Here is a lightly edited transcript of our interview with Pete Jarvis, VP of Business Development of Polyverse.

The reason why all scammers are from Nigeria is because the spam email guys are self-filtering for the person who doesn’t know that all spammers are from Nigeria. That’s actually one in a million. So, what you do is you tell everyone that you’re a Nigerian and you have a bunch of money because you’re removing all of the cost of the attack because all of these people who know about that self-filter out.

Then you get the one person out of a million who doesn’t know that scammers are from Nigeria and they go, “wow, you’ve got some money in Nigeria and you want to send it to me?” This is where it gets really interesting is because the people in Nigeria, and it may actually not be in Nigeria, will spend thousands of dollars to set up that scam because the return on investment is so tremendous. It costs nothing to send the spam email. So I can send a spam email to 24 million people, but if I only got 1% to return my email and I filter that then to the 1% of the 1%, those people are the people I want to talk to as a spammer because they might actually do what I want.

That’s the really interesting mathematics of what’s happening with cyber-attacks, spamming and spear fishing at the moment. If you send enough emails someone is going to do what you want them to do. Someone’s going to click on the link, someone’s going to install the software.

If you want to change that, what you have to do is say, “Okay, the real problem is the near zero-cost of sending the email. And then the other thing you have to look at is the near zero-cost of finding an exploit on a Linux machine or on a Windows machine.