You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by John Hardin <jh...@impsec.org> on 2012/06/22 21:13:51 UTC

419 spammers aren't morons after all

Not sure if everybody's seen this yet:

http://research.microsoft.com/pubs/167719/WhyFromNigeria.pdf

Some discussion here:

http://www.schneier.com/blog/archives/2012/06/far-fetched_sca.html


-- 
  John Hardin KA7OHZ                    http://www.impsec.org/~jhardin/
  jhardin@impsec.org    FALaholic #11174     pgpk -a jhardin@impsec.org
  key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
   Ignorance doesn't make stuff not exist.               -- Bucky Katt
-----------------------------------------------------------------------
  12 days until the 236th anniversary of the Declaration of Independence

R: 419 spammers aren't morons after all

Posted by Giampaolo Tomassoni <gi...@tomassoni.biz>.

> -----Messaggio originale-----
> Da: jdow [mailto:jdow@earthlink.net]
> Inviato: sabato 23 giugno 2012 0.15
> A: users@spamassassin.apache.org
> Cc: Kevin A. McGrail; John Hardin
> Oggetto: Re: 419 spammers aren't morons after all
> 
> They never performed the analysis we see in the Microsoft paper. They
> simply evolved into a strategy that works. They are also continually
> refining it through this evolution process.
> 
> {^_^}

I agree with you. The MS paper says how it works. It is not meant to say why
scammers got to work that way.

Giampaolo

Re: 419 spammers aren't morons after all

Posted by jdow <jd...@earthlink.net>.

On 2012/06/22 14:23, Kevin A. McGrail wrote:
> On 6/22/2012 3:13 PM, John Hardin wrote:
>>
>> Not sure if everybody's seen this yet:
>>
>> http://research.microsoft.com/pubs/167719/WhyFromNigeria.pdf
>>
>> Some discussion here:
>>
>> http://www.schneier.com/blog/archives/2012/06/far-fetched_sca.html
>>
>>
> It's certainly interesting but it's a hard document to swallow. They
> purposefully try and make their pool lower by making the scam so stupid that
> anyone who falls for it is clearly a good mark?
>
> My anecdotal research combines more with low-paid labor who simply follow what
> has worked combined with massive inequities in scales of economy that I don't
> see well reflected in this research.
>
> Regards,
> KAM

Nigerian spam is an industry in Nigeria (and other places, I presume.)
It is all little operators. These operators spit out their spams. The
ones who hit the right formula survive and teach the next generation.
The others fail. We have a genetic algorithm in action.

They never performed the analysis we see in the Microsoft paper. They
simply evolved into a strategy that works. They are also continually
refining it through this evolution process.

{^_^}

Re: 419 spammers aren't morons after all

Posted by Dave Warren <li...@hireahit.com>.

On 6/22/2012 2:23 PM, Kevin A. McGrail wrote:
> It's certainly interesting but it's a hard document to swallow. They 
> purposefully try and make their pool lower by making the scam so 
> stupid that anyone who falls for it is clearly a good mark?
>
> My anecdotal research combines more with low-paid labor who simply 
> follow what has worked combined with massive inequities in scales of 
> economy that I don't see well reflected in this research. 

There is at least some logic to the underlying concept, although I doubt 
they sat down and thought about it, I suspect that they threw 100 types 
of poop at the wall, picked the 3 that stuck best and kept flinging them.

Put another way, the ones that figure it out half way through probably 
cost the actual scammer far more than throwing out 10x-100x attempts 
targetting only the dumbest of the dumb.

-- 
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren

Re: 419 spammers aren't morons after all

Posted by "Kevin A. McGrail" <KM...@PCCC.com>.

On 6/22/2012 3:13 PM, John Hardin wrote:
>
> Not sure if everybody's seen this yet:
>
> http://research.microsoft.com/pubs/167719/WhyFromNigeria.pdf
>
> Some discussion here:
>
> http://www.schneier.com/blog/archives/2012/06/far-fetched_sca.html
>
>
It's certainly interesting but it's a hard document to swallow. They 
purposefully try and make their pool lower by making the scam so stupid 
that anyone who falls for it is clearly a good mark?

My anecdotal research combines more with low-paid labor who simply 
follow what has worked combined with massive inequities in scales of 
economy that I don't see well reflected in this research.

Regards,
KAM