Nigerian Letters: Seduction of the Rich and Exporting Malicious Codes
DEVELOPMENTS
Pssst! Want to get rich quick and never worry about money again? No worries. Click reply on your email and send your personal information to the “good Samaritan” prince from West Africa, who would like to do business with you. If you are one of those credulous people among millions who receive exactly the same polite, formally written, and seductive letters, there is a new one for you. A fresh proposal — supposedly from Cote D’Ivoire President Laurent Gbagbo, who refused to leave power after he was defeated by rival Ouattara in a November 2010 election — has gone out. The staunch head of state wants the recipient to help him move his secret wealth out of the country for a lucrative cut. This one seems real, right? Wrong!
Such letters, composed and sent out by educated but unemployed youth, are known in the trade as “Nigerian Letters,” or 419s (named after the Nigerian Criminal Code for fraud). Sadly, some of these young college graduates are equipped with remarkable computer programming skills, enabling them to write codes that can manipulate personal and corporate data. A few, like the Nigerian Olaniyi Makinde, a fugitive wanted by the FBI for hacking into the payroll system of the American accounting software company Intuit, succeed in remotely amassing hundreds of thousands of dollars. Using their misdirected talents, they harvest email addresses, transfer money, or, sometimes, turn your computer into a Zombie (a virus-carrying computer that sends out spams to people on your contact list). Although their actions cannot compare to the more sophisticated hackers from Asia, Russia, and Europe, African cyber rebels pose serious cyber security threats.
The recent uprisings in Egypt have revealed in a rather dramatic manner how creative young people can bypass sophisticated Internet controls with VPN (Virtual Private Network) software, Internet Protocol shields, and other methods, by linking to services in other countries. Although not exclusively, continued widespread unemployment and lack of opportunities seem to primarily drive such adventures.
BACKGROUND
By now, you must have figured out your business partners are not princes. Also known as Advance-fee Frauds, the rosy letters or SMS’s you receive are the works of imposters not just from Nigeria, but also Ghana, Togo, Benin, Senegal, Burkina Faso, and Cote
D’Ivoire. The scams appeared as early as the 1980s, when the Nigerian economy started to slide downhill after an oil boom in the 1970s. In a country noted for its famous IT professionals, Nigerian hackers developed a conning scheme aimed at duping fortune-hunting foreigners; shortly thereafter, the technique spread out worldwide. The art started out with scam letters, fax and telex messages. The advent of the Internet and availability of email-harvesting software made it much easier for scammers to target unsuspecting victims across the globe, while skillfully hiding their identities. Before long, competitors from countries in Asia, the U.K., Australia, and even the United States, began to copycat their African ilk.
Such scams are not completely original. Similar frauds go back to an eighteenth century variety in the form of “the Letter from Jerusalem”. Another earlier fraud was the Spanish Prisoner scam, which requested the victim to bribe prison guards and share a hidden treasure that the prisoner possesses.
How does the scam work? Often, a living family member “urgently” appeals to you in his email to help him get millions of dollars, or diamonds a relative left in a certain bank, before the relative suddenly died without leaving a will. To make their stories plausible, Nigerian scammers use real addresses, phone and fax numbers; they can even go to the extent of using official government stationery for communication, if you have been lured enough and want to take the deal to the next level. They convince you to transfer part of the investment or loan (advance fees) using transaction methods that are difficult to track. The most common payment vehicles are wire transfers through Western Union and Moneygram. What make it easier for fraudsters to reap millions of unearned dollars are rampant corruption and systemic loopholes, such as failure to implement proper KYC (Know Your Customer) identification processes.
Technically, the scammers seldom use their own computers and IP addresses for communication and transaction. Plug-in memory devices such as discs, thumb or external drives make up the con artists’ tools; he then uses these devices at a cyber café, in order to send out and follow up on mass emails.
On a psychological level, there are many factors that make these claims somewhat credible. The fortunes of many African leaders, allegedly stashed away in foreign banks, provide fertile ground for greed and the remote chance of laying one’s hand on the unclaimed wealth of a dead or fugitive dictator. It is common knowledge that the likes of former Nigerian president Sani Abacha, Zaire’s Mobutu (now the Democratic Republic of Congo), Charles Taylor of Liberia, and many others had billions of dollars sitting in discrete accounts in Switzerland and elsewhere. The victims, already operating in the shadows, often do not report the crime, — either because of shame or fear — which allows scammers to continue searching for other gullible partners.
ANALYSIS
It is too early to say Africa’s cyber rebels will soon revert to sending out malicious computer codes compromising personal computers, government databases, or corporate data processing systems. The ingredients for highly sophisticated hacking that can challenge the tightest cyber security infrastructure are not completely absent, however.
Financial institutions are much more vulnerable than others, in this connection. As more and more transactions are performed electronically and money becomes increasingly another form of exchageable ‘data,’ the possibility of smart but malicious computer codes — a set of instructions that tell the computer what to do — penetrating weak systems can be alarming, especially in the continent of Africa, where many banks are just beginning to purchase core banking systems, install ATMs and issue debit cards.
Further, given the global concern that money could easy fall into the hands of organized renegades across the world, the need to find permanent solutions for root causes of scams cannot be ignored.
There are many reasons why young men and women spend long hours at Internet cafes in order to produce toxic content for the worldwide web. What make a special case for Africa, though, are grinding poverty and lack of gainful opportunities for college graduates. The problem can partially be tackled if local and international companies choose to re-channel the skills of young Africans by investing in software engineering, data processing and storage and hardware production – as they did, earlier, in Asian countries. If left to their means, one can imagine how much harm scammers can cause when Africa’s IT infrastructures improve in the immediate future.
Mohammed Hamid Mohammed is the Africa Regional Editor of Foreign Policy Digest.
