Technology

40299 readers

270 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 3 years ago

MODERATORS

remington@beehaw.org

alyaza@beehaw.org

TheRtRevKaiser@beehaw.org

gyrfalcon@beehaw.org

rs5th@beehaw.org

coldredlight@beehaw.org

SemioticStandard@beehaw.org

I Was Scammed Out of $130,000 — And Google Helped It Happen (bewildered.substack.com)

submitted 16 hours ago by along_the_road@beehaw.org to c/technology@beehaw.org

11 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Powderhorn@beehaw.org 25 points 15 hours ago (2 children)

Honestly, the email record eventually shared screams scam. It's not quite fluent English, has urgency and requests the information not be shared with anyone else. That's a pretty damning trifecta and should have been a red flag for someone who literally works in an authentication role.

[–] tal@olio.cafe 6 points 14 hours ago* (last edited 14 hours ago) (1 children)

should have been a red flag for someone who literally works in an authentication role.

Maybe. But the point he was making is that the typical person out there is probably at least as vulnerable to falling prey to a scam like that, and that that's an issue, and that sounds plausible to me. I mean, we can't have everyone in society (a) be a security expert or (b) get scammed.

[–] Powderhorn@beehaw.org 8 points 14 hours ago

I fell for an email scam about 15 years ago. I was job searching and got a message about a contract editing position looking for a native English speaker, which, given that I had my resume up for just such a role, didn't make me bat an eye. So I responded expressing interest. Long story short, it was one of those "we FedEx you excessive checks and then you keep your portion and Western Union the rest to this other person" affairs.

Of course the first check bounced, my bank account was flagged for fraud, with a balance of -$999,999, and it took weeks to be made whole (thankfully I was) while I navigated the byzantine process of "look, I got fucked; it's as simple as that."

It took going through that experience to be able to look for clear tells (important, as once you've fallen for one scam, you're flagged as an easy mark, so more come down the pike), and I agree that most people shouldn't be expected to be able to spot that unless they've gone through it.

My point is, if you actively work in security, the bar is far higher. This writer basically gave someone his PIN because his phone didn't provide full headers, and instead of verifying on desktop, just assumed it was legit, which is an amateur-level error for an authentication professional.