Nigerian letters

Nigerian letters are a type of computer fraud that aims to underhandedly get access to a user’s bank account or to extort money from them in a different way.

The standard theme exploited by Nigerian letters is the need to move large sums of cash internationally. A spammer usually tells an intriguing story about millions of Dollars he has acquired semi-legally. For example, these may be stolen foreign investments or UN grants. The spammer then goes on to explain why they cannot use their local bank and informs the recipient that they urgently need an account in a foreign bank where the ‘grey’ money could be transferred to. Another typical version is that the money has been earned legally or received from a will, but it is impossible to receive it in cash in that country due to the country’s political instability.

The recipient of a Nigerian letter is usually asked to provide assistance in obtaining the cash. In return they are offered a 10% to 30% reward.

It is assumed that the naive user will allow the fraudster access to their bank account for the purposes of carrying out the transaction. The result is predictable – all of the recipient’s money will be withdrawn from their bank account. Another trick that the fraudsters use is to ask for a small advance (usually several thousand Dollars) in order that the fraudster can ‘execute some necessary procedure’, with the promise of huge returns for the ‘lender’. Needless to say, they disappear as soon as they receive the money. Sometimes fraudsters even try to persuade a recipient to travel to Nigeria or somewhere similar, resulting in the victim being blackmailed or threatened.

This type of spam differs from the other types in that spammers have to keep up a correspondence with the recipients and this means that the fraudsters’ return address and sometimes even a telephone number is known and can easily be tracked down by law-enforcement agencies.

This type of spam is called ‘Nigerian’ as it was created in Nigeria. In 2005, local spammers even received a so-called Anti-Nobel prize in Literature. There is another name related to Nigeria which is used in English-language documents – Scam 419, where 419 is the number of the article in Nigerian legislation forbidding this type of fraud.

Why Nigeria? This country is reputed to be one of the world’s most corrupt. Twenty years of political chaos and military dictatorship have lead to a crime wave. Currently, Nigerian fraud is fourth in the world for the level of income received.

Thousands of people worldwide still get emails from ‘former dictators’, nonexistent Nigerian businessmen or clerks from Nigerian ministries. However Nigerian letters have long been sent by spammers from different countries.

Spammers react quickly to situations around the world, constantly searching for unstable zones. This is the reason for the appearance of Kenyan or Filipino letters. During the war in Iraq, spam mailings contained Iraqi letters with information about money stolen during military operations in that country. The authors of these letters usually sign them with fictitious names, or use the real names of senior Iraqi officials.

The majority of Nigerian spam is in English, but in 2004-2005 spammers started similar activities on the Russian Internet. The Russian language Nigerian spam exploits hot news from Russian political life. For example, the Yukos Oil affair was used by spammers who distributed an offer claiming that the recipient would be given a share of Khodorkovsky’s money in cash.

When the Yukos Oil affair reached Western Europe, spammers reverted to the English language, which may have been for one of several reasons. Either foreign recipients are more easily seduced by the offer of cash, there aren’t that many naive Russians with bank accounts, or simply that there aren’t that many naive Russians!

A typical Nigerian letter


Nigerian letter with a “Russian accent”


Sometimes you can find the odd masterpiece among Nigerian letters. They were obviously written by people with a sense of humor. Thousands of these letters are spread across the Internet, users themselves send them to each other as samples of a funny text. The most vivid example of such a ‘masterpiece’ is a ‘touching’ story about a Nigerian astronaut who 14 years ago was sent to the secret Soviet space station Soyuz and now the Russians refuse to bring him back to the Earth because it is too expensive. During all these years his salary has been transferred to his bank account and now the astronaut’s relatives ask for the users’ assistance in converting this astronomic sum into the cash needed to help him to return home. An attentive user will recognize the date of the letter’s first mailing – April of 2004 (April 12 is the Astronaut’s Day in Russia)

Below is the text of this remarkable Nigerian Letter

Subject: A Nigerian astronaut needs your help

Dr. Bakare Tunde Astronautics Project Manager National Space Research and Development Agency (NASRDA) Plot 555 Misau Street PMB 437 Garki, Abuja, FCT NIGERIA

Dear Mr. Sir,


I am Dr. Bakare Tunde, the cousin of Nigerian Astronaut, Air Force Major Abacha Tunde. He was the first African in space when he made a secret flight to the Salyut 6 space station in 1979. He was on a later Soviet spaceflight, Soyuz T-16Z to the secret Soviet military space station Salyut 8T in 1989.

He was stranded there in 1990 when the Soviet Union was dissolved. His other Soviet crew members returned to earth on the Soyuz T-16Z, but his place was taken up by return cargo. There have been occasional Progrez supply flights to keep him going since that time. He is in good humor, but wants to come home.

In the 14-years since he has been on the station, he has accumulated flight pay and interest amounting to almost $ 15,000,000 American Dollars. This is held in a trust at the Lagos National Savings and Trust Association. If we can obtain access to this money, we can place a down payment with the Russian Space Authorities for a Soyuz return flight to bring him back to Earth. I am told this will cost $ 3,000,000 American Dollars. In order to access his trust fund we need your assistance.

Consequently, my colleagues and I are willing to transfer the total amount to your account or subsequent disbursement, since we as civil servants are prohibited by the Code of Conduct Bureau (Civil Service Laws) from opening and/ or operating foreign accounts in our names.

Needless to say, the trust reposed on you at this juncture is enormous. In return, we have agreed to offer you 20 percent of the transferred sum, while 10 percent shall be set aside for incidental expenses (internal and
external) between the parties in the course of the transaction. You will be mandated to remit the balance 70 percent to other accounts in due course.

Kindly expedite action as we are behind schedule to enable us include downpayment in this financial quarter.

Please acknowledge the receipt of this message via my direct number 234 (0) 9-234-2220 only.

Yours Sincerely,

Dr. Bakare Tunde Astronautics Project Manager


Every little bitcoin helps

It often happens that inventions and technologies that start out good end up turning into dangerous tools in the hands of criminals. Blockchain is no exception to this rule, especially in its most common cryptocurrency incarnation. The attacks targeted employees of small companies, but such emails could be sent to any user’s personal mail. Read Full Article


IT threat evolution Q3 2017

Our growing dependence on technology, connectivity and data means that businesses present a bigger attack surface than ever. Targeted attackers have become more adept at exploiting their victims’ vulnerabilities to penetrate corporate defences while ‘flying under the radar’. Read Full Article


Spam and phishing in Q3 2017

In terms of the average share of spam in global email traffic (58.02%), the third quarter of 2017 was almost identical to the previous reporting period: once again growth was slightly more than one percentage point – 1.05 (and 1.07 p.p. in Q2 2017). As in previous quarters, spammers were quick to react to high-profile events and adapted their fraudulent emails to the news agenda. Read Full Article


Spam and phishing in Q2 2017

In Q2 2017, the average share of spam in global email traffic amounted to 56.97%, which was only 1.07 p.p. more than in the previous quarter. One of the most notable events of this quarter – the WannaCry epidemic – did not go unnoticed by spammers: numerous mass mailings contained offers of assistance in combating the ransomware. Read Full Article


Nigerian phishing: Industrial companies under attack

In late 2016, the Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team reported on phishing attacks that were primarily targeting industrial companies from the metallurgy, electric power, construction, engineering and other sectors. As further research demonstrated, this was just part of a bigger story that began much earlier and is unlikely to end any time soon. Read Full Article


Two Tickets as Bait

Over the previous weekend, social networks were hit with a wave of posts that falsely claimed that major airlines were giving away tickets for free. Users from all over the world became involved in this: they published posts that mentioned Emirates, Air France, Aeroflot, S7 Airline, Eva Air, Turkish Airlines, Air Asia, Air India, and other companies. Read Full Article