Skip to content(if available)orjump to list(if available)

What's the deal with all those weird wrong-number texts?


Related. I listed something for sale on Craigslist recently and got a bunch of messages right away that asked obvious questions that were in the listing. One suggested that his wife pick it up, and can I take Zelle? Went silent when I said cash only.

But the most interesting scammer said: "for my safety, can I send you a 6-digit number, and you confirm it, so I know the listing is not fake?" I say yes, unsure what the scam was going to be, but sure it was a scam. Moments later I got an SMS from Google Voice asking me to verify my phone number. Mofo tried to steal my number, presumably to use it to scam other people. I was pissed and impressed.


They were not trying to steal your number. They were using your number to back a new google voice account, so that they could get another free number from google. It’s a common scam, used on facebook marketplace sellers as well, and actually works best if the victim has never used google voice before.


>> Mofo tried to steal my number, presumably to use it to scam other people.

> They were not trying to steal your number. They were using your number to back a new google voice account

I interpreted "steal my number" as "sign up using my number".

Perhaps the more accurate wording would be "impersonate me".

Either way, thanks for clarifying.


That's a fair clarification, I figured they were trying to move my number to Google voice, but now that you mention it I think that would require more paperwork.

I did cross-post to Facebook Marketplace :)


I don't understand why the 2FA texts don't clearly state what the intent of the code is?

Something on the lines of "you or someone tried to create a new Google voice number. Please enter this code xyz on the form to proceed".


Around here all banks that used SMS for 2FA did that. You'd get sms detailing the transaction - whether it's log in, transfer or anything. In case it is a transfer, the text included the amount and destination account.

Everyone mostly went to "authentication apps" now but those still show what are you confirming.

Not sure why it is not a common practice.


Yes, this is called WYSIWYS (what you see is what you sign) and I suffer whenever I receive a confirmation code saying absolutely nothing. However, when _you_ write the code to some trusted web app, there is that context, at least. But reading the code to some random person on the phone? No way!


It's probably a fine line between "brief and readable" and "detailed but people cut to the chase and get burned".


Do you really need a message like that? If you didn’t try to sign in But you get a notification, it’s pretty freaking clear what’s going on. Alternatively if you just signed up a new account you should probably expect a message like that


A common attack is to impersonate a trusted institution and ask for confirmation via an SMS code. The attacker is going through the lost your password recovery flow for 2FA, but pretends it's just for confirmation of identity. If they're smart they can even perform the attack twice and change the 2FA number for your account. If the code was accompanied by an explanation of the intent it would mitigate the attack, that's why.


Clear to whom? Have you ever worked with the average user?


I got a similar scam via instagram DMs recently. They claimed to need me to confirm a code so that they could log in, but actually just triggered my own password reset. Message sent from an actual friend's account (which they had presumably successfully scammed) too.

Certainly made me think about how password reset emails are worded!


Most of those are crypto scams. The IG account starts posting about how they got rich on crypto. This is a very prevalent scam.


I see a lot of these too. They take over regular people's accounts, e.g. people from school I still follow, probably brute forcing passwords, then they post all this content how they are self made off crypto but the person in the videos doing the prostelyzation is in no way shape or form the same person who previously held the account.

Clearly they do this to get a decent follower count initially for their spam bots, but my word is anyone who follows John Doe actually going to believe a scam video that is clearly not John Doe coming from John Doe's account claiming to be him? There has to be more effective angles.


A few years ago one of my friends pulled a prank on another friend and made a fake craigslist listing for some truck with his info. I don't think his phone has recovered from the spam to this date. There must be a thousand crawlers combing every single craigslist ad there is looking for information to add to these databases.


So, how many fake 6-digit codes did you give them before they caught on?


My exact reply was "lol fuck you"


500,000 on average


"How about you send a 13-digit number instead"?


How about you just send a freaking RSA key


I've got both those scams. The Zelle person sent me a fake email claiming to be from my bank and that to verify I needed to send them money so they could send me money, right...


2FA scams are common on /r/Scams


For a while I grew quite fond of wasting phone scammers time. I’d pick up, talk suuuuuuper slowly— like Emo Phillips speed at one syllable every one or two seconds— interrupt with irrelevant questions or anecdotes, and overall just see how long I could keep them on the phone without giving them any information. The best strategy I found was telling them that, yes indeed I did remember owing the IRS or whoever money and I could pay them however and insisting that first they needed to take down my new email address… I’d just start spelling random words incredibly slowly, say I messed up and start over, ask if they needed my checking account number to keep them engaged and then start spelling my email address again. They prey on intellectually disabled folks so pantomiming a stereotypical version of that wastes a ton of time while keeping their interest. Got boring after a while but I got pretty good at it.


I've had a lot of fun doing this with the "did you have an accident that wasn't your fault?" spam callers.

I always try to come up with a plausible accident that slowly descends into something, well, not so plausible.

My recent favourite has been admitting that I'd had an accident because my dog was driving my car at the time (he was begging me to, and I didn't want him growling all the way home, and he'd been such a good boy the whole trip so he deserved it).

Another is where I talk about an accident and a neck injury I'd received, until finally explaining that I'd been decapitated in the accident, and that it was causing problems with work, and how excited I was to finally get some compensation.


Lmao, those are hilarious!


In case you haven't seen it, someone automated this:


I didn't know I wanted this service until now. $2/mo? Hell yeah.

The sticking point, for me, is that I have to merge the call every time. Ugh. I want it to prompt me whether I want to blackhole a call like the Pixel Google Assistant, but instead of politely screening just torment the asshole.

For a service like that, I could imagine paying substantially more, possibly even for a premium service where the call would get transferred to a human tormentor.


Easy to build on Twilio. Then port your tainted number in, give a new number to the in-group. But the Twilio "clean call" plugins don't work. So, play the funny loop and offer a bypass for known-numbers.


Blocked in Brazil for some reason.


Brazil is, unfortunately, a known scam source origin country.


I wonder if these countries have some technical difference in their billing systems— like you could merge them into the call from a toll number and reverse charge them or something.


Slovenia too :)

> Block reason: Access from your Country was disabled by the administrator.


Turkey as well. And Poland, even.


even Papua new Guinea


another automated scam trolling service called lenny - Listening to some of these makes me laugh so hard my eyes start to water. The script eventually loops and some scammers don't catch on despite being implausibly being interrupted by a flock of ducks.


I thought this was pretty great:

My favorite part is when the guy uses the scammers real name and she panics.


I did that once while I was driving for an hour. They had already interrupted my podcast with the call and I didn't have anything better to do, so I engaged.

They eventually caught me when I didn't give the same fake SSN twice.


caught you, heh


I went through a phase where I was getting 4 or 5 phone calls per day, mostly companies doing strange surveys. I used to amuse myself by using a d20 and googling for top 20 manufacturers in different fields. What car do I drive? Pick from a list of phone manufacturers and so on. Spent the whole time sounding interested, friendly, and only occasionally pointing out I need to find my dice. The calls started drying up pretty quickly.


You might enjoy Kitboga's videos![0] His channel is basically him messing with scammers and going on tangents. I really enjoyed his collab with CallMeKevin.[1] There was also one video where he ended up calling a second scammer for "tech support", pitted them against each other, and made them get into a literal rap battle with each other.[2]





What's the longest time you kept them occupied?


Not OP but once a spammer called me when some long stuff had just started building and I was just sitting there watching the logs, fixing some random stuff on the fly, rebuilding and so on. I stayed with them on the phone for something like 40 minutes, after a while they started getting more "violent" until they abruptly hung up when it was crystal clear I was pranking them.


About half an hour. Earlier I had seen a video on YouTube of someone just driving through a city I was considering moving to— just car sounds. So I told the guy to stay on the line while I was I was driving to Walmart to buy gift certificates because it was only a 3 or 4 minute drive and kept being like "oh damnit... I took another wrong turn" every now and then. Eventually he heard me typing and hung up.


Wow, how interesting. I started getting these a few months ago, right after starting a new job in a somewhat high-profile area. I have been getting 1-2 per month but found them quite unusual because none of them ever progressed to an actual scam - just a few messages back and forth about the fabricated "wrong number" situation and then each thread would stop, seemingly earnestly.

Since there was no obvious scam, I've been wondering what the motivation for these was, and actually started worrying about whether someone might be trying to compromise my phone via some yet-undisclosed SMS exploit - why else would there be a systematic effort to get me to spend time exchanging a few pointless messages around the "wrong number" pretext that otherwise went nowhere?

I tried calling the senders by phone and found they were all Google Voice numbers, which eliminated the possibility that some actual rich guy had innocuously ended up with a number similar to mine.

I asked a few friends and no one else was experiencing the same thing. Glad to hear it's not just me.


If there's back and forth interaction I wonder if it is to aid improving their "legitimacy footprint" from metadata or something to avoid spam blockers.


This is a good guess and if true, pretty damn smart.

Essentially reverse engineering the spam model by brute force.

If they are doing this at scale they can experiment with # of conversations, length, and other variables to see what is needed to bypass spam blockers with high probability.


I've gotten a few in the last couple months, with a US cellular number that I've had for over 20 years. At least two are "I missed you at the gym today!" via text and another was from a Vermont area code via WhatsApp to a "Dr. Jack":

> Hi Dr. Jack! My cat is very slow and does not eat cat food. Can you make an appointment for me?

> Sorry, you have the wrong number

> Sorry, I just checked, I entered a wrong number, please don't mind. hope I did not disturb you.

> Best of luck with your cat!

> thank you for understanding. You are a kind person. where do you come from.

And then I just moved on with my day, because as nice as that sounded I wasn't looking for a conversation.

The contact profile image is of a young, attractive Asian woman, I think at a restaurant. No reverse image results on Tineye or Google.

[Edit: I’ve had this number for over 20 years (not “nearly 20”) and now I feel old.]


I also get messages on WhatsApp with similar profile pictures, although I’ve never replied or tried reverse image search. Some of the recent messages:

“Mike, this is my new number. Let's play golf tomorrow and talk about working together?” (My name isn’t Mike.)

“Hello, how's Kevin doing?” (My name isn’t Kevin and I doubt they're talking about anyone I know whose name is Kevin.)

The thing that always seems so weird to me is, if I’m on some list, why are there so few messages? Is this some group that keeps their list of numbers to themselves and is very disciplined with how often it sends out scam attempts?


Wow, I get the same messages about golfing with Kevin and Mike! (My name is also neither of those)


My spam horror show started after responding to a text similar to these. It was poised as a woman trying to connect with her daughter. I responded, and since then have had a deluge of spam and crap messages.


Oh wow. I got EXACTLY the same message, only with a sick dog and an asian woman in a car. I did the exact some response you did too. So weird.


I got this one: “Doctor Mike? My little dog moves slowly and won't eat dog food. Can you make an appointment for me?”

The profile picture was the smiling face of an Asian girl. I didn’t bother to respond.


A bit over a year ago, I received over SMS a photo of a young woman using her mouth to lift up her shirt and reveal her bra. Her face above the very bottom of her nose is not visible.

This was followed by the text "hi, is this Grèg frm Sañta Barbara?.? It is Jennifer."

Clearly some sort of scam is afoot, but I don't know what it is. And virtually no effort has been made to be at all convincing, given the diacritics.


There's a lot of lonely people out there who probably would welcome a friendly conversation with a random stranger. I bet that's the target audience for this scam.


The pictures are always super blurry, clearly fabricated or heavily doctored. Often I've gotten the same portrait for several scam texts from different numbers.


To be fair, my wife says the same thing about the photos I take with my phone.


There is no person. You are just helping train an AI


idk, I've tried baiting these -- respond with "no problem, your appointment is booked!" They will thank you and proceed with the "so what are your hobbies" part.


I got one today, addressing me by a wrong name and berating me for bullying some (female) name. Last line was something like "This is Jin."

It may have been a totally wrong number or the start of a scam. I decided not to engage and haven't heard back. Considering how mad they came across in the initial message, I can only assume silence means it was a scam.


I had almost the exact same exchange, with someone with a photo just like that! 747 area code, was it?


It was an 802 area code in this case, but I think it’s pretty clear now that these scammers have multiple personas and numbers to work with.


What would the motivation be for anyone to reply to a text from an unknown person? I have also been getting these for months, in it was 100% obvious from the get-go that it must be a scam. I have never felt the slightest urge to reply.


I got a peculiar msg the other day from a number I didn't recognize.

"Hey dude, Are you good? Do you still live in X?"

Turns out it was an old friend that I hadn't heard from in a few years!


I've gotten two messages in the past month of the form "Hi, is this <my real name>?" from unknown numbers. There's a chance they're real acquaintances, but the likelihood of them just being spam finding my name & number in some online database is too high that I haven't responded. If they were real acquaintances, I guess they would tell me who they are, right? Dunno, feels weird.


Or so you think...


I guess some of us are old enough that wrong numbers were a thing and it was just polite to let them know. Especially when it sounds legit


Considering how almost every form of social trust has been abused to either spam or scam me, I am old enough to remember that but have also had that politeness completely scrubbed from me.

I wish we still lived in a time when being scammed or spammed wasn't so prevalent, but we don't and I'm not doing anything that might tip off either of those groups that my number is ripe for the picking.


Wrong numbers generally used to be caused by misdialing.

Nobody dials numbers any more.


I meet new people fairly often, and if I just ignored these messages, the chance I'm actually being rude to someone I know in real life is fairly high. Now that I know the pattern I will probably be more circumspect about it.


I admit if I got a variant of the “Andy, will my custom mahogany furniture arrive next week?” text mentioned in the article, part of me would be very tempted to reply with, “Absolutely. On its way!”

(I’d probably just ignore it, though.)


I usually reply to these fake texts with something along the lines of "send newdz". Have yet to get a response back for some reason.


a good portion of these will show a photo of some hot young woman fairly early in the conversation, and trust the horniness of random dudes to outweigh their suspicion.



I’m a boomer. I don’t reply at all to any message from someone I don’t know. How dare you mock people simply because of their age.


I thought it was just me also. At first my assumption was "OK, I'm being redirected a bunch of texts from other numbers", as nobody else I asked had similar problems (and I wasn't really being scammed at all). Some of the scammers even sent pictures to make them seem more legitimate. On iOS, the green bubbles and just continual flow of similar texts eventually made it suspicions that I don't even reply wrong number anymore. I just delete and block.


Likely an exploit or simply a means to confirm the number is active. Getting those in the uk as well.


This always reminds me of some dudes in France who decided to counter attack the scammers. They basically steer the conversation off-script to something more tempting to the scammers, and then make them do stupid things. Like "I am sorry there is nothing I can do for you, but while you're here, we're looking for some partnership to develop a new NGO in Benin". And then it turns out the NGO is called the "Sauerkraut brotherhood", and in order to get the funds, you need to join the brotherhood, and send videos of you and your family singing an anthem praising sauerkraut while being dressed up in "traditional clothes". These threads could go for months.


I did this with some 419 scammers, and led them on a merry chase. I documented it in a private web forum, which entertained my friends for weeks.

I had created this persona which was just too good to be true: A bank manager who was getting ready to run off with his mistress, and trying to secure a future for themselves with a quick payout. This fake persona was a total maniac.

At the end, the scammers were super pissed. Sending angry emails, fighting amongst themselves. Eventually convinced them to admit to being scammers. I look back fondly on the experience.


Some years ago I was selling an expensive aquarium on Craigslist, a scammer ‘paid’ me with a fake PayPal payment before asking to come pick it up.

So I convinced him that I was the manager of a Red Lobster restaurant and it was an old lobster tank that we were selling. I told him to show up during business hours and tell the manager he’s there to pick up the lobster tank.

The next day I got some ‘on my way’ texts and then soon after a bunch of swearing at me.

Good times.


Actual scammers tend to not pick up the actual goods.

It's hard to turn a profit by reselling an expensive aquarium tank that's probably pretty unique and they don't come up for sale frequently.

I suspect you fleeced a real buyer


How did you know the PayPal payment was fake? Was it an edited screenshot, or did they actually spoof a 'you received money' email from PayPal?

I ask just on the off-chance that you got a seeming-real email from the real PayPal, and I'd like to know what to look for if so.


>I did this with some 419 scammers, and led them on a merry chase. I documented it in a private web forum, which entertained my friends for weeks.

It's a bit dated now, but 419eater[0] is a public forum that did the same. If you enjoyed your own, I expect you'll like this too.

I did the same a few times myself, but got bored after a while. I never did get anyone to send a photo of themselves with underwear on their head (as others on 419eater did), but it was amusing for a while.



419eater is still going (albeit a little slower since the forums switched), no need for past tense. I still get that sort of scam by the boatload to my email.


Possible they're the same story?


Terrified to consider what happens when these scammers get hold of large language models here in a year or so. Rather than fading into the background as this article posits, I expect people to have models finetuned on convincing them to make purchases/send money. Probably trained by being pitted against other models which have been trained on the mark's social media feeds. Train the scambot to perfectly push your buttons by having it practice against your own style of thought as embodied by your social corpus.


"Train the scambot to perfectly push your buttons by having it practice against your own style of thought as embodied by your social corpus."

Fortunately, that's not really what these language models can do. They can easily be trained to mimic you. They can be trained to mimic what normal people reply to you with. But there's no way to train the transformer-based high-probability-next-word AIs to be superhumanly good at fooling you into doing something, on the grounds of lack of training data, and probable inability to represent such a complex topic in their internal representation. And the humans doing this stuff are experiencing enough success that they probably have no desire to go chasing the super hard targets, with the wherewithal and motivation to chase them down and sue them (or... you know... worse, legal systems aren't a bound on everyone) even potentially across international lines.

You'll know when AI does get to that point, because suddenly the internet will be an amazingly interesting place with all sorts of amazingly good arguments you can't hardly resist. I imagine few of us experience that sort of internet. (If you do, uh, watch out.)


You don’t need to automate the whole process, just use language models to establish rapport for a few weeks and have humans pick up the gullible ones at the bottom of the funnel.


For sure. Or even for a few days to start. It's basically the same playbook as Waymo: get computers to do more and more of the boring parts, having human operators take over when necessary, and using the additional data generated to improve the system.


> But there's no way to train the transformer-based high-probability-next-word AIs to be superhumanly good at fooling you into doing something, on the grounds of lack of training data

The conversations of all those human scammers would be prefect training data for this. You even know exactly what conversations led to payouts. Assuming you can get all your data in one place, of course.


My context is someone who isn't already falling for the scams. It is true that you can train a model to follow through to those who fall for the scams the scammers already know, which is a fair point. My point is that you're not going to get a superhuman AI out of our current transformer technology that can talk you into believing you're a superintelligent camel from Arcturus IV and if you don't immediately turn over your credit card number, the Star Alligator of the Galactic Core is going to eat your homeworld.

GPT-3 may even gamely try to do exactly that with the correct prompt! But it'll fail. The result won't be cognitively dangerous to anyone with a grip on reality, it'll be risible.


That's not how how transformers work. They just babble loosely related content. They have no logical model.


>You'll know when AI does get to that point, because suddenly the internet will be an amazingly interesting place with all sorts of amazingly good arguments you can't hardly resist. I imagine few of us experience that sort of internet. (If you do, uh, watch out.)

Relevant XKCD[0].



I've long assumed they do the exact opposite - try to filter out people who likely see through the game so they don't waste their time mining a hill with no gold.

And they do this by intentionally making basic mistakes or other easy to spot errors so the clever people will just see themselves out and by the time their funnel gets to an actual human scammer, they have a highly probable sucker.


Exactly! Even Microsoft had a paper on this ‘Why do Nigerian Scammers Say They are from Nigeria?’ [1].

'By sending an email that repels all but the most gullible the scammer gets the most promising marks to self-select, and tilts the true to false positive ratio in his favor.’



A theory which would be more convincing except that [i] saying they're from Nigeria also filters out all the gullible people with spam filters, and yet despite spam filters now preventing the majority of gullible people from responding, the scripts haven't changed [ii] the more straightforward explanation is that they say they're from Nigeria because their ultimate objective is getting you to send money to Nigeria...

Ultimately if you're in the business of spamming people on the other side of the world in the hope that 0.001% of them will ultimately send a money transfer worth a month's wages in local currency, your time probably isn't so valuable you can't afford to deal with everyone that replies


If you have good automation in the form of AI replies, there is no need to filter.


They have, per the article, buildings full of slaves to do the selling. I doubt GPT-4 will be able to compete on price with that.


Per the article the scammers pay a minimum of $8,000/person, plus cost to feed, imprison, etc. Pretty sure that a model that only requires electricity and GPUs to run will work out being less expensive than this especially when you consider that GPT-N (YaLM-1T?) will be able to run as many scams as you have GPUs to run inference on concurrently, increasing your possible take, and won't have to sleep.


I think we can probably rule out OpenAI and equivalent cloud services allowing people to use their APIs to run phone scams. It's even worse PR than bots saying racist things.

And if they need to train their own model, you can get a lot of slaves and poor wannabes for the price of one competent NLP engineer, and the slaves and poor wannabes are less likely to decide they're the brains of the outfit and cut you out of the loop.


I am morbidly curious what the locations, salaries and working conditions are like. Because obviously they have to recruit people who have some basic level of English language literacy, so that commands a bit of a wage premium (even in India or Bangladesh) over truly unskilled labor.


The article goes into this a little. Obviously there are different groups doing this with different setups, but in some documented examples it's basically slavery


Assuming they don’t just do machine translation.


Yeah. I suspect we're only months, or a few years at most, from automation that's as good or better than these human slaves. Then they can A/B test their way to increasing effectiveness.

An interesting twist will be to pull the voices of your friends off social media videos and impersonate them to you.


Only a bot can fight a bot. I expect altruistic counterbots to come to people’s rescue by engaging the AI. Maybe a GAN?


In this case, the victim deposited the money into a fake crypto platform that told him his investments were performing well, presumably to entice him to deposit even more. Of course, once he tried to withdraw the money, he found he was unable to.

That sounds just like the "binary option" business which used to be run out of Israel. The Times of Israel blew that apart with "The Wolves of Tel Aviv" investigation series.[1] The binary option companies would hire new immigrants to Israel and put them in a call center to cold call and sell binary options sold by fake brokerages. The companies wanted people who spoke a foreign language so they could sell in that language. Scamming people outside Israel was legal in Israel at the time.

When, after years of scams, the State of Israel finally made that illegal, some of the binary options scammers moved into crypto. (Others moved to Bulgaria, where binary options were legal until a crackdown in 2021.) But the pattern is the same. Cold-contact, make friends, get people to invest in a fake brokerage, provide fake statements showing a win, refuse withdrawals.



> Scamming people outside Israel was legal in Israel at the time.

My head just exploded here. I think I need to go lie down. Please nobody tell the Florida legislature about this.


Quite real, though. Until it became so embarrassing to Israel that the law was changed in 2017.[1] The Times of Israel: "The crooks are still out there. Some binary options firms have closed down. Others have relocated overseas, including to Cyprus and Ukraine. Some of the prime movers and shakers have already adjusted their focus to other fraudulent fields — in the fields of diamond sales, cryptocurrencies, initial coin offerings and predatory business loans. Top scammers are still enjoying the vast overseas bank accounts, the yachts, luxury cars, exotic holidays and other profits of their ill-gotten gains." [2] That's a good article, and talks about the lobbyists, the political connections, and the refusal of the Israeli police to act.

The investigative reporter who broke the story, Simona Weinglass, frequently reports on how the Israeli financial scam industry has grown and changed. "Another 2 leading Israeli blockchain pioneers named as suspects in vast crypto scam"[3] A former Celsius CFO was one of them. Celsius, of course, denied there was a problem. That story was back in in March, three months before the Celsius collapse.

Somewhere, behind this new wrong-number/fake broker thing, there is probably an organized criminal enterprise.







Florida has been selling swampland to gullible retirees from other states for a long time.


"These are the new leads. These are the Glengarry leads. And to you they're gold, and you don't get them."


In Russia you can hack foregin countries too :)


The problem with Russia is not the law, but lack of willingness to cooperate.



This is an outrageous untruth.


I don't know that "Scamming people outside Israel was legal in Israel at the time" is how I would describe something banned domestically in March 2016 and completely in October 2017. It's not wrong but it comes across as misleading. That's disposing of a toxic industry but having to do it twice to make it stick.



the binary options guys were obvious scams to everyone but their victims, but if someone cold calls you to sell investments and you give them money you'd probably fall for a bunch of different scams.


That is true of most scams. They're tuned for one group of people over another. Everybody has weaknesses.

Having been on the internet a long time, I have seen a lot of people on forums, this one included, do the how-dumb-are-they routine about scams. I suspect a notable fraction of those people have gotten taken in the meantime. Look at how much of the cryptocurrency space, for example, plays on people's wanting to be seen as smart, superior, and technically savvy. That motivation drives a lot of learning and technical exploration, but it also makes people vulnerable.


Some of it is timing and bluster. I have a friend who is a smart guy, owns 4 restaurants, who got scammed by a fake utility company scam fishing for gift cards. They catch you at a vulnerable moment and are good at pressing buttons.

Even with old people, people don’t realize how many sales and scam calls they get. My mom literally get 30-40 calls a day. Odds are, eventually you’re going to crack.


What exactly is your point? Should it be legal to scam gullible people? The victims deserved it? The scammers are doing everyone a favor?

I'm having trouble parsing your intent here...


thats because you aren't interested in what I said, you're interested in trying to read my mind for intent, which has caused you to apparently assume the worst about me in every possible sense. Who needs to engage with that? not me.


Imitation is the highest form of flattery, and the cryptocurrency ecosystem is not bereft of imitation.


Most crypto scams involve hyping some token, a form of market manipulation, or other classic financial scams. That's a bulk business based on PR. Running a long con uses a different mindset. It involves conning individuals one at a time. That takes a lot of effort per customer and experience in one on one selling. That's not the usual crypto scammer's MO. This is more like classic long con people pivoting to a new product line.

The thing to look for here is who's behind the fake brokerages. It takes work to crank up a fake brokerage. In the binary option scams, it turned out that one company, SpotOption [1] was providing most of the software and expertise. They offered scam brokerages as a service. That's what needs to be tracked down.



SpotOption had a production output of $5 Billion in trades in 2015. Damn!


I got one of these, almost convincing enough except she said she lived in SF. I asked where in SF and she said Alcatraz. I almost wanted to keep the conversation going just to hear more about her life on the island


That was just a metaphor. She feels trapped by her life and you're her only way to freedom.


I had a similar one. They called me spoofing the local PD phone number and pretending to be the local cops with a very poor fake US accent. I was able to stump them when I asked if the Giants won last night. They went silent and hung up.


It’s like that bit from The Great Gatsby:

> “What part of the Middle West?”

> “San Francisco.”


Almost sounds like a cry for help. O_o Probably not though.


Simple: it's time to stop using phone numbers.

I use Apple's Messages. If someone spams me, I report them. They're blocked and have to go through the extra work of setting up a new account to try again.

Compare this with, say, Google. Gmail lets spammers / scammers have limitless accounts and they don't do shit when an account is reported for spam. You can block and report Gmail spammers all day long and you'll get nowhere.

WhatsApp apparently still uses phone numbers, and they're owned by a company that wants engagement at ANY price. Are any of us really so dumb that we think they're going to do the right thing?


I don't want one company to be the arbiter of all communications everywhere. Phone numbers work fine.


It would be good if phone companies weren't quite so complicit in hiding companies behind anonymous phone numbers, and relaying numbers for which they don't have verified origin info.


Supposedly today is the day that even the small carriers that were previously exempt from not having to comply with STIR/SHAKEN will now have to.

But its meaninglessness is demonstrated by the fact that I have received two spam calls (complete with "accurate" caller ID) since starting to read these comments.

So yeah. The phone companies are all complicit.


I don't want one company to be the arbiter of all communications everywhere. Phone numbers work fine.

For me too and if there is an application that allows to block numbers, spam is not a problem.

Now I use the Google builtin caller app antispam function. Most of the spam numbers have already been marked as such by somebody else. Even if that didn't exist I could just block the number after the fact and no more calls or SMSs.

I'd rather program that myself than relying the functionality to Google, I hope Pine or some other programmable phone gets to a usable state some day. But as of now, it's good enough.

Edit: I'm in Spain, not sure if that works the same in the USA.


Phone numbers have the same problem as email, though: because "everyone" is responsible, no one is responsible. The deluge of spam texts and calls to my public phone number is genuinely unpleasant and frustrating to deal with as, like, a person living in the world.

I practically don't use email anymore for those reasons, and a phone number hangs around only because right now I can't not have one for legal-type reasons.


email, at least, you can fully implement your own antispam solution in whatever way you want

at one extreme, you can just point the mx records for your domain at office365 or gsuite or similar and let them handle it

at the other extreme, you can point the mx records at your own mailserver you admin yourself and do absolutely anything you want with the incoming smtp mail flow for antispam measures, sorting, filtering, categorization, risk analysis.

the ordinary person even if they work for a telecom cannot implement their own phone number at one of the most fundamental levels of the pstn, because they don't run their own ss7 switch.

if you control your own DID and interface with it from a sip trunk to a trusted provider, running your own voip system, you can do a lot with custom routing/antispam measures on incoming call flow, but nowhere near to the extent that you can with email.


The way to solve this is by educating the people in your network about better security practices, not by giving away control over your communications just because of "convenience".


Phone numbers work fine but we're missing solid cryptographic verification systems on top of them.

Why are registered businesses not verifiable? Or at least banks and government departments? Why can't phones hold an ID in their cloud profiles so switching numbers let's your friends auto-uodate to you?

We could be doing so much better (with the goal of making it practical to whitelist only operate).


I agree with this.

For what it's worth my solution which may not work for others is to set the default ring/text tone to "None" and then add custom ring/text tones in my address book on my little throw away flip phone. It works great for me personally. I never get distracted by bots and just mass delete their messages without even looking at them when I get around to it. This method probably will not work for people glued to their phones.


An android solution is to only ring/notify the phone for people in your contacts. It's easier than giving individuals a ring tone as unknowns get the silent treatment by default. Basically just whitelist instead of blacklist.


I'm considering doing that to my personal email. Default deny, whitelist known contacts, auto delete the junk mail folder. If I didn't have friends and family using them, I'd just and outright. It's frustrating how much spam they send.


I'd give anything to get rid of my phone, but almost everyone you do business with (DMV, electric/gas/water company, etc) expects you to have one. Same thing with USPS and their paper spam. At this point they're little more than government-mandated spam delivery channels. Private companies are handling the spam situation infinitely better.


I don't think I agree with that. I rarely get scams via USPS, never get explicit or potentially damaging content, the senders are all in my legal jurisdiction, and the spam arrives once per day in a manageable format. Almost all of the content is from businesses in my local area, businesses that I have previously shopped at, or political ads.

Electronically from private companies I frequently get a larger volume of spam, malware, scams, explicit content, and most of them originate outside of my legal jurisdiction to evade the law. And it's a steady stream all day, on multiple mediums.

I'd take 10x the amount of spam in my mailbox if I could get rid of all of the rest of the garbage I'm bombarded with. I obviously would rather not have any of it, but the hoops you have to jump through to send snail-mail inherently filters out most of the worst garbage.


> I'd take 10x the amount of spam in my mailbox if I could get rid of all of the rest of the garbage I'm bombarded with

I for one would not. Digital spam is easy to deal with. There are automated filters, easy ways to block them, and the few that slip through are simple to deal with. Mailbox spam is physically painful to deal with and it's a massive waste of paper.


I have the idea (maybe wrongly) that people don't often use the USPS for scams because committing fraud by mail is a federal crime, and the postal service actually has inspectors with police powers who don't fool around once they get on the scent.


You aren't mandated to have mail or phone.

Edit: Noting a lot of downvotes on this comment, which is odd. I can only conclude one thing- don't be Amish on HN.

Perhaps this could be an opportunity to explore a different way of life, and a different community structure. It is not all horse buggies and barns.


Sure, I could move to the woods and live off wild berries for the rest of my days. But if you want to be part of modern society, your bank will mail you your credit card, and your water company will text you a code to login and pay. Realistically, what choice do you have?


I'm pretty sure you are mandated to have mail in the US, or rather the mails are mandated to deliver to you. IIRC it's constitutional.


I can understand the concept of Amish communities not having telephones or mailboxes, but that lifestyle seems inconsistent with the behavior of arguing for the merits of that lifestyle on Hacker News.


Apple Messages could have become an open standard to replace SMS, but they deliberately chose not to in the interest of locking in existing users, and locking out anyone too poor to own an iPhone. I'm not exaggerating, this is public knowledge.

So which one is "owned by a company that wants engagement at any price" again?


> Compare this with, say, Google.

Google Messages proactively detects spam texts and sends them to a spam folder, so I don't get notifications about these messages at all :)


Google voice has a poor shaken stir implementation that only blocks the most egregious spam calls and sms and does not let users choose to be more strict. It also does not support blocking phone numbers by pattern/prefix.


Apple Messages breaks if you temporarily use a different phone number on your cell. All chats in old threads were broken off into different threads. It was a disaster. You would think that since Apple knows this is still the same user that this would not happen?


Assuming you're talking about iMessage, comparing that to E-mail (GMail) is literally apples and oranges.


They're comparing it to SMS and voice calling on Android (and apples and oranges are very similar)


Do you just, not talk to people electronically who do not own Apple devices?


I don’t know how effective it is, but I report all SMS spam to my carrier (for T-Mobile, send content to 7726).

Does anyone here have inside knowledge about whether this does any good?


Well you're still getting spam, so probably not?


Turns out there’s more than one spammer.


I have received the exact scam on whatsapp. What the hell??

They claimed to be a banker (following the exact format from the exmaples in the blog) and I genuinely thought that they were a real person but even after I told them that they are texting the wrong number they kept forcing the conversation so I blocked them. A couple of months later they texted from another number but a different name but they continued the conversation from where we last left off.

Crazy reading the article now. I would have been devastated if I fell for it. I am usually very good at spotting scams.


I basically just send them all a big copy-pasta full of banned Chinese terms like 6/4, Free Tibet, Tiananmen Square, Winnie the Pooh, etc; they often leave me alone after that or act confused


This warms my heart! I'm going to start pretending like I know them, sending Wikipedia links to those topics, and asking what they think.


TIL Winnie the Pooh is banned in China


I swear, the moment I read "acquaintance is fate" I thought: This person is Chinese.


These are "pig butchering scams" run out of China.

They befriend lonely people (usually men) and slowly draw them into a crypto scam. It's a long con, takes a few months.