- cross-posted to:
- pulse_of_truth@infosec.pub
- cross-posted to:
- pulse_of_truth@infosec.pub
I’ve gotten a few of these, but I just moved so it only included Google maps images of my old apartment, and I guess the data scrape didn’t get my phone number, so it included language like “I bet you wouldn’t like it if I called you at 0000000000, would you?”
I’m savvy enough to laugh and delete, but I’m sure this would be very effective against some older Americans.
Yeah, I definitely knew it was fake when they called it a “beautiful neighborhood”. My friend did you even look at the picture you sent?
AI might improve their messaging soon
deleted by creator
Good. I could use a house.
This is so good. Congratulations.
nice setup, by the way
thanks man, but how did you get a picture of my room ?!?
Watching me while I’m browsing the net?
I especially like when they tell me my address lol, as if I’m supposed to be scared into responding.
Gahhh they figured out how to use a publicly available database!
Just you wait till they figure out what the phone book is!
Hi, can you send me copy of the video too? You have me email address.
I’m torn between asking them to put up or shut up, and maybe just not confirming they got an address that still works.
Nah. Don’t reply back.
If all else use VPN if there’s any tracking image in the email, and reply back with bogus information.
I keep kind of hoping I get this one. I’m ace, so I definitely haven’t been watching porn of any kind, and my house has changed dramatically since the last time google came by, so it would just be entertaining. But then I see people on nextdoor all freaked out that “someone has pictures of their house,” and it makes me wish for a large, extremely targeted sinkhole to open up under all these scammers.
My sister got the one where the scam says her son got into a car accident and - mumbling through ‘a broken jaw’ so thats why the voice is off - Officer Peterson needs to arrange bail, but off the books.
It was surprisingly effective, and my sister had a freakin’ heart attack as any parent would, and THOSE people can rot in a hell made of mealworms, ticks and black flies.
My grandma almost fell for this. Asked my mom what to do. Mom almost fell for it. After an hour of freaking out and preparing to go buy itunes gift cards or whatever it was, my mom thought to call me. “Oh my god are you ok what happened where are you etc”
Uhh I’m at my apartment, getting ready for work.
Everyone should talk to their parents and grandparents about this scam.
Everyone should talk to their parents and grandparents about this scam
It would be pointless with my mother, anything involving technology developed after the 1980s goes were in one ear and out the other.
She never could work out the VCR, I never even bothered with a DVD player.
They need to invent a “smart” TV that can be remotely controlled, so I don’t have to come around every time she wants to watch another episode of big bang theory, which apparently is the best show ever.
It’d be great if popular show casts like BBT would do more PSAs.
It would be pointless with my mother, anything involving technology developed after the 1980s goes were in one ear and out the other.
I just told mine, “If someone calls claiming to be me and says that ‘I’ am in trouble and need money, ask them [about thing from my pre-Internet childhood], and if they get the answer wrong, hang up, because it’s someone else imitating my voice.” No tech understanding required.
You could get a used pc for cheap, doesn’t need to be powerful. Plug in in to her tv, then set up her streaming services on there and then set it up so you can remote into it.
Roku with a VPN_/Tunnel to your moms house. Use the roku app to control things remotely lmao
These scams are effective because of a thing called Amygdala hijack which
“is an emotional response that is immediate, overwhelming, and out of measure with the actual stimulus because it has triggered a much more significant emotional threat.”
You can get any human to do dumb things if you can by-pass their logical brain and have them work off the lizard brain.
The hard thing is to actually get past their lizard brain and contact their logical brain.
My mom and I have talked about that kind of thing and she knows to call me directly if someone ever tries to say something happened to me. She’s not stupid, but maybe just not growing up with people constantly trying to scam her at every turn hasn’t prepared her for the depths these assholes will sink to, and they’ve gotten so much more sophisticated.
I got an earlier variant purporting to be from a friend who was stuck in London, had their wallet stolen, and needed cash wired to them so they could get home. That was remotely plausible based on my friend’s recent travels. I replied asking them to tell me where and when we first met and what we did the following day. They tried going back to reciting their story but I wouldn’t move until I knew it was really them. Fucking scum. They should be made to drink cold hotdog water that Satan’s hemorrhoids have been soaking in.
Another verification that works is “I’ll call you, let’s talk. What number can I reach you on?” They’ll usually drop contact at that point.
Ah yes, one of the neat advantages of being ace, easily being able to ignore people claiming to know you’ve watched anything sexual. Either because you never have, or because it’d have to be incredibly specific to ever be right, depending on how being Asexual affects you.
I wonder what those do with people who live in apartment buildings, lol.
It will show street view of the building or road
Pointless – you need to beep through 4 doors to get to my unit. Hell, the elevator won’t even take you to the right floor unless you can get a fob from one of my neighbours so that button will work. Stairs are locked to get ONTO a floor, so they’re only good as exit stairs without another key that only firemen get, and you can’t get in by rappelling onto my patio either, Ethan Hunt.
Nobody wants to get into your apartment. This thread is about a digital scam. Have you been paying attention at all?
And I’m behind four firewalls!
Which also has nothing to do with what’s being discussed.
I also have a locked door on my house what’s your point?
You have no idea what I’m capable of in <<City>>. 🤣
Such an obvious mail merge. I’d imagine there is a way to automate pulling the Google Street View images and pasting them in the document, but I don’t know how it’s done.
But yeah, I got version 1 from that article and just shook my head at such a pathetic extortion attempt. I was like, “C’mon now…everyone in my life knows I’m a polyamorous hedonist. I could sell some of them whatever video you could ever possibly have of me that you definitely don’t. 😂”
How much are you charging?
Seventy thousand dollhairs.
It’s all good.
I’ll just call it a deepfake and get on with my life.
Nothing deep about it.
how do they know your house tho thats what am wondering
They likely buy leaked data that would include things like your full name and email, perhaps an address. Even if an address isn’t there, legal data brokers often have your address for a small payment anyways. From there they likely use something like Google Street view.
I worked for an ISP that uses Openreach’s infrastructure in the UK. In order to make changes to customer installations or repairs we had to call an Openreach Contact Centre. These were basically big call centres in India. Many of my customers got contacted by scammers from India shortly after me contacting Openreach about their accounts using information like their address, contact details and information about the work they were receiving, and demanding things like card details to ensure the work went forward.
It was obvious Indian workers in those call centres were taking pictures of customer account details and using that info to scam those customers, but my company refused to do anything about it because we “lacked evidence” and just told us to let customers know any communication about their accounts would come directly from us and we’d never ask for any card details etc.
I’m certain any other companies, whether UK or US, that use centralised admin from India and similar places with poor security will be plagued with these exact same issues.
ohhh
If you are a homeowner, property transaction records are public information in the US. Plenty of data brokers collate from the numerous city/county databases for those who only know your name.
Oh
I got this one
Me too. They had an old address I lived at five years ago. I’m shaking, I’m shaking.
That’s the way to win. Never fill in your actual address. Just keep them trying and make up new fake addresses as soon as you can.
I got example 1 verbatim about a month ago complete with Google street view picture of my house. Jokes on them, all of my porn viewing is on an ancient tablet that does not have a front facing camera.
I got one a couple years ago that included an old password I had used to use. It was sent to my work email but because it had that info in it I did legit get scared…until it said it recorded me jerking it over my webcam. I don’t have a webcam.
I found out at least 2 other coworkers got similar emails so me thinks a shitty work vendor got hacked
ah yes, plaintext
I’ve got a variant of this one about 15 times (minus the picture of my house). I sometimes read it out to my partner for the luls. I never keep a web cam attached to my computer, so I find it even more hilarious with the details they go into about my jerking activities and the questionable porn I watch (everything I enjoy is insanely tame lol)
You make it tempting to actually read scam email …. Almost
They really are just looking for the lowest common denominators.
I don’t have a webcam attached to my desktop, and my laptop is only used for work, and anyway it has a physical plastic cover over the camera.
A lot of people will have a very similar setup so it’ll be very obvious that they don’t have anything. The only people this will actually catch out are those with a guilty conscience.
I bet they have a disproportionate number of politicians pay up
For me this would not work. I have my own domain and give out like me-authy@example.com So if the email is sent to that I wound just know who leaked my email adress. Change email and ban everything to to the old adress. I never get spam this way.
Do you send all outgoing email from individualized addresses too?
I do the same as you (raccoon.uber@ball.com), but all my outgoing emails come from (raccoon@ball.com), it worked great for about 5 years until people with me in their address book started getting hacked.
I can in Thunderbird but I don’t reply to companies. They have no reply email adress. Like here is your order number or there is our latest campaign. I use customer chat for help or company have internal message system like banks. In general I like to avoid using email due to the protocol design.
Thats pretty clever. I might have to start doing that.
It’s really not a hard screening algorithm: do I know this person, or have I done business with this company? OK, does the URL check out? Then I’ll respond to that person’s email or go log into that company’s website, not using a link from the message I received. Otherwise, it’s spam.
Also, there are no pictures of my dick online, or of me having sex. Anyone claiming otherwise doesn’t know me. Nice and easy.
My wife got that one twice already. Not very bright people.