Reply to post: Re: The "urgent transfer" request sent to the CFO trick?

Fake CEOs pilfer $2.3bn from US biz pockets in three years – Feds

Michael Wojcik Silver badge

Re: The "urgent transfer" request sent to the CFO trick?

I've heard the dodgyness is intentional to filter out non-gullible people.

That's from a 2012 Cormac Herley paper, "Why do Nigerian Scammers Say They are from Nigeria?". Herley works for Microsoft Research and does a lot of work on the economics of security, particularly behavioral economics, and why what look like irrational choices by victims and attackers are often economically justifiable (for them).

In that paper he shows that phishing is a binary classification problem, and it performs much better if the attack has enough implausible elements to weed out the less-susceptible targets.

Herley's work is well worth reading, particularly for people who think of IT security as simply a technological matter, or an issue of training users.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022