See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/314134114

You can trust me: a multimethod analysis of the Nigerian email scam

Article  in  Security Journal · February 2018

DOI: 10.1057/s41284-017-0095-0

CITATIONS READS

10 7,016

1 author:

Timothy Rich
Western Kentucky University
55 PUBLICATIONS   186 CITATIONS   

SEE PROFILE

All content following this page was uploaded by Timothy Rich on 08 June 2019.

The user has requested enhancement of the downloaded file.

Secur J
DOI 10.1057/s41284-017-0095-0

ORIGINAL ARTICLE

You can trust me: a multimethod analysis

of the Nigerian email scam

Timothy Rich1

 Macmillan Publishers Ltd 2017

Abstract How do scammers invoke trust within the Nigerian email scam and how
do recipients interpret such trust-laden offers? Rather than view the email content
as static, this article suggests that the emails strategically appeal to trust as a
means to enhance susceptibility. Content analysis of over a half-million scam
emails reveals that references to trust language are most common in larger award
claims and those claiming to be from Africa. However, experimental evidence
suggests that trust language within scam letters has minimal influence on
respondents’ perceptions of the letter. This analysis expands our understanding of
the psychology behind the scam letter format and suggests means to further
combat email fraud.

Keywords Nigerian email scam
Trust
Content analysis
Experimental design

Perceptions

Introduction

The advance fee fraud (AFF) is known by many names, including the Nigerian or
419 email scam (in reference to Nigeria’s penal code). The commonality among
narratives of shared inheritances or dormant accounts in foreign banks is the
scammer’s claim that various fees—described as taxes, bribes or other variations—
are necessary before a larger sum can be released to the victim. The scam ends when
the target fails to pay such fees. Most estimates suggest at best a one percent
response rate to these scam emails (e.g., Levy 2003; Longe and Osofisan 2011), yet

& Timothy Rich

timothy.rich@wku.edu
1
Political Science Department, Western Kentucky University, 1906 College Heights Blvd.,
Bowling Green, KY 42101, USA
 T. Rich

by mass mailing1 and the ‘‘inevitability of the click,’’ large numbers of recipients
respond and are later victimized (e.g., Grinker et al. 2010). Furthermore, unlike
other spam emails, the AFF scam relies less on programming skills and more on the
manual labor of a network of actors (e.g., Isacenkova et al. 2014), an aspect that
frustrates anti-spam software.
An analysis of the scam provides insight into means of improving anti-fraud
efforts. Existing research attempts to categorize types of fraud letters (e.g., Ross
2009) and identifies common themes within the texts, namely the commonality of
introductory apologies and pleas to confidentiality (e.g., Blommaert and Omoniyi
2006) and the use of authoritative language and a sense of urgency (e.g., Atkins and
Huang 2013). Yet considering that the scam requires trust-building (e.g., Mitnick
and Simon 2002; Thompson 2006), little attention has been placed on how trust
language—words chosen to convey mutual reliance—is used within the letters nor
how variations in letters are perceived by recipients. The following is an example of
trust language in a scam letter (italics added for emphasis):
Although the world is very small place and hard place to meet people because
you don’t know who to trust or believe, but as I have developed the trust in
you after my fasting and praying, i made up my mind to confide this
confidential business suggestion to you. (December 12, 2012).
Identifying how scammers employ trust language aids security efforts in several
ways. First, it allows us to identify whether trust language is used strategically as a
means to attenuate skepticism either of the supposed origin of the letter or the
amount offered. Secondly, an analysis of trust language provides insight as to
whether such efforts influence recipients’ perceptions of the letters. For example,
experts such as Terrill Caplan, chief security officer for Fraud Aid, suggest an exotic
narrative is more important than other aspects within the letters (Caplan 2013).
More broadly, an analysis of the rhetoric employed in the letters allows for
improving means to combat this fraud; whether through updated spam filters, so
letters never reach potential victims; public education efforts; or identifying clusters
of similar letters to identify and disrupt fraud networks.
Few are immune to exposure to the AFF scam2 and existing research addresses
susceptibility to internet scams more broadly (e.g., Hamburger and Ben-Artzi
2000, 2003; Milne et al. 2009), although the literature on victim characteristics
remains inconsistent. For example, the literature provides conflicting evidence on
whether younger or older people are more susceptible to scams (e.g., Titus et al.
1995; Muscat 2002), while Button et al. (2014) find in a telephone sample of
English and Welsh that fraud victims were more likely to be female and over 40, but
only 6 respondents out of 745 (0.8%) were victims of the AFF fraud. In addition,
while experience online and email usage would be expected to negatively
correspond with susceptibility (e.g., Datar et al. 2014), Downs et al. (2006) find

1
Several million email addresses can be purchased for under $500 (see Krebs 2011).
2
One of the largest Nigerian scam payouts totaled $242 million, paid out by Nelson Sakaguchi, a
director of Banco Noroeste Brazil (Haines 2004). The bank later filed for bankruptcy.
You can trust me: a multimethod analysis of the Nigerian…

that those with less experience online were more suspicious of emails that were not
personalized.
This article builds upon work on avoiding email scams through the analysis of
the text of scam letters (e.g., Gao and Zhao 2005; Barron 2006; Costin et al. 2013;
Isacenkova et al. 2014), presuming that psychological appeals play a crucial role
(e.g., Atkins and Huang 2013). First the history and basic motivations within the
Nigerian scam are presented, followed by a discussion on how to systematically
analyze these scams. Next, content analysis of computer-extracted term frequencies
from over a half-million emails uncovers trust language to be more frequently
employed in letters with larger claimed monetary offers and references to African
countries. This is followed by an experimental design embedded within a web
survey to assess how word choices influence perceptions of the letters. Regression
analysis finds that trust language had limited effect on perceptions of the letters.
Last, I suggest the implications of this analysis for understanding both the scammer
and scammed.

History and evolution of the scam

The modern AFF scam originated as a postal scam, relying heavily on stolen or
counterfeit letterhead sent to American and British businesses, with expanded
efforts during the Nigeria’s economic woes in the 1980s (see Wizard 2000). By
1997, scammers mailed over three thousand offers a week (US Department of State
1997, p. 5). While initial letters were predominantly in English, increasingly
scammers have translated letters into Spanish, Portuguese, and French among other
languages. The shift to email simply allowed for the proliferation of both scam
letters and potential targets while reducing costs.
The often poor Victorian-era English employed may evoke images of small-time
scammers at work. However, Nigeria’s Interpol suggests that scammers are more
likely to be professionals working within an organized hierarchy not unlike other
forms of organized crime, with ethnic or linguistic networks facilitating coordina-
tion. For example, ‘‘Yahoo boys,’’ usually 12–16 years old and using free email
services, comprise the bottom rung and collect email addresses and send the letters
(see Tade and Aliyu 2011). The next rung processes the replies. As one moves up
the hierarchy, the average scammer is more educated.
Estimates of the global losses since the 1990s range from $2 billion to over $12
billion a year (Legard 2003; Cheng 2010; Gregory and Nikiforova 2012), with 2013
estimates of $12.7 billion despite increasingly sophisticated anti-spam software (see
Mbaziira et al. 2015). The estimated average amount fleeced from victims ranges
widely from a few thousand to hundreds of thousands of dollars (e.g., Lazarus 2003;
Schiesel 2004; Viosca et al. 2004; Longe et al. 2009). Prosecuting also remains
difficult due to the lack of physical evidence, scammers frequently changing email
addresses, and that the fraud often requires the victim to assist in questionably legal
activities, decreasing one’s willingness to report later losses.
Although many identify the scam closely with Nigeria, just as former U.S.
Secretary of State Colin Powell referred to the country as a ‘‘a nation of scammers’’
 T. Rich

(Glickman 2005), myopically viewing the scam as Nigerian ignores the geograph-
ical variation claimed across scam letters and the dispersed scammer networks.
Such biases complicate efforts of spam filters and identifying scam networks and
risk inadvertently aiding scammers if email recipients are less critical of narratives
based elsewhere. Cukier et al. (2007) found only 36 of the 202 active scam rings
involved in advance fee frauds were based in Nigeria, with the United Kingdom
(20) and Spain (18) also having similar active networks (also see Gregory and
Nikiforova 2012). Longe and Osofisan (2011) tracked the IP addresses of 400
randomly selected spam mails collected over a two-year period, finding only 20.4%
originated in Africa, less than Europe (23.2%) and North America (28.5%), while
Park et al.’s (2014) IP tracking found only 50.3% of their sample originated from
Nigeria. Likewise, Costin et al. (2013) in their sample identified 63% of the phone
numbers associated with 419 scams to Africa, with 31% from the UK, with
Isacenkova et al. (2014) finding that 43% of phone numbers listed were UK
numbers. Admittedly IP masking and call forwarding services undermine identi-
fication, but existing evidence suggests at minimum a scam wider than Nigeria.
One broad goal unites these scammers: to convince another to part with their
money. Yet, scammers face the challenge of finding those most likely to relinquish
their money and separating them from those who will not fall prey and those who
wish to waste the scammers’ time without a payoff. With limited information about
their targets, scammers have no means to identify the distribution of susceptible
targets in any population.
Herley (2012, p. 11) contends that ‘‘since gullibility is unobservable, the best
strategy is to get those who possess this quality to self-identify’’ and thus
implausible offers, often filled with grammatical errors, provide an efficient means
to separate those potentially willing to hand over their money versus those that
never will. Implausible offers also appeal to greed, with the initial collaboration
costs minor in comparisons on the promised windfall. For example, Nhan et al.
(2009) tracked the amount offered, finding only 10.9% of their sample offering
$100,000 or less and 69.7% over $1,000,000. Choosing Nigeria or a similar locale
attempts to appeal to a sense of adventure, with narratives intended to induce
emotional rather than rational responses. However, explanations focusing on
gullibility, greed, or psychological appeals more broadly (e.g., Zuckoff 2005; King
and Thomas 2009; Atkins and Huang 2013) fail to explicitly address variation in
appeals, with a general assumption that such variation is of little importance. Nor do
such approaches explicitly analyze the use of trust language or identify how such
language is perceived by recipients.

Research design: how to analyze Nigerian scams

Analyzing Nigerian scams systematically remains a daunting task as few victims

readily admit to being scammed. In addition, the US Federal Trade Commission
collects scam emails, but does not make their collection available for research
purposes. Scholars often collect the scam letters received over in one’s university
email account (Cukier et al. 2007; Nhan et al. 2009; Onyebadi and Park 2012),
You can trust me: a multimethod analysis of the Nigerian…

although sophisticated spam filters prevent many attempts from reaching their
inbox. Others, such as Glickman (2005), document responses received from
scammers, an admittedly non-representative sample. Interviewing or surveying the
scammers also face hurdles, including researchers potentially being labeled
spammers themselves if they mass email the addresses associated with previous
scam attempts.
In contrast, I propose a mixed-method approach. First is a content analysis of
some existing scam emails. Content analysis to extract quantifiable data has a long
history (e.g., Berelson 1952), but scholars interested in identifying patterns from
large bodies of text face challenges regarding the time commitment of coding as
well as coder consistency over time and intercoder reliability (Neuendorf 2002;
Krippendorff 2004). The use of automated content analysis software overcomes
these concerns, and can systematically extract words or phrases from larges bodies
of text, uncovering patterns otherwise overlooked by the naked eye. As such, its use
has quickly expanded in the last decade across academic fields (e.g., Evans et al.
2007; Konig and Luig 2009; Rich 2014).
For automated content analysis, this paper used Wordstat software from Provalis.3
Scam emails were collected using a web crawler on the 419 scam email archives from
www.419scam.org, a site dedicated to online scam prevention which collects scam
emails and encourages recipients to submit emails received. Previous studies com-
monly rely on at best a few hundred self-collected emails. For example, Gao and Zhao
(2005) and Blommaert and Omoniyi (2006) sampled 50 and 56 emails, respectively;
Atkins and Huang (2013) collected 100 emails; and Ross (2009) collected 170
phishing emails, including AFF emails over a 12-month period (also see Longe and
Osofisan 2011). Only Isacenkova et al. (2014) used a considerable larger body of
emails (36,761), also from www.419scam.org, over a 4-year period. In contrast, my
analysis used 540,219 email letters from 2004 to 2012, saved as individual files to be
treated as the unit of analysis.4 WordStat extracted a count for each reference to the
country of origin based upon an author-created dictionary of countries, with an
additional dictionary generated for the monetary amounts. For trust language, a more
expansive dictionary for extraction was created, starting with explicit references to the
word trust and its variations (e.g., trustful, trustfully, trustiness, trusting, and trust-
worthiness) and supplemented with synonyms as suggested by the WordStat software
(e.g., confide, confidence, confiding, count upon, honest, promise, reassure, reliable,
and upright). This produced a dictionary of over a hundred trust language words (see
Appendix 1).5 The frequencies of references to the country or origin, monetary award,
and trust language provided the basis for descriptive analysis of the emails and to what
extent the use of trust language corresponded with the claimed country of origin or the
size of the monetary amount offered.
I supplemented this analysis with an experimental design embedded in a web
survey, recruiting 242 American participants from Amazon Mechanical Turk
(MTurk), a crowdsourcing website to hire people to perform tasks that computer
3
See http://provalisresearch.com/products/content-analysis-software/wordstat-features/.
4
An analysis of phrases within the body of emails was used to remove duplicate emails when identified.
5
Access to the WordStat dictionaries are available upon request.
 T. Rich

automation cannot (e.g., classifying photographs). Admittedly, an experimental

design of this sort creates an artificial environment compared to analyzing scam offers
received by email, but provides greater means to control for factors influencing
perceptions of offers. Social scientists frequently use MTurk to recruit respondents for
experimental web surveys (e.g., Huber et al. 2012; Kuziemko et al. 2015), and MTurk
samples have produced results replicating the findings of many social science lab
experiments (e.g., Berinsky et al. 2012), with similar results between online and
offline experiments (e.g., Horton et al. 2011). The sample recruited through MTurk
for this study admittedly was younger (mean age: 36), with more educated (66.13%
with an Associate’s Degree or higher), and disproportionately male (55.65%) than the
national population, yet the MTurk sample remains more diverse than most American
college samples—the norm for experimental work—or conventional internet samples
(see Buhrmester et al. 2011).6 Summary data is presented in Appendix 2.
An experimental design provides leverage in understanding how variations in
email content influences perceptions. Respondents were first asked a series of
demographic and attitudinal questions and then were randomly assigned to one of
four templates in the style of an actual Nigerian email scam letter, employing words
and phrases commonly seen in the half-million email body collected, as well as
including attempts to appear sophisticated while maintaining grammar errors (see
Blommaert and Omoniyi 2006). I manipulated two aspects of the letter: references
to trust and the amount of the offer. All four letters were 242 words long so that
perceptions are not affected by differences in text length. In terms of trust language,
the first version made no explicit references to trust, while the second made nine
explicit references (see Appendix 3). In terms of the monetary offer, the first version
offered thirty percent of a supposed ten million dollars. The second version offered
thirty percent of a hundred million dollars (thirty million dollars), offers both
consistent with AFF letters.7 For simplicity, the letters did not mention a place of
origin, while identifying the writer as female (‘‘Marie’’). After reading the template,
respondents were asked to rate various perceptions of the letter on a five-point
Likert scale, responses that were later used as dependent variables in a series of
ordinal and binary regression models. With the different letter templates as the main
independent variables, along with controls for demographic factors, regression
analysis provided a means to assess the strength of the differences in perceptions
based on what may initially appear as minor variations within the letter templates.

Empirical analysis

Table 1 displays descriptive data from the automated content analysis of the body of
emails. In terms of geographic region, 12.56% of the emails mentioned Nigeria,
contrasting with common perceptions of the scam, while other African countries are

6
For a summary of how MTurk samples compare to nationally representative surveys, see Huff and
Tingley (2015) and Shank (2016).
7
The two offers were chosen in that both were within the common range of offers within the half-million
emails collected, but large enough to potentially elicit perceptual differences.
You can trust me: a multimethod analysis of the Nigerian…

Table 1 Percentage of emails containing selected references

Regions Reward Trust

Nigeria 12.56 Thousand 29.94 Trust 60.91

Africa 43.60 Million 64.20
Europe 34.42 Billion 1.78
Asia 14.15
Americas 26.64

N = 540,219

referenced in 43.6% of emails, consistent with attempts to appeal to a sense of

adventure for a Western audience. Meanwhile, European countries are referenced in
34.4% of cases, Asian countries in 14.15% of cases, and countries in the Americas
referenced in 26.64% of cases. Next, the size of the money available as part of the
reward for cooperation is analyzed.8 Offers of millions of dollars are clearly the
norm: 64.2% of emails reference at least one million dollars (a total of 542,825
times). In contrast, rewards in the thousands appear in less than a third of cases
(29.94%), referenced 194,391 times, and offers of a billion dollars appear in on only
1.78% of emails (referenced a total of 10,843 times). In addition, a total of 825,500
references to trust were identified, with a majority of emails (60.91%) including at
least one reference, suggestive of the importance of trust within the scam narrative.
To identify further the correlates of trust within the scam emails, Table 2 presents
a cross tabulation of emails referencing trust and the amount of monetary offers in
the thousands ($1000–$9,999,999), millions ($1,000,000–$999,999,999), or billions
($1,000,000,000–$999,999,999,999). Because of the length of each email vary
widely, I employ binary measures (absence/presence) of each variable. Of particular
note, across all three monetary offers, clear majorities included trust references,
with higher offers more frequently including trust references. Since some emails
include multiple monetary references, Table 2 also includes whether any of the
three offers were mentioned. Again, the vast majority includes explicit trust
references; yet fewer than forty percent of emails with no explicit monetary
references include trust language. Table 2 also finds that clear majorities of emails
referencing Nigeria also included trust language, with a slightly higher rate among
other African countries. Meanwhile, a majority of emails that did not reference an
African country (including Nigeria) included no reference to trust. However,
additional analysis of countries mentioned suggests that the connection between
trust and African countries in the appeals is not unique. Table 2 includes rates of
trust references in letters also referencing countries in Europe, Asia, or the
Americas, with the latter two exhibiting similar patterns as those referencing
African countries.
While we see clear patterns in the scam emails, it remains unclear how such
variations are perceived by targets. Experimental analysis allows us to identify
whether different appeals generate divergent responses. In a web survey,
8
This measure admittedly does not distinguish between references to the amount the victim will
reportedly receive of the total amount of money claimed in the email.
 T. Rich

Table 2 Crosstabulations of trust references to monetary offers and locale

With trust (%) Without trust (%) N

Monetary offers
Thousand 68.14 31.86 161,723
Million 72.74 27.26 346,810
Billion 85.30 14.70 9600
Any of the three 70.53 29.47 373,375
None of the three 39.36 60.64 166,844
Locale
Nigeria 72.19 27.81 67,836
Africa 75.36 24.64 235,522
Either 74.59 25.41 283,609
Neither 45.78 54.22 256,610
Europe 67.00 33.00 185,937
Asia 76.84 23.16 76,453
Americas 74.43 25.57 143,895
Monetary and locale
References both Africa and money 77.67 22.33 226,333
References neither 27.31 72.69 109,568

Thousand: $1000–$999,999; million: $1,000,000–$999,999,999; billion: $1,000,000–$99,999,999

participants were randomly selected to one of four email prompts (see Appendix 3)
that can be summarized as follows:
Letter A: No appeals to trust/$3 million offer
Letter B: Appeals to trust/$3 million offer
Letter C: No appeals to trust/$30 million offer
Letter D: Appeals to trust/$30 million offer

After reading the email template, participants were asked the following statements
on a five-point Likert scale (strongly disagree to strongly agree):
1. The author can be trusted.
2. The author’s monetary offer is appealing.
3. I would likely respond to an email message like this one.
4. There is no harm in responding to messages like these.

Table 3 presents the breakdown by responses on each statement, broken down by

the version of the letter received. First, less than a fifth of respondents stated that the
author of the letter could be trusted, with no clear pattern based on trust language,
suggestive of the difficulties scammers face in finding victims. Secondly, a majority
of respondents across all four letters acknowledged that the offer was appealing, but
only a fraction of respondents claimed that they were likely to respond to letters like
these, with higher rates among those loaded with trust references. The divergence is
You can trust me: a multimethod analysis of the Nigerian…

Table 3 Summary statistics of evaluations based on letter template (%)

A (3 million) B (3 million/trust) C (30 million) D (30 million/trust)
N = 79 N = 63 N = 54 N = 46

Author can be trusted

1 64.56 50.79 50 60.87
2 18.99 25.4 22.22 21.74
3 6.33 6.35 9.26 8.7
4 7.59 15.87 18.52 6.52
5 2.53 1.59 0 2.17
Mean 1.65 1.92 1.96 1.67
SD 1.06 1.17 1.16 1.03
Offer is appealing
1 32.91 38.1 25.93 32.61
2 13.92 9.52 9.26 6.52
3 2.53 1.59 7.41 8.7
4 25.32 38.1 33.33 26.09
5 25.32 12.7 24.07 26.09
Mean 2.96 2.78 3.2 3.07
SD 1.66 1.58 1.57 1.65
Likely to respond
1 79.75 65.08 62.96 76.09
2 8.86 19.05 22.22 13.04
3 7.59 3.17 7.41 2.17
4 1.27 9.52 5.56 6.52
5 2.53 3.17 1.85 2.17
Mean 1.38 1.67 1.61 1.46
SD 0.88 1.12 0.98 0.98
No harm in responding
1 72.15 63.49 55.56 71.74
2 16.46 19.05 24.07 15.22
3 3.8 6.35 16.67 8.7
4 5.06 7.94 3.7 4.35
5 2.53 3.17 0 0
Mean 1.49 1.68 1.69 1.46
SD 0.97 1.1 0.89 0.84

1 = strongly disagree, 5 = strongly agree

clearest between Letters A and B, both, which offer a three million dollar award.
Furthermore, a Kruskal–Wallis rank test shows that finding the offer appealing
strongly corresponds with a likelihood to respond (v2 = 34.51, P \ 0.001). Finally,
a small minority of respondents saw no harm in responding to such offers. However,
if using Letter A as the baseline, Chi square tests find that few of the distributions
 T. Rich

reach statistical significance. In other words, trust language and monetary offers
appear to have limited influence on the appeal of the letters.
To further identify subtle differences in perceptions across letters, Tables 4 and 5
present a series of ordinal logit models on each of the four perceptions mentioned
previously on a five-point Likert Scale ranging from strongly disagree to strongly
agree. Two specifications are tested. The first just includes controls for Letters B–D
leaving Letter A as the base category. The second includes controls for gender
(female), age (continuous variable), and education (a seven-point scale from no high
school degree to professional degree or PhD), and a dummy variable for those
respondents who claimed to have never received an email similar to the one
presented.
Across the models, little variation is seen based on the type of letters. In terms of
trust, all three letters positively correspond with trust, but only Letter C, with the

Table 4 Ordinal logit models based on the perceptions of the model (can be trusted and offer appealing)
Can be trusted Can be trusted Offer appealing Offer appealing

Coef SE Coef SE Coef SE Coef SE

Letter B (3 million/trust) 0.55t 0.33 0.44 0.36 -0.28 0.31 -0.61t 0.32
t t
Letter C (30 million) 0.61 0.34 0.65 0.36 0.20 0.32 0.08 0.32
Letter D (30 million/trust) 0.12 0.37 0.29 0.39 0.07 0.34 -0.01 0.35
Female -0.17 0.27 -0.55* 0.25
Age -0.01 0.01 -0.04*** 0.01
Education -0.30** 0.10 -0.27** 0.09
Never received email 1.84*** 0.29 0.86*** 0.27
N 242 241 242 241
Pseudo R2 0.01 0.11 0.00 0.07
t
* P \ 0.05, ** P \ 0.01, *** P \ 0.001, P \ 0.10

Table 5 Ordinal logit models based on the perceptions of the model (likely to respond and no harm)
Likely to respond Likely to respond No harm No harm

Coef SE Coef SE Coef SE Coef SE

Letter B (3 million/trust) 0.73t 0.38 0.71t 0.42 0.42 0.36 0.26 0.38
Letter C (30 million) 0.76* 0.39 0.82t 0.44 0.65t 0.36 0.59 0.38
Letter D (30 million/trust) 0.21 0.44 0.43 0.49 0.01 0.41 0.09 0.43
Female 0.11 0.32 0.13 0.29
Age -0.02 0.02 -0.02 0.01
t
Education -0.26* 0.12 -0.18 0.11
Never similar email 2.38*** 0.33 1.67*** 0.30
N 242 241 242 241
Pseudo R2 0.01 0.17 0.01 0.10
t
* P \ 0.05, *** P \ 0.001, P \ 0.10
You can trust me: a multimethod analysis of the Nigerian…

Table 6 Extended ordinal logit models

Can be trusted Offer appealing Likely to respond No harm

Coef SE Coef SE Coef SE Coef SE

Letter B (3 million/trust) 0.45 0.35 -0.61t 0.32 0.73t 0.43 0.28 0.38
Letter C (30 million) 0.59 0.37 0.10 0.33 0.78t 0.44 0.52 0.39
Letter D (30 million/trust) 0.26 0.40 -0.01* 0.35 0.41 0.51 0.02 0.45
Female -0.20 0.27 -0.58** 0.25 0.11 0.33 0.09 0.30
Age -0.01 0.01 -0.04** 0.01 -0.03t 0.02 -0.03* 0.01
Education -0.34*** 0.11 -0.28** 0.10 -0.31* 0.13 -0.24* 0.11
Never similar email 1.83*** 0.30 0.87*** 0.27 2.41*** 0.35 1.65*** 0.31
People can be trusted 0.27t 0.15 -0.10 0.13 0.36t 0.19 0.37* 0.17
Seeking new experiences 0.08 0.16 0.04 0.14 -0.07 0.19 -0.01 0.17
Risk adverse -0.05 0.15 0.07 0.14 -0.25 0.19 -0.08 0.17
Lottery tickets 0.15 0.12 0.04 0.10 0.24t 0.13 0.23t 0.12
Constant
N 241 241 241 241
Pseudo R2 0.12 0.07 0.19 0.12
t
* P \ 0.05, ** P \ 0.01, *** P \ 0.001, P \ 0.10

offer of $30 million and no references of trust, reaches significance in both models
(b = 0.55 and 0.61, P = 0.075 in both models). In terms of finding the offer
appealing, Letter B negatively correlates with evaluations in the extended model
(b = -0.61, P = 0.058). In addition, Letters B–D all positively correspond with the
likelihood to respond, with Letter C again weakly significant in both the basic and
extended models (b = 0.76 and 0.82, respectively, P = 0.052 and 0.060, respec-
tively). Lastly, all three versions positively correlate with believing that responding
to such a letter as harmless, but none reach significance in the expanded model.
In terms of controls, education negatively correlates with perceptions in all four
models (b = -0.18 to 0.30, P B 0.10). Furthermore, those that stated they had
never received an email like the presented template positively associates with
perceptions (b = 0.86 to 2.38, P B 0.001), the largest coefficient of any variable in
the extended models. Overall, the results suggest that appeals to trust and the size of
the award have only minimal influence at best on public perceptions, while exposure
to such offers in the past greatly reduces one’s positive perceptions. The findings
suggest that trust-building efforts have marginal effects and while those who have
not received a similar email offer would be scammers’ ideal targets, they not only
have no means to identify this subpopulation but as internet experience increases,
this subpopulation potentially diminishes as well.
Additional models were tested for robustness (see Table 6). To assess attitudinal
positions that might influence susceptibility, Likert scale responses to the following
three questions were added to the earlier ordinal and binary logit models: ‘‘Most
people can be trusted,’’ ‘‘I seek new experiences,’’ and ‘‘I am risk averse.’’ In
addition, a measure of behavior—lottery ticket purchasing on a six-point scale
 T. Rich

(never to more than once a week)—was also tested.9 These four additions produce
results largely consistent with the original models, while the additional trust variable
positively corresponds with the dependent variable in three models: the letter can be
trusted (b = 0.27), likely to respond (b = 0.36), and no harm in responding
(b = 0.48). All three were significant at P B 0.10. Unfortunately, the survey did not
include additional means to assess susceptibility, for example measuring respondent
levels of debt or inclination to impulsivity. Nevertheless, the results suggest some
subtle differences between template versions which would not be expected based on
the conventional wisdom of the offers as boilerplate designs targeting only the most
naı̈ve.

Conclusion

This analysis identifies patterns in AFF email scam letters and the perceptions of
similar letters through an experimental web design. Admittedly, this research is
limited in that it measures only part of the variation in emails, only measures initial
contact, and relies on an artificial context. Similarly, further unpacking variations
within such email scams is still warranted. The experimental analysis did not
attempt to assess whether the supposed country of origin or gender of the author
influenced perceptions. Nor did this study directly assess references to religion in
the letters, as scammers frequently include claims of religious persecution or recent
conversion in appeals, presumably to convey sympathy and trustworthiness.
Experimental designs commonly accept lower external validity inherent in the
artificial nature of the experiment for greater control and internal validity. Although
respondent attention to the survey could be low, existing research comparing Mturk
samples to other samples suggest the former pay equal or closer attention to
counterparts (e.g., Paolacci et al. 2010). Furthermore, if respondent attention was in
fact low, there is no reason to expect this to vary across the letters, likely decreasing
the variation among the versions rather than inflating statistical and substantive
significance. Nevertheless, the analysis here remains one of the few to tie patterns
within a large dataset of AFF emails to experimental evaluations of the same basic
variations. The results also suggest that scam letters emphasizing trust do not benefit
the scammer. In other words, scammers may be more successful with generic
blanket appeals and targeting the most gullible.
A broader security question on how to undermine the effectiveness of the
Nigerian email scam remains. The findings here suggest that those who had not
previously received such email requests generally had more positive views of the
email, which suggests the continued need for public awareness campaigns.
However, a more fruitful approach may be to use computer-assisted content
analysis to identify patterns beyond the country of origin and the monetary awards
by focusing on their combination with trust rhetoric. For example, if particular
combinations of trust language and monetary offers are increasingly employed in
scam emails, this provides explicit suggestions for improving spam filters.

9
See Appendix 2 Table for summary statistics for the additional variables.
You can trust me: a multimethod analysis of the Nigerian…

Furthermore, just as research suggests that scammer networks can be identified

through the email addresses and phone numbers in offers (Costin et al. 2013;
Isacenkova et al. 2014), automated content analysis may provide similar insights.
Whereas scammers frequently change contact information, identifying similarities
in trust references, monetary offers, and other appeals within the text provides a
means to identify similarities otherwise missed through human coding, and may
help identify the geographical reach of scammer networks.

Appendix 1

See Table 7.10

Table 7 Trust words included in content analysis

Assurance Credence Hope Reassurance Trusted Trustingly
Assure Credibility Hopeful Reassure Trustee Trusts
Assured Credible Hopefully Reassuring Trusteed Trustworthily
Belief Credulous Hopefulness Reliable Trusteeing Trusthworthy
Believe Creed Hopes Reliance Trustees Trust
Believed Depend upon Hoping Rest assured Trusteeship Trustworthiness
Believing Faith Incorruptibility Right Trusteeships Truth
Bona fide Faithful Incorruptible Scrupulous Truster Truth-loving
Certain Fidelity Incorruption Secure Trusters Truthfulness
Certainty Good faith Innocent Self-Conviction Trustful Truthful
Confide Good omen Insure Sober belief Trustfully Uncorrupt
Confidence Good prospect Loyal Sober opinion Trustfulness Uncorrupted
Confident Grace Make safe Sure Trustier Unshaken belief
Confiding High-principled Make sure Take heart Trusties Unshaken opinion
Conviction Honest Principle TRUE Trustiest Unsuspicious
Convince Honesty Promise True-hearted Trustily Uprightness
Convinced Honest Truth Promise Truly Trustiness Upright
Correct Honor Purity Trust Trusting Veracity
Count upon Honorabl Raise hope Trustable Trusting Veracious

10
The included words also include alternate spellings and misspellings of the included words.
 T. Rich

Appendix 2

See Table 8.

Table 8 Summary statistics of independent variables

Variable Mean SD Min Max N

Female 0.44 0.49 0 1 248

Age 35.87 11.27 18 73 248
Education 4.29 1.29 1 7 248
Never received email 0.31 0.46 0 1 248
Most people can be trusted 3.23 0.97 1 5 248
I seek new experiences 3.65 0.93 1 5 248
I am risk averse 3.21 0.93 1 5 248
Lottery ticket purchasing 2.01 1.17 1 6 248

Appendix 3: Letter templates in the experimental design

Letter A (no appeals to trust/$3 million offer)11

Permit me to introduce myself and my situation. I think you are the type of person I
can do business. By matter of this expectation I must not hesitate to discuss with you
this proposal. Before the death of my father he left me a sum of over US$10,000,000
(ten million dollars) kept in a private bank. Presently, I am in hospital where I have
been undergoing treatment for cancer, where my doctor told me that I would not last
for the next 3 months. Because my relatives and friends plundered so much of my
father’s wealth since my illness, I cannot live with the agony of leaving this huge
responsibility to any of them. I am worried that those with dishonest intentions will
get access to this money when I die.
I humbly request that you follow my instructions closely. I also indulge you not
to make undo use of the information given to you. I request that you will not tell
others about this business for I fear their insincere purposes. I am seeking your
assistance to receive this money into a safe account in your country and to provide
good investment plans and distribute the money to charity organizations. For your
cooperation and assistance I am willing to offer you 30% of the total sum (three
million dollars) as compensation for your effort after the successful transfer of these
funds to the US.

Your assistance is very appreciated,

Marie

11
Trust references and the monetary offer are italicized for convenience but were not italicized
in the web survey.
You can trust me: a multimethod analysis of the Nigerian…

Letter B (appeals to trust/$3 million offer)

Permit me to introduce myself and my situation. I believe you are a honest and
trustworthy person I can do business. By matter of trust I must not hesitate to
confide in you this proposal. Before the death of my father he left me a sum of over
US$10,000,000 (ten million dollars) kept in a private bank. Presently, I am in
hospital where I have been undergoing treatment for cancer, where my doctor told
me that I would not last for the next 3 months. Because my relatives and friends
plundered so much of my father’s wealth since my illness, I cannot live with the
agony of entrusting this huge responsibility to any of them. I am worried that those
with dishonest intentions will get access to this money when I die.
I humbly request that you follow my instructions closely. I also indulge you not
to make undo use of the information given to you. I trust that you will not tell others
about this business for I fear their insincere purposes. I am relying your assistance to
receive this money into a safe account in your country and to provide good
investment plans and distribute the money to charity organizations. For your trust
and assistance I am willing to offer you 30% of the total sum (three million dollars)
as compensation for your effort after the successful transfer of these funds to the US.

Your trust is very appreciated,

Marie

Letter C (no appeals to trust/$30 million offer)

Permit me to introduce myself and my situation. I think you are the type of person I
can do business. By matter of this expectation I must not hesitate to discuss with you
this proposal. Before the death of my father he left me a sum of over
US$100,000,000 (hundred million dollars) kept in a private bank. Presently, I am
in hospital where I have been undergoing treatment for cancer, where my doctor
told me that I would not last for the next 3 months. Because my relatives and friends
plundered so much of my father’s wealth since my illness, I cannot live with the
agony of leaving this huge responsibility to any of them. I am worried that those
with dishonest intentions will get access to this money when I die.
I humbly request that you follow my instructions closely. I also indulge you not
to make undo use of the information given to you. I request that you will not tell
others about this business for I fear their insincere purposes. I am seeking your
assistance to receive this money into a safe account in your country and to provide
good investment plans and distribute the money to charity organizations. For your
cooperation and assistance I am willing to offer you 30% of the total sum (thirty
million dollars) as compensation for your effort after the successful transfer of these
funds to the US.

Your assistance is very appreciated,

Marie
 T. Rich

Letter D (appeals to trust/$30 million offer)

Permit me to introduce myself and my situation. I believe you are a honest and
trustworthy person I can do business. By matter of trust I must not hesitate to
confide in you this proposal. Before the death of my father he left me a sum of over
US$100,000,000 (hundred million dollars) kept in a private bank. Presently, I am in
hospital where I have been undergoing treatment for cancer, where my doctor told
me that I would not last for the next 3 months. Because my relatives and friends
plundered so much of my father’s wealth since my illness, I cannot live with the
agony of entrusting this huge responsibility to any of them. I am worried that those
with dishonest intentions will get access to this money when I die.
I humbly request that you follow my instructions closely. I also indulge you not
to make undo use of the information given to you. I trust that you will not tell others
about this business for I fear their insincere purposes. I am relying your assistance to
receive this money into a safe account in your country and to provide good
investment plans and distribute the money to charity organizations. For your trust
and assistance I am willing to offer you 30% of the total sum (thirty million dollars)
as compensation for your effort after the successful transfer of these funds to the US.

Your trust is very appreciated,

Marie

References

Atkins, B., and W. Huang. 2013. A study of social engineering in online frauds. Open Journal of Social
Sciences 1 (3): 23–32.
Barron, A. 2006. Understanding spam: A macro-textual analysis. Journal of Pragmatics 38 (6): 880–904.
Berelson, B. 1952. Content analysis in communication research. Glencoe, IL: Free Press.
Berinsky, A.J., G.A. Huber, and G.S. Lenz. 2012. Evaluating online labor markets for experimental
research: Amazon.com’s mechanical turk. Political Analysis 20: 351–368.
Blommaert, J., and T. Omoniyi. 2006. Email fraud: Language, technology, and the indexicals of
globalization. Social Semiotics 16 (4): 573–605.
Buhrmester, M., T. Kwang, and S.D. Gosling. 2011. Amazon’s mechanical turk: A new source of
inexpensive, yet high-quality, data? Perspectives on Psychological Science 6 (1): 3–5.
Button, M., C. Lewis, and J. Tapley. 2014. Not a victimless crime: The impact of fraud on individual
victims and their families. Security Journal 27: 36–54.
Caplan, T. 2013, February 13. Phone interview.
Cheng, J. 2010. Suckers victims lost $9.3 billion to 419 scammers in 2009. Arstechnica. http://
arstechnica.com/security/2010/01/victims-lost-93-billion-to-419-scammers-in-2009/. Accessed 29
Jan 2010.
Costin, A., J. Isacenkova, M. Balduzzi, A. Francillon, and D. Balzarotti. 2013. The role of phone numbers
in understanding cyber-crime schemes. Paper presented at the 2013 Eleventh Annual International
Conference on Privacy Security and Trust, pp. 213–220.
Cukier, W.L., E.J. Nesselroth, and S. Cody. 2007. Genre, narrative and the ‘Nigerian letter’ in electronic
mail. Proceedings of the 40th Hawaii International Conference on System Sciences. http://csdl2.
computer.org/comp/proceedings/hicss/2007/2755/00/27550070a.pdf.
Datar, T.D., K.A. Cole, and M.K. Rogers. 2014. Awareness of scam e-mails: An exploratory research
study. ADFSL Conference on Digital Forensics, Security and Law. http://proceedings.adfsl.org/
index.php/CDFSL/article/view/26/26.
You can trust me: a multimethod analysis of the Nigerian…

Downs, J.S., M.B. Holbrook, and L.F. Cranor. 2006. Decision strategies and susceptibility to phishing.
Carnegie Mellon University Research Showcase.
Evans, M., W.V. McIntosh, J. Lin, and C.L. Cates. 2007. Recounting the courts? Applying content
analysis to enhance empirical legal research. Journal of Empirical Legal Studies 4 (4): 1007–1039.
Gao, Y., and G. Zhao. 2005. Knowledge-based information extraction: A case study of recognizing
emails of Nigerian frauds. In Natural language processing and information systems, ed. A. Montoyo,
R. Munoz, and E. Metais, 161–172. Berlin: Springer.
Glickman, H. 2005. The Nigerian ‘419’ advance fee scams: Prank or peril? Canadian Journal of African
Studies 39 (3): 460–489.
Gregory, D.W., and B. Nikiforova. 2012. A sweetheart of a deal: How people get hooked and reeled in by
financial scams. Journal of Behavioral Finance & Economics 2 (2): 96–122.
Grinker, R.R., S.C. Lubkemann, and C.B. Steiner. 2010. Perspectives on Africa: A reader in culture,
history and representation. New York: Wiley.
Haines, L. 2004. Nigerian judge claims ‘no jurisdiction to hear it. The A Register. http://www.theregister.
co.uk/2004/07/20/419_trail_collapse/. Accessed 20 July 2004.
Hamburger, Y.A., and E. Ben-Artzi. 2000. The relationship between extraversion and neuroticism and the
different uses of the Internet. Computers in Human Behavior 16 (4): 441–449.
Hamburger, Y.A., and E. Ben-Artzi. 2003. Loneliness and Internet use. Computers in Human Behavior 19
(1): 71–80.
Herley, C. 2012. Why do Nigerian scammers say they are from Nigeria? Unpublished paper. http://
research.microsoft.com/pubs/167719/whyfromnigeria.pdf.
Horton, J.J., D. Rand, and R.J. Zeckhauser. 2011. The online laboratory: Conducting experiments in a real
labor market. Experimental Economics 14 (3): 399–425.
Huber, G.A., S.J. Hill, and G.S. Lenz. 2012. Sources of bias in retrospective decision making:
Experimental evidence on voters’ limitations in controlling incumbents. American Political Science
Review 106 (4): 720–741.
Huff, C., and D. Tingley. 2015. ‘‘Who are these people’’ evaluating the demographic characteristics and
political preferences of MTurk survey respondents. Research & Politics July–September: 1–12.
Isacenkova, J., D. Thonnard, A. Coston, A. Francillon, and D. Balzarotti. 2014. Inside the scam jungle: A
closer look at 419 scam email operations. EURASIP Journal on Information Security 1: 1–18.
King, A., and J. Thomas. 2009. You can’t cheat an honest man: Making ($$$s and) sense of the Nigerian
e-mail scams. In Crimes of the Internet, eds. F. Schmallegar, and M. Pittaro, 206–224. Saddle River:
Pearson Education.
Konig, T., and B. Luig. 2009. German ‘LexIconSpace’: Policy positions and their legislative context.
German Politics 18 (3): 345–364.
Krebs, B. 2011. Where did that scammer get your email address? Krebs on Security blog. http://
krebsonsecurity.com/2011/04/where-did-that-scammer-get-your-email-address/. Accessed 25 Apr
2011.
Krippendorff, K. 2004. Content analysis: An introduction to its methodology. Thousand Oaks: Sage.
Kuziemko, I., M.I. Norton, E. Saez, and S. Stantcheva. 2015. How elastic are preferences for
redistribution? Evidence from randomized survey experiments. American Economic Review 105 (4):
1478–1508.
Lazarus, D. 2003. Greed fuels big internet scam. San Francisco Chronicle 12 January.
Legard, D. 2003. E-mail threats increase sharply. PC World. http://www.pcworld.com/article/107930/
article.html.
Levy, E. 2003. Crossover: Online pests plaguing the offline world. IEEE Security and Privacy 1 (6):
71–73.
Longe, O., and A. Osofisan. 2011. On the origins of advance free fraud electronic emails: A technical
investigation using Internet protocol address tracers. African Journal of Information Systems 3 (1):
17–26.
Longe, O.B., V. Mbarika, M. Kourouma, F. Wada, and R. Isabalija. 2009. Seeing beyond the surface:
Understanding and tracking fraudulent cyber activities. International Journal of Computer Science
and Information Security 6 (3): 124–135.
Mbaziira, A.V., E. Abozindah, and J.H. Jones Jr. 2015. Evaluating classifiers in detecting 419 scams in
bilingual cybercriminal communities. International Journal of Computer Science and Information
Security 13 (7): 1–7.
Milne, G.R., L.I. Labrecque, and C. Cromer. 2009. Toward an understanding of the online consumer risky
behavior and protection practices. Journal of Consumer Affairs 43 (3): 449–473.
 T. Rich

Mitnick, K., and W. Simon. 2002. The art of deception: Controlling the human element of security. New
York: Wiley.
Muscat, G., M. James, and A. Graycar. 2002. Older people and consumer fraud. Number 220 Canberra:
Australian Institute of Criminology.
Neuendorf, K.A. 2002. The content analysis guidebook. Thousand Oaks: Sage.
Nhan, J., P. Kinkade, and R. Burns. 2009. Finding a pot of gold at the end of an internet rainbow: Further
examination of fraudulent email solicitation. International journal of Cyber Criminology 3 (1):
452–475.
Onyebadi, U., and J. Park. 2012. ‘I’m Sister Maria, please help me’: A lexical study of 4-1-9 international
advance fee fraud email communications. International Communication Gazette 74 (2): 181–199.
Paolacci, G., J. Chandler, and P.G. Ipeirotis. 2010. Running experiments on amazon mechanical turk.
Judgment and Decision Making 5 (5): 411–419.
Park, Y., J. Jones, D. McCoy, E. Shi, and M. Jakobsson. 2014. Scambaiter: Understanding targeted
Nigerian scams on Craigslist. Proceedings of the Network and Distributed System Security
Symposium. Internet Society. https://cs.gmu.edu/*mccoy/papers/scambaiter.pdf.
Rich, T.S. 2014. Propaganda with purpose: Uncovering patterns in North Korean nuclear coverage,
1997–2012. International Relations of the Asia-Pacific 14 (3): 427–453.
Ross, D.G. 2009. Ars dictaminis perverted: The personal solicitation of email as a genre. Journal of
Technical Writing and Communication 39 (1): 25–41.
Schiesel, S. 2004. Turning the tables on e-mail swindlers. New York Times 17 June: Gl, G7.
Shank, D.B. 2016. Using crowdsourcing websites for sociological research: The case of Amazon
Mechanical Turk. The American Sociologist 47 (1): 47–55.
Tade, O., and I. Aliyu. 2011. Social organization and Internet fraud among university undergraduates in
Nigeria. International Journal of Cyber Criminology 5 (2): 860–875.
Thompson, S. 2006. Helping the hacker? Library information, security, and social engineering.
Information Technology and Libraries 25: 222–225.
Titus, R.M., F. Heinzelman, and J.M. Boyle. 1995. Victimisation of persons by fraud. Crime and
Delinquency 41: 54–72.
US Department of State. 1997. Nigerian Advance fee fraud.
Viosca, C., B.J. Bergiel, and P. Balsmeier. 2004. Effects of the electronic money fraud on the brand
equity of Nigeria and Africa. Management Research News 27 (6): 11–20.
Wizard, B. 2000. Nigeria 419 scam: Game over. Wallowa: Starguill International.
Zuckoff, M. 2005. Annals of crime: The perfect mark. The New Yorker 82 (13): 36–42.

View publication stats