Like, it can’t be a real person, right? Has anyone tried following the links? I’m curious how they’re scamming people. It just seems like anyone getting the same message 5 times won’t fall for being catfished, so I don’t understand what their strategy is.
The same reason a lot scam emails are riddled with typos, follow recognisable formats (eg nigerian prince) and can be easily determined as scams. If you can spot it, you aren’t the mark. It’s a form of selection bias. If you recognise Nicole you probably aren’t new to Lemmy or the Fediverse and are a bad mark. I’d guess, I never followed the links, don’t generally follow links dm’d from random, days old accounts in general. Maybe Nicole truly is just thirsty for Lemmy friends and keeps getting banned lmao.
Honestly people that do recognize it for what it is should respond. Keep them talking to waste their time so they can’t hurt someone else.
Their time is worthless, they use slave labor.
But then you’re also wasting your own time.
If we all wasted 5 minutes we could shut down the system.
People really underestimate the power of collective action. It’s just meat based ddos.
What a fascinating sentence.
I mean if everyone “collective action” ignored them together, no one would have to waste even 5 minutes ¯\_(ツ)_/¯
And theoretically, if there would be the same amount of scammers as decent people, everyone would have to waste all their time with your strategy, but with my strategy none of the decent people would waste time.
But yes I understand it of course, protecting the weak is not a bad thing.
you mean, everyone who already knows it’s a scam or can recognize that it probably is. which is not everyone. otherwise the whole thing wouldn’t exist.
Which is what I acknowledged with my last sentence. All I’m saying is that both methods could be worthwhile, and in a perfect world where everyone is educated, everyone ignoring the scammer would be better.
In a perfect world, anyone who attempted to go around hurting people would be removed from society.
“They” will be an LLM.
Maybe. That gets expensive very fast. We should all ask for artwork.
Time you enjoy wasting is not wasted. I always love talking to Indian scammers when they call about my student loans that don’t exist.
Yep, then of course this doesn’t matter :) go for it!
I already asked 2 scammers on discord for bathwater and they never took me up on it :( it’s a cruel world
yeah but it’s fun
That easier done with more involved scams like phone calls you see YouTubers do. Especially since they likely paid for that info. Places like here there’s no buy in so it’s a volume game i imagine. If I can’t get you to another platform to buy me stuff I’d move on to the next one quickly as possible.
I had one Indian scammer use my name so I was interested. Then he asked if my email was still current and gave an email that I used like 20 years ago in middle school. I laughed and told him he paid for shitty info. It was a goddamn Hotmail account to give you an idea.
And if you can get them to do stupid things, you can post about it here!
https://www.419eater.com/html/trophy_room.htm
This doesn’t make any sense to me.
Why would you deliberately make your bait less appealing to filter out the fish that might wriggle off the hook before you land them?
The typo’s are in order to evade bayesian spam filters which get suspicious about certain words.
The common formats are used because those are the ones that work.
The initial fishing is a low effort, wide net. What follows actually takes the investment of man hours and/or other resources. They would rather get 1 catch they can take all the way, than 500 where 495 will figure it out later and bail.
Sure but there’s no evidence that the typos effectively weed out the ones they don’t want.
No evidence that we have. The spammers obviously think it’s worth doing however, and they are the ones that would have the statistics.
All the evidence we do have demonstrates that the typos evade Bayesian filters and improve deliverability. This is demonstrably true.
When you hear hoof beats think horses not zebras.
Provide the evidence?
Does it however? I’m not up to speed on modern anti spam, but a huge number of spelling mistakes screams spam to me. I would be extremely surprised if it wasn’t the case. The best way to deliver spam is to make it indistinguishable from legit messages.
Also, the existence of spear fishing implies it’s a choice.
Do you mean to say, you’ve learned to associate spelling errors with spam because most of the spam you see… the spam that gets past your spam filters… has a lot of spelling errors?
That’s just not true. The best way to deliver spam is to send it from a reputable address, and to avoid looking like spam.
Bayesian filters need to be trained by a user identifying email as spam. From those emails it learns which words frequently appear in spam emails. Including spelling errors means more unique words rather than words that look like spam.
More than I see very few of them anymore. I see more of them when I look in the junk mail, but even hotmail has gotten good a filtering out all the crap.
Because you’re selecting with people who lack experience with scam/critical thinking to figure out they’re scams.
I understood you the first time. My point is, it’s nonsensical.
If you’re sending emails to potential victims you want as many responses as you can get.
It’s an absurdity to suggest that typing errors would intelligently select for people more likely to be scammed.
I’m not arguing about this. Especially not with a baby account. This is an opinion informed by expert opinion on the matter, and I work in tech. If you think it’s “nonsensical” that’s on you.
Source.
Oh boy. Sure ok you must know everything about security and spam and scammers because you “work in tech”. Honestly, telling people that doesn’t make you sound any more credible.
Did you honestly just google “scammer typos” so you could provide me with an expert source?
You’re making a very simple assertion - that typos weed out potential victims who are gullible enough to fall for a nigerian prince scam with no typos, but not gullible enough to follow through to actually paying the scammer.
It’s a preposterous claim with absolutely no evidence supporting it. Any idiot can see it doesn’t withstand a moment’s thought.
On the other hand, it’s demonstrably true that typos can help to evade bayesian filters.
The actual situation, which both you and mr security blog guy have gravely misunderstood, is that including typos in order to evade filters improves response rates because it improves deliverability and does not discourage a significant number of victims.
Er go, the type of people who become victims are not likely to be discouraged by typos.
That’s not the same as including typos in order to discourage people who are not good victims.
Never claimed that, said that because that’s why I’m aware of it, not that it indicates any authority.
Not quite but pretty much yep. Given you claimed it was “nonsensical” I had hope me showing sources that weren’t just my saying so might make you reconsider your position. Perhaps unsurprisingly, it didn’t.
You’re free to google “scammer typos” and check out the results yourself given there seems to be nothing I can do or link to convince you that this is a silly hill to die on.
What filters are these? I’ll have to keep an eye out for the grammar section in the inbound spam/phishing policies next time I’m managing a client in the exchange section of their tenant. Bad luck for those who don’t spell well, can’t use spell check or are ESL, I guess. Mistyped URLs or domains however, sure are a thing.
*Ergo. I guess you’ve made up your mind, based on god knows what. I’ll leave you with a link from a university’s IT department from your google search terms, feel free to look at the rest of them any time you like.
But what would the opinions based on another “Mr security guy”, aka a Microsoft researcher know.
indeed
I can’t believe I need to explain this to Mr exchange server administrator, but you have it the wrong way around. Spelling errors are a common strategy to avoid emails being classified as spam. Bayesian filters collate tables of words that commonly appear in spam. Spelling errors create words that the filter hasn’t seen classified as spam.
Bayesian filtering is a legacy strategy and Microsoft, for example, does not use it any more (because it’s inferior) except for legacy on-prem setups. Given you’ve attempted to be insulting, put words in my mouth and failed to provide supporting articles for your opinion I’m out. As I get enough of these sort of conversations at work and unless I start billing you… Lol’d at “Mr exchange server admin” though ngl.
If their claim is so preposterous then why are they providing sources and you’re not. Writing longer and longer walls of text and being more and more disrespectful isn’t going to convince anyone. If you have evidence just provide it instead of insisting is exists.