, S. Heymann, and M. Jacomy. Gephi: An open source software for exploring and manipulating networks, 2009.Google Scholar
- B. E. Boser, I. M. Guyon, and V. N. Vapnik. A Training Algorithm for Optimal Margin Classiers. In Proceedings of the Fifth Annual Workshop on Computational Learning Theory 5, 1992. Google ScholarDigital Library
- J. Buchanan and A. J. Grant. Investigating and Prosecuting Nigerian Fraud. United States Attorney's Bulletin, 49(6):39--47, 2001.Google Scholar
- N. V. Chawla, K. W. Bowyer, L. O. Hall, and W. P. Kegelmeyer. Smote: Synthetic Minority Over-sampling Technique. Journal of Artificial Intelligence Research, 16:321--357, 2002. Google ScholarDigital Library
- N. Christin, S. S. Yanagihara, and K. Kamataki. Dissecting one click frauds. Carnegie Mellon University Technical Report Carnegie Mellon University-CyLab-10-011, 2010. https://www.andrew.cmu.edu/user/nicolasc/publications/TR-Carnegie Mellon University-CyLab-10-011.pdf.Google Scholar
- N. C. Commission. Sim Registration. http://www.ncc.gov.ng/index.php?option=com_content&view=article&id=122&Itemid=113, 2011. Accessed: 2013-07-24.Google Scholar
- N. C. Commission. 2013 Year End Subscriber/Network Data Report for Telecommunications Operating Companies in Nigeria. http://www.ncc.gov.ng/index.php?option=com_docman&task=doc_download&gid=563&Itemid=, 2013. Accessed: 2015-11-17.Google Scholar
- A. Costin, J. Isachenkova, M. Balduzzi, A. Francillon, and D. Balzarotti. The Role of Phone Numbers in Understanding Cyber-Crime Schemes. In Annual Conference on Privacy, Security, and Trust (PST), PST 13, July 2013. Google ScholarCross Ref
- Custominsight.com. Random Samples and Statistical Accuracy. http://www.custominsight.com/articles/random-sampling.asp, 2014. Accessed: 2014-03-03.Google Scholar
- Detica. The Cost of Cybercrime. https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/60942/THE-COST-OF-CYBER-CRIME-SUMMARY-FINAL.pdf, 2011. Accessed: 2013-03-03.Google Scholar
- M. A. Dyrud. I brought you a good news: An analysis of Nigerian 419 letters. In Proceedings of the 2005 Association for Business Communication Annual Convention, 2005.Google Scholar
- M. Ester, H.-P. Kriegel, J. Sander, and X. Xu. A Density-Based Algorithm for Discovering Clusters in Large Spatial Databases with Noise. In Proceedings of the Second International Conference on Knowledge Discovery and Data Mining, KDD-96, 1996. Google ScholarDigital Library
- M. C. for Strategic and I. Studies. Net Losses: Estimating the Cost of Cybercrime - Economic Impact of Cybercrime ii. http://www.mcafee.com/us/resources/reports/rp-economic-impact-cybercrime2.pdf, 2014. Accessed: 2014-07--23.Google Scholar
- Forbes. Africa's 50 Richest. http://www.forbes.com/profile/aliko-dangote/, 2014. Accessed: 2013-07-24.Google Scholar
- Y. Gao and G. Zhao. Knowledge-based Information Extraction: a Case Study of Recognizing Emails of Nigerian Frauds. In Natural Language Processing and Information Systems, pages 161--172. Springer, 2005. Google ScholarDigital Library
- P. Grabosky. The evolution of cybercrime, 2004-2014. RegNet Working Paper, No. 58, Regulatory Institutions Network, 2014.Google Scholar
- L. Gu. The mobile cybercriminal underground market in china. Trend Micro Research Paper - Cybercriminal Underground Economy Series, 2014. http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-mobile-cybercriminal-underground-market-in-china.pdf.Google Scholar
- J. Herhalt. Cyber crime - a growing challenge for governments. KPMG INTERNATIONAL: Issues Monitor - Government on Cyber Crime, 8, 2011.Google Scholar
- C. Herley. Why do Nigerian Scammers Say They are from Nigeria? http://research.microsoft.com/pubs/167719/whyfromnigeria.pdf, 2012. Accessed: 2014-07-24.Google Scholar
- T. Holz, M. Engelberth, and F. Freiling. Learning more about the underground economy: A case-study of keyloggers and dropzones. In 14th European Symposium on Research in Computer Security, ESORICS 2009, September 2009. Google ScholarDigital Library
- A. Huang. Similarity Measures for Text Document Clustering. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.332.4480&rep=rep1&type=pdf, 2008. Accessed: 2016-05-03.Google Scholar
- J. Huang, G. Stringhini, and P. Yong. Quit playing games with my heart; understanding online dating scams. In To be Presented In DIMVA 2015, July 2015. Google ScholarDigital Library
- J. Isacenkova, O. Thonnard, A. Costin, D. Balzarotti, and A. Francillon. Inside the Scam Jungle: A Closer Look at 419 Scam Email Operations. In Proceedings of the International Workshop on Cyber Crime (co-located with S&P), IWCC 13. IEEE, May 2013. Google ScholarDigital Library
- J. Isacenkova, O. Thonnard, A. Costin, A. Francillon, and D. Balzarotti. Inside the Scam Jungle: a Closer Look at 419 Scam Email Operations. http://jis.eurasipjournals.com/content/pdf/1687-417X-2014-4.pdf, 2014. Accessed: 2014-07-24.Google Scholar
- Z. Jianwei, T. Holz, C. Song, J. Guo, X. Han, and W. Zou. Studying malicious websites and the underground economy on the chinese web. In In Proceedings of the 7th Workshop on the Economics of Information Security (WEIS'08), WEIS'08, June 2008.Google Scholar
- Z. Jianwei, G. Liang, and D. Haixin. Investigating China's Online Underground Economy. In Conference on the Political Economy of Information Security in China, April 2012.Google Scholar
- T. Joachims. Text categorization with support vector machines: Learning with many relevant features. http://www.cs.cornell.edu/people/tj/publications/joachims_98a.pdf, 1998. Accessed: 2013-01-24.Google Scholar
- KDD. 2014 SIGKDD Test of Time Award. http://www.kdd.org/News/view/2014-sigkdd-test-of-time-award, 2014. Accessed: 2016-05-03.Google Scholar
- R. V. Krejcie and D. W. Morgan. Determining Sample Size for Research Activities. Educational and Psychological Measurement, 30:607--610, 1970. Google ScholarCross Ref
- A. A. Kumar and S. Chandrasekhar. Text Data Pre-processing and Dimensionality Reduction Techniques for Document Clustering. International Journal of Engineering Research and Technology (IJERT), 1, 2012.Google Scholar
- F. Mercês. The brazilian underground market: The market for cybercriminal wannabes' Trend Micro Research Paper - Cybercriminal Underground Economy Series, 2014. http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-brazilian-underground-market.pdf.Google Scholar
- N. B. of Statistics. 2011 Annual Socio-Economic Report. http://nigerianstat.gov.ng/pages/download/38, 2011. Accessed: 2013-07-24.Google Scholar
- F. Pan, W. Wang, A. K. H. Tung, and J. Yang. Finding Representative Set from Massive Data. In Fifth IEEE International Conference on Data Mining, ICDM'05. IEEE, November 2005. Google ScholarDigital Library
- F. Pedregosa, G. Varoquaux, A. Gramfort, V. Michel, B. Thirion, O. Grisel, M. Blondel, P. Prettenhofer, R. Weiss, V. Dubourg, J. Vanderplas, A. Passos, D. Cournapeau, M. Brucher, M. Perrot, and E. Duchesnay. Scikit-learn: Machine learning in Python. Journal of Machine Learning Research, 12:2825--2830, 2011. Google ScholarDigital Library
- N. Shah and S. Mahajan. Document Clustering: A Detailed Review. International Journal of Applied Information Systems (IJAIS), 4, 2012.Google Scholar
- A. Smith. Nigerian scam e-mails and the charms of capital. Cultural Studies, 3(2):27--47, 2009. Google ScholarCross Ref
- B. Stone-Gross, M. Cova, L. Cavallaro, B. Gilbert, M. Szydlowski, R. Kemmerer, C. Kruegel, and G. Vigna. Your botnet is my botnet: Analysis of a botnet takeover. In 16th ACM Conference on Computer and Communications Security, CCS 2009, November 2009. Google ScholarDigital Library
- O. Tade and I. Aliyu. Social Organization of Internet Fraud among University Undergraduates in Nigeria. International Journal of Cyber Criminology, 5(2):860--875, July-December 2011.Google Scholar
- C. Tive. 419 Scam: Exploits of the Nigerian Con Man. iUniverse, 2002.Google Scholar
- Y. Yang and X. Liu. A re-examination of text categorization methods. http://www2.hawaii.edu/ chin/702/sigir99.pdf, 1999. Accessed: 2013-01--24.Google Scholar
- M. Yip. An investigation into chinese cybercrime and the applicability of social network analysis. In In ACM WebSci '11, June 2011.Google Scholar
Index Terms
- Flipping 419 Cybercrime Scams: Targeting the Weak and the Vulnerable
Recommendations
Why cybercrime?
How do cybercrime markets emerge, evolve, and persist? How can cybercrime be prevented, decreased and mitigated? Extant anti-cybercrime efforts have concentrated on deterrence through criminal prosecution and technical mitigation. Deterrence-only ...
Interface Illusions: Uncovering the Rise of Visual Scams in Cryptocurrency Wallets
WWW '24: Proceedings of the ACM on Web Conference 2024Cryptocurrencies, while revolutionary, have become a magnet for malicious actors. With numerous reports underscoring cyberattacks and scams in this domain, our paper takes the lead in characterizing visual scams associated with cryptocurrency wallets---a ...
U.S. and EU Legislation on Cybercrime
EISIC '11: Proceedings of the 2011 European Intelligence and Security Informatics ConferenceThe advent of Internet technologies has created global cyber crime problems. Cyber crimes affect all of us at the time when online transactions are in billions of dollars per year and cyber criminals are costing e-commerce billions of dollars in damages ...
Comments