PHD-IT-L Archives

September 2013


Options: Use Monospaced Font
Show HTML Part by Default
Condense Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Damon Mccoy <[log in to unmask]>
Wed, 4 Sep 2013 17:08:40 +0000
multipart/alternative; boundary="_000_90d3433376ca4cc29bc04436bce1214bCO1PR05MB409namprd05pro_"
Damon Mccoy <[log in to unmask]>
text/plain (1802 bytes) , text/html (2588 bytes)
Hello everyone,

Lunch seminar is being held again this Thursday at Noon in 4201.

Jackie Jones will be presenting some of his research on Nigerian scams. Pizza will be provided and I look forward to seeing another good turn out this week. I'm also looking for student to volunteer to present next week.

Title:  Scambaiter: Understanding Targeted Nigerian Scams on Criag's List


Advance free fraud scams, also known as Nigerian scams have evolved from simple untargeted email messages to more sophisticated scams targeted at users of classifieds, dating and other websites. Even though such scams are observed frequently, our understanding of targeted Nigerian scam is limited since the scammers operate "underground". In this paper, we focus on fake payment scams targeting users on Craigslist. To better understand this type of scam and scammers, we build an automated data collection system which 1) posts "honeypot ads" offering goods for sale on Craigslist and 2) gathers scam emails and interact with scammers via email exchange. We use this measurement platform to gather three months of data and perform an in-depth analysis. Our analysis provides us with a better understanding of scammers' action patterns, automation tools, scammers' email account usage and distribution of scammers' geolocation. From our analysis of this dataset, we find that around 10 groups of scammers were responsible for nearly half of the over 13,000 total scam attempts we received. These groups use shipping address and phone numbers in both Nigeria and the USA. We also identify potential methods of deterring these targeted scams, such as patterns in the scammer's messages and usage of email accounts that might enable improved filter of their initial messages by content and email address.