When a 0% Success Rate is Worthwhile
There’s an article in Zaman.com, about “Turkish Hacker Depletes 10,000 Bank Accounts ”
A criminal enterprise comprised of 10 individuals who drained the accounts of 10,580 customers by sending virus-infected e-mails was busted in Istanbul.
…
The suspects reportedly sent virus-infected emails to 3,450,000 addresses, and subsequently drained 10,850 bank accounts.
That’s a hit rate of 0.314%. Which I’m not going to analyze today.
Additional resources, all in Turkish: “İnternet dolandırıcıları yakalandı,” “İnteraktif banka dolandırıcılığı” both seem to be “TSI” agency stories, and “10 bin müşteri hesabını boşalttılar” seems to be a gov.tr site with additional details. Do any readers speak Turkish?
A prevalent theory of terrorist organizations operates under similar expected success metrics…
Similar attack on a Swedish bank: http://news.zdnet.co.uk/security/0,1000000189,39285547,00.htm