| ▲ | jmward01 6 hours ago |
| So, this is a crime right? Why isn't there a well known '911' for cybercrime to report things like this to and get help? Society needs to catch up with the actual dangers out there and build support networks for this ASAP. This is organized crime and needs organized defense to deal with it. |
|
| ▲ | mrhottakes 6 hours ago | parent | next [-] |
| Unfortunately most evil cybercriminals know the "one weird trick" of "do your crimes in countries that don't care about the crimes" |
| |
| ▲ | jmward01 5 hours ago | parent | next [-] | | I see several comments like this implying nothing can be done. But that is far from the truth. First, an agency that actually answered the phone could coordinate directly with LinkedIn and other tech companies to quickly take down these fake accounts and minimize harm to others. We all know how incredibly hard it is to contact a tech company. Second, an agency that answers the phone could help less technical people find what may have been compromised and push people towards support services if needed. And finally, maybe, they could do the hard job of combining leads and working with appropriate agencies to maybe find and prevent these things over time. | | |
| ▲ | nijave 3 hours ago | parent | next [-] | | Taking things down doesn't help much unless the platform has something in place to make it hard to recreate them. >they could do the hard job of combining leads and working with appropriate agencies to maybe find and prevent these things over time At least in the U.S., everyone will cry government overreach and no one will fund it. In other countries, they should probably just ban U.S. platforms unless they're reachable and actually resolve these type of problems. | |
| ▲ | noisy_boy 3 hours ago | parent | prev | next [-] | | Won't that require laws that allow the said agency to compel LinkedIn or whatever tech company to actually pay attention and take action? Like laws compelling tech companies to unlock the bootloader once they stop supporting a device. I wonder why such common sense laws don't exist and who is preventing them from being introduced and passed despite wide public support in general? | | |
| ▲ | jmward01 3 hours ago | parent [-] | | I'm not a lawyer but it would be odd if a government agency couldn't communicate a possible threat to a tech company. It is in a company like LinkedIn's best interest to set up a phone number/channels for a centralized agency to communicate potentially malicious accounts and other emerging threats. I suspect that actually already exists for big companies. I doubt they are required to -do- anything without laws but this seems like a win that is easy for all sides. The problem is likely mostly on the US (and other govt) side of things. No clearly defined agency with a clear mandate, resources and leadership to take on this task. | | |
| ▲ | evilduck 2 hours ago | parent [-] | | You're describing the FBI or your state level equivalent. And they actually do exactly what you are describing, but in measured efforts. I've even had them come by my place of employment before. They clearly lack the resources to work at this scale though. The problem with a phone number you suggest is that it will get spammed and abused with fraudulent imposters too (the complete and utter destruction of trust in phone calls and text messages should also be corrected by the government, but that's a different topic). https://www.fbi.gov/investigate/cyber |
|
| |
| ▲ | marcus_holmes 40 minutes ago | parent | prev | next [-] | | Won't that just create another channel for social engineering to delete a victim's account? | |
| ▲ | lukewarm707 3 hours ago | parent | prev [-] | | whilst reducing crime is an honorable objective, as we all know, increasing the wealth of tech billionaires must take priority. |
| |
| ▲ | Georgelemental an hour ago | parent | prev [-] | | Cut the cables |
|
|
| ▲ | eblume 6 hours ago | parent | prev | next [-] |
| https://www.ic3.gov You won't hear back from them, though. But, at least for US citizens (and possibly for anyone?), this is as far as I know the closest thing there is to an "Internet 911". |
| |
| ▲ | JumpCrisscross an hour ago | parent [-] | | > You won't hear back from them You might. (I have.) They were able to get a wire sent to a fraudster reversed. (Not my wire.) |
|
|
| ▲ | JumpCrisscross an hour ago | parent | prev | next [-] |
| > Why isn't there a well known '911' for cybercrime to report things like this There is! The FBI’s internet crime complaint center [1]. I’d also check if your state has a cybercrime unit. (Usually under the attorney general.) [1] https://www.ic3.gov/ |
|
| ▲ | john_strinlai 6 hours ago | parent | prev | next [-] |
| the main issue is that we lack a global '911'. secondary is the effort asymmetry between spinning up one of these scams (near 0 effort) and catching/prosecuting these scams (big effort, astronomical cost) |
| |
| ▲ | JumpCrisscross an hour ago | parent | next [-] | | > main issue is that we lack a global '911' 406 MHz is pretty close [1]. If you have a radio that screams on that channel, chances are the nearest search-and-rescue operation will at least be notified. [1] https://www.sarsat.noaa.gov/emergency-406-beacons/ | |
| ▲ | Diti 6 hours ago | parent | prev | next [-] | | > the main issue is that we lack a global '911'. 911 is for emergencies. I don’t think the global 911 service would give any attention to a LinkedIn scam. | | |
| ▲ | john_strinlai 5 hours ago | parent [-] | | i used the same terminology as the parent, and i think we all know what is meant by it |
| |
| ▲ | pocksuppet 5 hours ago | parent | prev | next [-] | | what about the outcome asymmetry between spinning up one of these scams (get one guy's computer) and getting caught (jail for life) | | |
| ▲ | john_strinlai 5 hours ago | parent | next [-] | | you arent getting jail for life for this, even in the extremely remote chance you are caught. you are probably getting more than one guy's computer, though. | |
| ▲ | Jolter 5 hours ago | parent | prev [-] | | I’m sure they’ve gotten more than one hot wallet from out of work crypto bros. Probably a profitable venture. |
| |
| ▲ | umpalumpaaa 6 hours ago | parent | prev [-] | | I don’t know but the us kidnaps ehhh arrests people on foreign land on a regular basis… and brings them to the US to stand trial. So if it’s “important” enough it will be aced upon… |
|
|
| ▲ | edm0nd 3 hours ago | parent | prev | next [-] |
| There is but the FBI is horrible at responding to cybercrime. They have IC3 but its basically useless. They arent going to help or even contact you if you report a crime to them. |
|
| ▲ | bityard 6 hours ago | parent | prev | next [-] |
| To put it bluntly and perhaps a bit cynically, on the tree of bad things that people do to other people, this is pretty high-hanging fruit. Right up there next to scam phone calls that prey on the elderly while claiming to be from Microsoft support. It's basically impossible to catch suspects because they are either smart enough to cover their tracks very well, or (more often) live in countries whose governments don't care about their citizens (even pay them for) scamming westerners. |
| |
| ▲ | Xirdus 6 hours ago | parent | next [-] | | Hard disagree on the scam phone calls. It would be trivial to eradicate them almost completely if the phone operators did the bare minimum to fight against it. At any point in time, any given US phone number is handled by exactly one phone carrier. There is nothing stopping that carrier from requiring name and address to issue that phone number. They already do for 99.99% of their legitimate customers. It would be very easy to make it so that every single phone call originating from the US, including all VOIP calls made with US phone numbers, can be traced back to a specific business or person that can later be sued or prosecuted. And no, number spoofing isn't an excuse either. We literally solved the much harder problem of email spoofing already. There are, what, 3 carrier networks in all of US? And they cannot do with each other what DMARC did for the hundreds of thousands disjoint organizations that comprise the internet? Please. | | |
| ▲ | pocksuppet 4 hours ago | parent | next [-] | | Number spoofing is not a solved problem because some carriers, which appear legitimate in all other respects, make a business out of routing your traffic over TDM trunks that don't support caller ID verification, and will claim it's extremely expensive to upgrade these to VOIP. | | |
| ▲ | OkayPhysicist 3 hours ago | parent [-] | | Fuck 'em? That's not a insurmountable problem in the slightest. Google or Apple could probably solve this problem themselves by simply not ringing the phone for any call that doesn't meet ID verification. |
| |
| ▲ | LooseMarmoset 4 hours ago | parent | prev | next [-] | | You are not wrong. They don't do this because they make money from the scammers. I have posted about this before. See here: https://news.ycombinator.com/item?id=35191971 | |
| ▲ | firefax 5 hours ago | parent | prev | next [-] | | >It would be trivial to eradicate them almost completely Absolutely true, but droning their data centers might have some policy repercussions. | | |
| ▲ | ungreased0675 3 hours ago | parent [-] | | A majority of people would enthusiastically support drone strikes on scam callers and their infrastructure. | | |
| |
| ▲ | a34729t 5 hours ago | parent | prev | next [-] | | Yeah 100%. It's criminal that this is not already done. | |
| ▲ | salawat 5 hours ago | parent | prev [-] | | KYC just for a phone number opens the door for societal ostracization and essentially blacklisting of people from infrastructure. This is on par with being unable to open a bank account if the capability is matured. I'd advise that you think long and hard about the consequences of this system being applied against you maliciously before signing on the dotted line. | | |
| ▲ | Xirdus 3 hours ago | parent | next [-] | | There already are laws that would prevent the exact thing you're talking about. A requirement to provide name and address would change absolutely nothing. And if legal protections are not enough for you then what are we even talking about? Your phone carrier could disable all your lines this instant with a few clicks if they wanted to; the technical capability is already there. They also have your name and address from listening to phone calls and triangulating cell towers - though realistically they didn't need to do it because you already gave them your details knowingly and willingly as part of starting the service, didn't you? I'd advise that you think long and hard about the consequences of the current system before saying the alternative is worse. | |
| ▲ | mschuster91 5 hours ago | parent | prev [-] | | > KYC just for a phone number opens the door for societal ostracization and essentially blacklisting of people from infrastructure. We have that in Europe and the world has not fallen apart. On top of that, we don't have even close to the scale of problems with scammers that the US has. I won't deny we don't have scammers because we absolutely have them, but they are far from the scourge they are in the US. > This is on par with being unable to open a bank account if the capability is matured. The secret is... we have constitutionally protected rights. Unless you do not pay your bills, your phone line will not get disconnected. And same for bank accounts - every European has the right to a basic banking account, even if you are a target of foreign sanctions [1]. [1] https://www.tagesschau.de/ausland/europa/konto-eugh-usa-sank... |
|
| |
| ▲ | Barbing 6 hours ago | parent | prev [-] | | Saw Microsoft has a dedicated scam reporting page - guess it was damaging their brand https://reportfraud.microsoft.com/en-us Wonder if they’re effective in going after reports. I’d still report to IC3/FBI/powers that be, too. Just in case someone somewhere has the resources to do something… perhaps a high hope | | |
| ▲ | mgiampapa 6 hours ago | parent [-] | | I get more calls from Google Security than any other thing. Oddly the Pixel's built in scam detection and call screening lets them through without fail. I normally don't have my phone even ring unless it's in my contacts, but saying you are calling from Google is like a magic code. | | |
|
|
|
| ▲ | throwaway85825 6 hours ago | parent | prev | next [-] |
| The scammers are in a different whole uncooperative country. |
| |
| ▲ | cute_boi 5 hours ago | parent [-] | | Or they may be in this country, but uses proxies, virtual machines, hostings from uncooperative country. | | |
| ▲ | throwaway85825 28 minutes ago | parent [-] | | Less likely and when they are usually they're immigrants and if they're investigated they just go back home. |
|
|
|
| ▲ | cluckindan 5 hours ago | parent | prev | next [-] |
| Yes. But the perps are in North Korea. |
| |
| ▲ | dakolli 5 hours ago | parent [-] | | [flagged] | | |
| ▲ | SauntSolaire 5 hours ago | parent | next [-] | | > simply for being one of the last communist countries Well, that plus their 50 nuclear warheads and continued ICBM development, amongst other things. | | |
| ▲ | kridsdale1 4 hours ago | parent [-] | | I read the other day they are making quite a turnaround in GDP by selling munitions to our enemies. |
| |
| ▲ | 5 hours ago | parent | prev [-] | | [deleted] |
|
|
|
| ▲ | pluc 6 hours ago | parent | prev | next [-] |
| Have you seen the state of *gestures at everything* |
|
| ▲ | stefan_ 6 hours ago | parent | prev | next [-] |
| You mean organized crime like NSO Group? Sorry, governments all over the world are too busy using them to spy on opposition to care. |
|
| ▲ | 6 hours ago | parent | prev | next [-] |
| [deleted] |
|
| ▲ | calvinmorrison 6 hours ago | parent | prev | next [-] |
| yes this is a crime. |
|
| ▲ | deejaaymac 5 hours ago | parent | prev [-] |
| Cool let's hear your solution, you seem well versed on how infosec works. |
