Ever received an email supposedly from a Nigerian prince informing you that you’re an heir to his family’s fortune? Chances are you’ve encountered an advance-fee scam. It is one of the oldest, most common tricks used by West African cybercriminals.
While West Africa has no underground market yet to speak of, a surge in cybercriminal activity reports in the region suggest that it is going toward that direction. The most probable reasons? Poverty and unemployment.
An Interpol survey for the joint research with Trend Micro revealed that cybercriminals steal an average US$2.7 million from businesses and an average of US$422,000 from individuals each year.
Profiling
Unlike their French counterparts who are cautious and wary of even their peers, West African cybercriminals willingly share their technical know-how and best practices. They constantly communicate with one another and even work in tight-knit groups via email and social media. There are two major types of West African cybercriminals — Yahoo boys and next-level cybercriminals.
Yahoo boys, typically 20−29 years, like to brag about their ill-gotten gains on social media, particularly on Facebook. They have been dubbed such due to their use of Yahoo! Apps in the not-so-recent past. These days, they more heavily rely on social media for both communication and their criminal operations. They have basic technical know-how and typically work as part of a group supervised by a ringleader and mastermind. Yahoo boys are likely to pull off the following scams:
Advance-fee scam: Scammer pretends to be a member of a royal family seeking help with regard to the transfer of wealth. Other variations include the scammer informing the victim that he/she has won the lottery.
Stranded-traveler scam: Scammer masquerades as a victim of a very unfortunate circumstance (an “emergency”) while traveling abroad and seeks the victim’s immediate financial assistance.
Romance scam: Scammer leverages the trust and romantic relationship he/she has built with the target users to ask for financial support.
Next-level cybercriminals, meanwhile, are the opposite. They are relatively older (30 or older) and more technically adept. They frequent and purchase their tools (keyloggers and remote access tools/Trojans [RATs]) from underground forums. They also have ties, financial accounts, and networks in the countries their targets reside in. This helps them more smoothly carry out operations.
For the full study visit https://documents.trendmicro.com/assets/wp/wp-cybercrime-in-west-africa.pdf.
