West African criminals are moving on from Nigerian Prince scams to duping your business

Emails about princes to personal emails have made way for fake supply chain invoices to your CFO

Variants of the Nigerian Prince/419 scam have existed for over 100 years. During the 18th Century there was the “Spanish Prisoner”, where a previously unknown relative was trapped in Spain, but promised a “sizable reward” to anyone who paid for their release. Obviously, no such relative existed and no reward ever came.

Fast forward to the 1990s and the advent of the internet age, and we see this morph into a common scam perpetuated by cybercriminals based in Western Africa. Promises of Nigerian Princes or long-lost family with millions of dollars trapped in accounts have been filling our inboxes for nearly three decades now. But they work: the 419 scam—named after the fraud designation in the Nigerian criminal code—and similar such scams are estimated to have cost people billions of dollars over the years.

419 in 2017: the same but different

While many of us have moved on from those days—it’s rare that anyone who saw the rise of the web or any of today’s ‘digital natives’ would fall for such a trick—there’s still no shortage of attempts. Why are they still trying?

“There are new people coming online on a daily basis,” says David Sancho, senior threat researcher at Trend Micro. “Those guys are having the same shock that we did when we first saw these kinds of scams, and some of them might be susceptible.”

Sancho, along with Interpol, published a paper researching the habits of West African cybercriminals. The report, “Cybercrime in West Africa”, points to a new guard of upstarts moving away from simple emails to more personal platforms, while the experienced veterans from the scam’s early online days are moving on to better and more lucrative targets.

To continue reading this article register now

The 7 best password managers for business