Scams scams everywhere

in #security8 months ago

Scams Scams Everywhere


I ordered something from Amazon as a birthday present for someone. It arrived yesterday evening as expected. The delivery guy asked for my "passcode", which I gave to him, before handing me the package.

I didn't notice it at first, but when I went to open the package, I realised that it was already opened prior to delivering it to me. It wasn't left open though, they had tried to disguise the breach with the hope that I wouldn't notice. The seal had been broken, clearly, and there was a tear across it.

I called Amazon to verify that the item I received was the same one sent to me from their warehouse. It was, on this occasion since the serial code matched, but that has not always been the case. There was a time when I receive an item that had been swapped out with a fake by someone in the delivery pipeline.


It seems everywhere I look now, there's someone trying to scam me. If it's not people trying to pass off fake products as real, it's people trying to get me to click on some link. Don't even get me started on those "Carphone Warehouse" phone calls promising to cancel whatever iPhone contract I was on for a "much better" one.

Just the other day I removed the tiny few coins I had left on Bittrex, the centralised crypto exchange, because they had obviously been hacked and all our personal details syphoned by unscrupulous persons. I know this because I got a string of emails asking me to provide KYC "or my account will be disabled". Yea sure. See, the best phishing emails are they ones that most resemble reality. Right at the time, there was news of the US Infrastructure Bill having provisions requiring organisations to require KYC. Ah, but why would Bittrex not notify me when I log on to their platform? And why would I have to "authenticate the message" by signing on to this other "support platform" that just happens to be sitting on a non-bittrex domain? Scam much?

Not your keys, not your coins.

This morning, I got an email from "eBay" saying my buyer had been issued a full refund for the item they bought. Except I haven't sold anything on eBay for a while and, on inspecting the email meta data, it wasn't sen't from eBay. It did look legit though, in the same exact format that eBay uses. Again, these scammers are professionals. They haven't necessarily hacked eBay though. There is a lot of info that can be scrapped from the public facing end of the site, including emails, that can make these emails as effective as they are. Now that eBay is effectively a bank, having divorced PayPal, the incentive is even higher now for hackers to get into people's accounts.

One thing Google has given us, for which I give them a lot of kudos, is finally defeating the email spammers. They now block 99.99% of email spam that are potential scams. We just never see them anymore. I'm not even talking of the stuff in the "Junk" folder. I'm talking of the really nasty stuff. Google now has so much data, and the AI algorithm is so good, that not even the mighty spammers of old can get past it now. If you want to relive the good old days of the unusable email account, try running your own comment section on Wordpress.

I can imagine a whole load of people would have fallen for these scams. I've been at this game a very long time. While I'm still vulnerable, and could get caught out one day, I have developed spider senses for these scams. I can smell them a mile away.

Peace & Love,



I think it is fundamental that we all get proper education on cyber security and how to protect ourselves from malicious attacks from hackers. These guys are getting more sophisticated and the average isn't doing much to help himself.

Well for what it is worth, I hardly check my emails. and I am not falling for any too-good-to-be-true deals or any deal for that matter. i will make do with what I have

Yeah, part of the so-called freedom we want is responsibility.. so we are in charge of our own security.

... and you're right.. greed is usually present when people get scammed.

A friend was messaging dodgy links on FB, so it looks like he got scammed. He does know. Some of the phishing emails need a second look. There are so many people on the big platforms that the scammers have a good chance of getting someone to click. Gmail has good filtering. I have a personal domain where I need to be more careful as my address has obviously leaked from various places. I just worry that the average non-techie is not going to be as careful.

That's who the main target is, the average non-techie. They click, they don't even bother. I watched this behaviour with my mum, who just clicks anything that gets sent to her regardless.

Maybe such people need to stay on FB who might try to protect them. Most people have no idea of security. I tell them to use a password manager and 2-factor, but many won't.

sometimes I think just best to just stay in one spot and not get drawn into any hype so you don't fall for them, in saying that I am scared shitless...

It's crazy. some guys got arrested here in the past few days. they live in a giant mansion paid for by money made scamming people off their bitcoin.