| ▲ | novaleaf 3 days ago |
| I know of a Thai person who fell for an "e-work" scam over the last year. The hook was that you pre-pay some amount, do some trival work, then get like 500% return on your "investment". So they filter+train their mark by having them sign up for whatever financial transfer workflow, and figure out how gullable they are by giving them some payouts. A big part of this is some chat-group where lots of other fake-workers post comments saying how nervious/risky it seems and how sometimes the payment is delayed but they all eventually get paid. Eventually they let the mark sign up for some high-value amount, like equivalent of a few thousand USD. When the mark doesn't get paid, they contact the "technical support" team that then tries to social engineer the victim to loose even more money transferring funds the wrong direction (the scammers picked financial apps that make this mistake easiest). I kind of find it unbelievable that people fall for this stuff, but the obvious proof is that enough people do :( |
|
| ▲ | thephyber 3 days ago | parent | next [-] |
| > I kind of find it unbelievable that people fall for this stuff I remember reading a headline that being poor is equivalent to losing about 5 IQ points. Don’t know how true that is, but my intuition tells me that most people financially struggle, spend a lot of extra time worrying about money, and in general act a little more desperate and would be a little more aware/skeptical if their stress + financial situation allowed it. After a few years working in cybersecurity, I viewed EVERYTHING through the lens of “is someone lying to me?”. Emails, text messages, downloading software from a website/App Store, job offers, investment opportunities, etc.the surface area is limitless. There’s exactly zero chance that even an experienced professional with excellent eyesight, who reads up on the newest scams, who doesn’t have lots of family / social events to care for, etc will never get hacked/scammed. Even in the cybersecurity industry, almost all companies have abandoned the idea that there will never be a breach, and have moved towards thinking about resiliency, where any breaches that do happen are minimized or closed quickly/automatically. That’s a lot of words to say: even though I thought I would never get scammed, once I spent more time educating myself about how it happens, it seems obvious to me that scams work a percentage of the time and the scale of attempts is enormous. |
| |
| ▲ | netsharc 2 days ago | parent | next [-] | | > is someone lying to me?”. Emails, text messages, downloading software from a website/App Store And incredibly, someone usually is. Most software download sites have so many UI elements saying "Download", on their downloads page, but only one of them is the legit software you want, and others are some random software that paid money to the website to be there to... probably try to get themselves installed and scam you some more. I just checked the Google "play" store: searching for "Temu" (I know, dumb, but there was an ad on the main screen of the store), in the page of search results, the first install button is for the sponsored Alibaba app... Even billion dollar businesses are... trying to scam you. "Don't be evil" no more indeed. PS "full self-driving", also a scam.. | | |
| ▲ | thephyber 2 days ago | parent [-] | | I think the subtext of what I wrote in that paragraph was about the additional cognitive load of having to worry about every little action. For most people who are less informed about scams/cybersecurity, there is a lower cognitive load tax on their mind/attention (but that lower cognitive load results in less skepticism and more susceptibility to scams). Or put another way, the heuristics they use are at a different point on the tradeoff curve between effort/resources and accuracy. |
| |
| ▲ | neilv 2 days ago | parent | prev | next [-] | | > I remember reading a headline that being poor is equivalent to [...] Some government forms and processes for poor people assistance I've seen (and I imagine that forms and processes for new immigrants may be similar)... some of it is insanely kafkaesque, implemented with incompetence/indifference in both official communications/documentation, and sometimes on an individual human representative basis, with the effect of making no sense at all. So I'm not at all surprised if someone who doesn't understand how some category of things works in reality, is easily tricked into believing a scam. Because the scammer is no more ridiculous than some of the official government bureaucracy they've been subjected to. (BTW, I'm not anti-government. I support what some would call "big government". I'm only horrified at how poorly done it sometimes gets in the details. I know that, when it is done poorly, it is going to have very real negative effects on people's lives, including on the least powerful. I believe in good, big government.) | | |
| ▲ | pjc50 2 days ago | parent | next [-] | | > Some government forms and processes for poor people assistance I've seen (and I imagine that forms and processes for new immigrants may be similar)... some of it is insanely kafkaesque There's little political pressure to make it easier, and constant worries about "fraud" by claimants, or means-testing, which is turned into adding more and more fields to the form. | |
| ▲ | thephyber 2 days ago | parent | prev [-] | | I’m convinced that some of those Byzantine rules are underhanded ways to destroy the usefulness of the welfare system. Politicians actively use what is called a “poison pill” to make legislation unpalatable; there’s no reason they can’t actually poison a welfare system they don’t want to exist. | | |
| ▲ | AnthonyMouse 2 days ago | parent [-] | | There are two primary things that cause this to happen in reality. The first is that politicians want to get credit for creating the program, but also don't want it to cost a lot of money. Their incentive is to create a program that sounds good but does and therefore costs as little as possible. But making it obvious that it doesn't do much compromises the "sounds good" requirement, so instead they make a bunch of complicated rules and barriers that keep the price tag low but in a way which is difficult to understand. Relatedly, the people administering the programs are often under orders to accept some particular number or proportion of claims, again for budgetary reasons, and then if there are too many they have to start fabricating barriers themselves. The second is that there is no accountability mechanism. Some majority of voters support the idea of the program, but they've been assured that it was created and exists and have no idea what a mess it is, and only a small minority are recipients. So if things are unintentionally broken, they don't get fixed, because the majority isn't aware of the problem and that's the only thing that gets politicians to address it. It's not because of politicians opposed to the program. If politicians opposed to the program have a controlling majority then they simply repeal it. It's the politicians who support the (pretense of) the program who screw it up. This is one of the reasons why complicated systems with many overlapping benefits each with their own application process and phase out rates are so ineffective, and the better way to address this is with simple direct transfer payments like expanding the EITC or a negative income tax. |
|
| |
| ▲ | bsder 2 days ago | parent | prev | next [-] | | > I remember reading a headline that being poor is equivalent to losing about 5 IQ points. Poor people also spend a lot of time using cash equivalents rather than credit. There is a big advantage to using credit. For example, I don't worry too much about fraud on my credit card as the reversibility means that the banking system is taking care of it. If a suspicious transaction hits my ATM card, the bank absolutely jumps on it since it simply doesn't match my patterns of usage. On the other hand, if you are using your ATM card or cash transfer apps all the time, you're a ripe target for getting scammed. The protections are much weaker and the reversibility (if any) is much worse. This doesn't even get into the fact that, as a poor person, the people you are transacting with are also stuck in the same system for various reasons of various levels of dubiousness. | |
| ▲ | miduil 2 days ago | parent | prev | next [-] | | > After a few years working in cybersecurity, I viewed EVERYTHING through the lens of “is someone lying to me?” Oh thank you for highlighting that, I've had some instance where I'd suddenly have the urgent feeling that something I'm experiencing is a hoax and I couldn't tell why this suddenly surfaced back then, but I guess years of exposure to security does that to one. | | |
| ▲ | thephyber 2 days ago | parent [-] | | I think initially I did it because I had high network privileges in my position at a company which had an immense amount of sensitive data on important companies. Kind of a deep thought exercise to be hyper vigilant in my position of responsibility. Later, I think I stretched the thought exercise to start identifying new business opportunities (trying to find value in protecting against each of those things I identified). At the same time I grew “professionally paranoid”, I was learning about epistemology and skepticism (to try to understand the cultural and political changes of the last decade). It’s been a wild ride. |
| |
| ▲ | bdangubic 3 days ago | parent | prev [-] | | exactly this. anyone - regardless of who they are - can fall for a scam. and for exact reason stated in your last sentence! | | |
| ▲ | ChrisMarshallNY 2 days ago | parent | next [-] | | A few years ago, I wrote a blog post about my approach to risk management[0]. I generally look at risk as a two-dimensional graph, with the axes being Probability and Severity, and the action strategies as being Prevention, Mitigation, and Remedy. If we get realistic about likelihood and impact, we can figure out how to reduce the damage. One trick a wealthy friend of mine uses, is keeping a small checking account, that he fills with just enough cash from his brokerage, so that even if his cards/accounts get pwned, he can't lose that much. [0] https://littlegreenviper.com/risky-business/ | | |
| ▲ | bdangubic 2 days ago | parent [-] | | I have followed one simple principle for the last 16 years and have been incident-free. The communication with every business I am affiliated with in any way is one-way - I contact them. I never answer any calls or texts and I never answer any emails. no exceptions. It is amazing how much this simple rule just works. To fall for most scams you have to make a mistake which almost always involves you getting something, call, text, email… | | |
| ▲ | thephyber 2 days ago | parent | next [-] | | This is one of the best heuristics (because it’s such an short+easy to memorize). I learned it from my mother who is kinda low tech, but understood risk. But ultimately, it’s a heuristic and is imperfect. One example thing which bypasses weakness to this heuristic: when you import a programming language library or a “curl pipe bash”: how much research do you do to verify the authenticity of the library, the security of the package and contributors, that you didn’t typo and accidentally install a lookalike malware, etc? And then every time you take an action which updates the same thing, are you equally as rigorous and vigilant as the first time? | |
| ▲ | Marsymars 2 days ago | parent | prev | next [-] | | It seems like no exceptions would just make life needlessly difficult for me. I just received a monitor at no-cost because the first one I bought had a hardware defect - the company didn’t respond to my attempt to contact them, so I returned it to amazon and left an accurate review. The seller followed up and sent me a non-broken one. If I’d ignored this, not only would I be down a monitor, I’d have just assumed the entire product category - of which there seems to be only a single supplier (16” 2880x1800 AMOLED monitors that match up perfectly to 27” 5K monitors when placed in portrait mode) simply wasn’t workable with my setup for whatever reason. My dentist recently called to reschedule an appointment. I could have insisted that I call them back, but that just wastes everyone’s time for a conversation that has no real scam potential. | |
| ▲ | walterbell 2 days ago | parent | prev [-] | | Also applies to computers: no open inbound ports, and outbound only to known destinations. |
|
| |
| ▲ | 2 days ago | parent | prev | next [-] | | [deleted] | |
| ▲ | nradov 2 days ago | parent | prev [-] | | Can anyone really fall for a scam? I'm not particularly smart or wealthy and I've never fallen for a scam despite numerous attempts. Maybe I've just gotten lucky but scams seem quite easy to avoid. (I have had a few fraudulent charges on my credit cards but I don't really consider those to be scams and they're easy to resolve.) | | |
| ▲ | habinero 2 days ago | parent | next [-] | | Yes. Anyone can be gotten with the right bait. Most people are never targeted and there's a lot of things that mitigate spray-n-pray attacks, but when it comes down to it, human cognition just has some fundamental exploitable weaknesses. It doesn't really have anything to do with intelligence. For example, we're insanely good at pattern matching, but the flip side to that is we're not effective at spotting the rare subtle difference. | | |
| ▲ | nradov 2 days ago | parent [-] | | I've been targeted many times. I don't believe your assertion that my cognition has fundamental exploitable weaknesses. I think you're just making that up. Citation needed. | | |
| ▲ | habinero 7 hours ago | parent [-] | | I wasn't calling you stupid, my dude. Chill. Human cognition has evolved to be very good at some things but is terrible at others. We're great at spotting patterns, and terrible at spotting the rare subtle exception. If you haven't fallen for anything, great, but that's because no one has ever cared enough to target you personally. |
|
| |
| ▲ | crooked-v 2 days ago | parent | prev [-] | | Being average makes it easier, because nobody's specifically targeting you using information scammed out of your less canny family or coworkers. |
|
|
|
|
| ▲ | thephyber 3 days ago | parent | prev | next [-] |
| Different take: At the risk of accidentally demonizing the poor, I remember reading a think piece that could be summarized as “morals/ethics are a luxury only the rich can afford.” The gist is that if you can’t afford to quit your job on the spot and not worry about paying rent this month, you will always be victim to your boss’s unethical actions lowering your ethical standards. As an engineer, I have frequently challenged myself to empathize with the VW emissions scandal engineers, who were pressured to meet unrealistic emissions and deadlines. The managers didn’t have to explicitly tell them to build emissions testing defectors — they came up with that as an engineering solution to the requirements they were given. I ask myself: at what point would you have quit, and hopefully told the authorities? Also more recent example is the staff of the submarine that went down to the site of the Titanic and imploded. The CEO was apparently an unbelievable bully and took extraordinary risks, but the staff didn’t quit. One of them was a Scottish immigrant who moved his whole family to take the job. He was also worried about being blacklisted from the entire private sector submarine industry. There was a lot of friction to being able to exercise his highest ethical standards. Thailand is more or less at war with Cambodian war lords, who have tens of thousands of poor English speakers from around the world living in captivity, their passports taken away, running long term scams over the internet. When they have no money and no power to run, is it fair to blame the low level scammers for having fallen for a job scam months or years ago? The more financial pressure you are under, the more likely you are to tolerate an unethical environment. |
| |
|
| ▲ | derefr 3 days ago | parent | prev | next [-] |
| Always seemed to me that the correct response to this scam is to recruit everyone you know to go through just the first step of the scam and then quit while they’re ahead. Like taking a casino’s offer of free food and then leaving without gambling. |
| |
| ▲ | novaleaf 3 days ago | parent [-] | | IIRC they chat group was using LINE, where the scammers can delete messages / kick people at will. So more people joining just to make a few bucks from the initial payout just increases the credibility of the operation. Also the initial "tasks" the mark performs are worth only like a few USD. not worth anybody's time except for certain types of vulnerable people who not-coincidentally make good victims. |
|
|
| ▲ | veeti 2 days ago | parent | prev | next [-] |
| Just an anecdote but this happens in the west too. I literally woke up today to some spam Telegram "job offer" group that was vibrating my phone like crazy. And all of this in my native language of just a few million speakers. I wish I took some screenshots before trashing it, but the messages were just as you described. |
|
| ▲ | thisisit 2 days ago | parent | prev | next [-] |
| Even the best of people can fall for scams. It depends on how much you need the money. No one starts off thinking they are going to be scammed. The design ensures people enter this trap slowly. When people are hesitant they are given a taste of success - the 500%. Some people tap out here. Others want to continue to try their luck. But often they are stopped with reverse psychology that there are no low pay jobs and they need to pitch in more money. |
|
| ▲ | duxup 2 days ago | parent | prev [-] |
| There was a post on HN where someone followed through with a scam like this. It was very weird, the scammer walked the victim through some setup on their computer. They may have actually been selling video views and likes and other social media and advertising engagement fakery ... the process was surprisingly complex and the victim had an account page tracking their activity and payouts. |
