Advance free frauds (from now on AFF) are best enraptured in UK National Fraud Reporting Centre's definition, where they define them as a type of frauds, where the aim of the fraudsters is to collect the money, that victim gives voluntary, believing it is “an upfront payments for goods, services and/or financial gains that do not materialize” ( 419 – Nigerian Advanced Fee Fraud, 2012 ). Though these types of frauds have old historical roots (going back to sixteenth century) they become more widespread in 1970, when they were known as Nigerian letter frauds or 419 (as the majority of letters came from Nigeria, and the damage was so great that a number of countries press the Nigerian government to criminalizes such acts. They were criminalized under 419 Section of their criminal code – hence the name 419).
The core principle of these frauds is to persuade the victims that they will be richly awarded if they are willing to participate in the business deal/offer, which can also be a form of money laundering ( Lamberger, 2005 ) or even some other crimes. The great number of AFF forms starts out with a simple e-mail message that is massively sent. Those e-mails include numerous of proposal or deals (
Damages that are caused by these frauds are hard to assess due to the fact that no country, except Nigeria has specifically criminalized such type of frauds. In most of the cases, these acts are prosecuted under the rubric of other fraudulent acts (
We were interested to find out who is targeted, how AFF messages work and why do they work.
The databases that were used for analyses are composed from two different research pools from two different periods. One is product of Slovenian police, it was produced with intention for analyzing some trades of Nigerian letters frauds. It must be warned that this is “not” an official database but a form of additional base, which included extracts from the letters (such as name of the sender, telephone number, amounts of funds, etc.) We added to these base 11 new cases that were found and originate from that period. Second database is our database of messages that we accumulated between January 2012 and September 2012. Message content was copied to a Word file, where we strived to maintain them as formatted and designed as originally intended by senders. Sample identification reference number was added, and we marked who received it and when. If it was possible, we copied contend of the e-mail header as well. 59 new AFF e-mails were received, by either one of the authors, or our colleges. In addition, one private business entity was providing us with such e-mails (
We used SPSS for quantitative analyses and MAXQDA for qualitative analyses.
First off, we wanted to find out if time of receiving a message has any importance. We have analyzed the frequencies regarding day of the month (to see if fraudster send messages for times when pay checks' are received) and month of the year (if special periods, like winter when more people are at homes or holidays where also more people are at home and more mail is send). Regardless of period there was no specialty. In our first analysis described in our first paper, we notice that there were slightly more messages received in February and November, but we concluded that those more frequent occurrences in mentioned months have no practical significance. With some new messages composing our database similar result were found (
Despite the fact that new samples in the database were not gathered trough the whole year, we still believe that because messages are sent from list of countries and because there is only small oscillation regarding months of recipient, that time of recipient does not play an important part. Messages are being sent constantly no matter the time of the year.
We first compared newly acquired e-mails with some examples of messages, that were received by various people in 1997-2005 period. Total of 11 messages were compared. We discover that basic narratives of sampled messages did not change trough time. They still include:
We have notice that stories do reappear and so do the names, yet not often in the same combination.
There are some new narratives that are adjusted to the current world situations1. But in majority of cases we note similar finding that were also find by Schaffer (2012, p. 166) :
[…] individuals of different backgrounds claimed to have access to millions of dollars and offered to give the recipient of the letter some percentage of the wealth for helping dispose of the money in some advantageous way.
Thou we previously stated that AFF frauds are mechanized in such manner that victims give money voluntary and that is why no actual personal information is needed, we when analyzing what information is requested in messages, noticed that in messages of newer periods greater number of personal information is demanded.
As seen from
In most of the cases the messages are sent to undisclosed recipients. From 70 messages, only one in the old database was personalized (incorporated receivers first name) and only four in the new database (
In one occasion there was also included the newly acquired; “Dr” title. This indicates that e-mail addresses are striped from the most up-dated databases. We assess the messages with the combination of included name and customized content as the most dangerous and persuasive. There can be seen some instances, where the receiver of messages beside sometimes receiving typical messages occasionally receive some a little more fine-tuned messages that make an appeal to its professional occupation. In our case, there were three messages that go in line with our occupation (academic sphere). Thou there were included in the analysis only once, we have in fact received them multiple times, with only minor changes (different paper or conference). This indicates that senders had or still have access to certain database, where e-mails of researchers and academic are stored. Because one of the authors uses a Gmail account for academic purposes and does not use faculties domain (@fvv.uni-mb.si) and he have received such messages, we can exclude the idea, that customized messages are send only by suffix (.org,.edu. uni, etc.) determinant. Conference proposals are also well designed, incorporating number of details (conference programs, chairs of panes, participants CVs, etc.) and are therefore extremely hard to recognize as fake. We could say that this is a form of spoofing.
Those employed in business entity received a number of job proposal. Otherwise classic messages (lottery, un-claimed funds, etc.) are sent randomly to all possible e-mail addresses.
From the era when messages were send in a form of classical mail, address of receivers were acquired from business entities databases, that is legal...