What? They've been lying to us?
Are you really trying to say that you can't trust it even though you read it on the internet? Say it ain't so!
"Hey there," the message begins. Out of the blue over Skype, someone I hadn't communicated with in nearly a year reaches out. "...thanks for replying...I had my laptop AND phone stolen from a hotel lobby and am locked out of all my Apple iCloud everything because of 2 factor authorisation. I saw you and a couple of other …
Who much to his surprise got extradited from Scotland where he had gone for sanctuary. Except there was no ICJ to appeal to, except there was: the Pope.
Unfortunately for Divine Right of Kings Charles I he failed to take the Declaration of Arbroath into account (it's the 700th Anniversary of that this year) in which us Scots assert our right to choose and defenestrate monarchs who do not rule in the interests of the people.
Doh!
BTW these days academics put the start of the English Civil War in the Bishops Wars here in Scotland and bundle them all together with other stuff as the Wars of Religion. Basically our version of the 30 years War over on the Continent.
Though Charles' Catholicism was a minor thing, it was his assertion of his Divine Right and diminishment of parliament which was the problem. Though the Bishops Wars were religious. An attempt to impose bishops on the Presbyterian Kirk. Along with landowners getting to appoint priests (who are elected by parishioners). That spawned the Covenant and Covenanters. Covenanter armies intervened in the ECW, on both sides at different times. Think big squares bristling with pikes with musketeers in between the pikemen.
When you think about the origins of the internet it is both amazing and depressing to see where things have gone to. Given that the ARPAnet was a military project to create a robust communications platform for when the shit hit the fan, the designers assumed it would be a trusted network. Now, it is for entirely (don't laugh) peaceful purpose that the lack of trust has exploded.
What I find infuriating is that I have no idea what the solution is. The idea of getting rid of smtp and replacing it with a secure authenticated mail relay service so you know who and what is being sent never happens. As to antisocial media - Bleurghhh!
"Given that the ARPAnet was a military project to create a robust communications platform for when the shit hit the fan"
No, contrary to popular belief it was not. The (D)ARPANet was a research network for researching networking. Redundant paths and the ability to switch between them on the fly were included for one simple reason: The hardware of the day was flaky.
"the designers assumed it would be a trusted network."
No, not at all. In fact, because it was designed to share information rather than blocking that sharing we didn't bother to make it securable.
The Military already had their own secure, fault tolerant command and control network in that era. You can look up SLFCS and then MEECN if you are interested.
By 1994 one could usually get a free dial-up through your local Uni, if you said pleaseandthankyou to the right people. Failing that, a lot of BBSes had free Internet gateways. And there was always UUCP for so-called "offline"Internet access.
The idiots were just idiots, same as since time immemorial.
Sometimes, just sometimes, it is genuine. I was waiting in the lounge between changing aircraft in Dubai when I got an email telling me that a friend was stuck in hospital in Bali and needed money to get home, as his insurer had declined the claim. Before I left home, I had seen him on TV two nights before, with his wife at his bedside in a story about the failure of insurance cover. The good news was that when I logged into the linked website there was a message from his daughter to say that the insurers had agreed to fly him home, and that they didn't now need the money (Obviously nothing to do with the unfavourable publicity from being shown on a popular TV news program two nights running).
Afterwards, I did wonder if a scammer could have set up something similar, if they had seen something like it on TV - In this case there was a photo of the daughter, and. the wife's and daughter's genuine email address, so it would probably have been alright; but maybe they could have found that out from social media?...
I dare say a dedicated attacker could have created a convincing fraud, if your friends are like most people in the wealthy world.
What mostly spares us from that sort of thing is that the effort involved means the return isn't as good as for simpler scams, which continue to be profitable for the scammers. So usually even off-the-cuff specific social-engineering attacks like this famous example from DEFCON are reserved for special cases, where some target has aroused the attacker's interest or ire.
Of course there are the regular "grandchild emergency" telephone scams, but those generally involve very little preparation, at least in the cases I've read about. Sometimes the attackers don't even know the child's name; as with other low-level scams, they rely on volume and very low costs to find enough victims to make the schemes worth their while.
Well sure, if you can explain how you'll get to it if you no longer have a phone or a laptop . . .
And, while you're at it, explain how you are using Skype at a hotel. They don't provide laptops now, do they ?
Most scams are rather easy to detect if you just use a bit of logic. You're not locked out because of 2FA, you're locked out because your stuff got stolen. What good is it that I send you money via PayPal if you can't get to it ?
Take me for a fool, why don't you ?
Hey <name of friend scammer is impersonating>,
you remember that time we were so drunk we ended up in a hotel room in the Bahamas with those two goats?
Christ, I'm so glad you deleted all the videos, because now I can ask you for $120 to make sure they never see the light of day.
Actually his friend is locked out because he didn't use 2FA and now this scammer has got hold of his email account to scam the author. You can tell it's a scam because the scammer is taking care to mention these two things and say the complete opposite.
Also, the scammer is probably sending the e-mail from a part of the world where hotels supplying computers is still relatively common.
Heh. I was thinking of this just a couple of days ago as I was planning the site for Shed 2 at the Mountain Fastness. The Stately Manor already has two sheds.1
I've heard that the Arthur "Two Sheds" Jackson sketch was inspired by an interview with Roald Dahl where he was asked about his "writing hut". A quick search didn't turn up anything to confirm that, though.
1Neither home has a garage, which is unusual for the US. Which is just as well, because cleaning snow off your cars Builds Character. Also, I hate the idea of leaving the house only to walk into an attached garage and get into a car, never having actually been outside.
you could always respond "I'll send you a check in the mail", get a mailing address, and then send a check, by registered mail, requiring ID and signature on the receiving end. Even sending it overnight express would work. Maybe worth it if you don't mind catching some "dumb crook" in the act of being, well, a "dumb crook".
Or, maybe you want proof it's someone you actually know. add "Please send me a photograph. So that I know it's legit, and not something you found online, hold up a sign that says 'I Am Sofa Kingdom!'"
explain how you are using Skype at a hotel. They don't provide laptops now, do they ?
Better hotels used to routinely provide "business services" rooms with desktop computers, printers, and the like. They're still fairly common in my experience. Even lower-tier hotels often have some elderly Dell desktop machine available for guests.
Only if you've allowed your innate sense of 'rightness' to atrophy in favour of letting tech do it all for you.
If it *feels* wrong, then it probably *is* wrong. I've spent the last two decades struggling with a sense of intuition that's the equivalent of a small pot-bound houseplant that doesn't get enough light and water - but yet it lives!
Spend some time listening to how you actually feel (not what you think you feel) and things start working out again, trust me :)
This advice was free, but for the advanced course you need to send me $60 via PayPal to -> Imamug@dork.cafe.net
"Only if you've allowed your innate sense of 'rightness' to atrophy in favour of letting tech do it all for you."
Yeah that works for us to a certain extent because we're in IT and have seen it all (on a regular basis). Even so, it doesn't work all the time. Who among us hasn't seen it-literate people being scammed in some fashion? And for the vast majority who haven't had all this practice at developing their bullshit filters the situation is even worse. The "OMG-they're-even-older-than-us" generation are particularly prone to internet-delivered misinformation and scams.
I partially agree. Use trains success for certain. But even if anyone is at a point to begin, math works for a reason.
Math for statistics and actual workable data, whether in IT or science as an example, works because of the precise and careful process.
So, if our eyes, ears and other senses work on basic math, then hopefully we can use those abilities with thinking and analytics too. I saw 5 seconds of Theranos, knowing nothing about the people or company, tech or investments systems and said "scam". Knowledge was not the process used to tell, the "they said 2 contradictory statements in one sentence" was!!!
and some always have - back to the dawn of human time.
That they do so using the latest tech should not be surprising. What this tech does is to allow them to try to scam more people much more cheaply than they ever have done before.
It is not a tech problem, it is a human one. It will never be 'solved' but might be reduced, this will be by human means (eg lock them up). Tech means might help a bit but cannot provide a cure.
Right, but these days, even if it's illegal, law enforcement has no ability or funding to actually enforce the law. It's a worldwide "austerity" effect - we have scammers everywhere and unless they steal from rich people they are very rarely prosecuted for internet crime. Yet we hound other people just because some body thinks they stole a couple of paracetamol in Wales. But steal on the Internet or via a phone call and nobody is interested at all.
It's nothing to do with austerity. The police have never dealt well with scammers. The police are there to keep law and order - but it should really be called "order and law". Because it's the public order they're worried about most, then violent crime, then everything else.
The fact that they're not equipped to deal with the modern world as it now is, and how important online stuff has become, is probably more to do with the fact that government and politics is quite cumbersome - and tends to react to social change very slowly.
"Because it's the public order they're worried about most, then violent crime, then everything else." You might hope so, but from my experience it's more like: Public order, crimes against rich/important people (particularly involving them being deprived of large amounts of money), violent crime, low level drugs; and then if you are lucky, the rest.
"road traffic laws", if only. The easiest way to kill or seriously injure someone and get away with it is to be driving a car and crash into the other person by "accident", sadly. There are many thousands of people whose friends or relatives have been killed by careless/dangerous drivers and the driver has received minimal or no punishment.
> It is not a tech problem, it is a human one.
Definitely, claiming otherwise is like those cases where a gun has been put on trial for killing someone... I came here to say the same thing, unfortunately I can upvote you only once.
Besides, there is no "lazy fool"-proof solution to that problem. Authenticate everyone at each step? Besides the "Big Brother" aspect of it, will it really help? Even not considering the obvious danger of forgery, how will the simple confirmation of some stranger's identity tell you if he is legit or not? There is only one solution, the same since the dawn of time: Use your brain.
It is not really the web which has created the flood of fake news, it's our new breathless style of life, where nobody actually values truth anymore, and news just have to be entertaining and confirm our beliefs. "Old" media like newspapers and TV spawn just as much "fake news", the only difference is that you have to be a media mogul to own TV channels and newspapers, but everyone can afford to spam "social media" or set up a website.
Human beings ability to trust others developed when dealing with a small number of people - the tribe or the village. The idea that this can be expanded to a vast number of people you have never met is delusional. There is no 'techno-fix' and never will be.
True, although even in a tribe and small village you can have a "untrustworthy" element, it's just statistically less likely, and you can spot it easier.
As for the unnamed masses out there, there is only one solution, common sense (which, contrary to what its name suggests, isn't that common...).
The problem is that people generally like to dwell in their preconceptions and to see the world through their own personal filter of understanding. That's also the reason why older people, even without any mental degeneracy, are an easier target for scammers: Their contact with everyday reality gets more and more tenuous due to their increasingly limited contacts with society (no friends, no work).
So, if you want to believe those obliging strangers suddenly going out of their way to help you are genuine, you are a much easier victim than somebody who stays alert and thus notices when things start going awry.
Some fish have them on their forehead. Some squid have detachable ones.
Some fish even merge with the female fish, in order to do their duty.
(There are really far too many species for my liking where nature just loves to remind us that males are essentially little more than self-propelling sperm dispensers, and often coming to an unpleasant end... Delicate external testicles certainly isn't a great design decision, but I suppose it's less worse than some of the other things that nature has dreamt up.)
Scamming using some sob-story or other is as old as the hills."I'm short of a quid to buy a train/bus ticket" is the one I hear most where I live, often with some claim of needing to make an appointment on time.
I solved my dilemma, as to whether I was being scammed or cruel and unkind in refusing to help, by accepting that I have more money than I need and could afford to lose a few quid down the back of the sofa or rolling off into the distance without any hardship that I set up my own rationed "scammed fund". A quid here and there and we're both happy, and maybe it puts a smile on the face of a deity or two. I guess I'm lucky because it is few and far between, would be different if every day. It's a small price to pay to have no anger, carry no guilt.
Some may call me a mug, but I would counter that we are all accepting being massively scammed in near everything we purchase or service we pay for. We all tolerate that and it's just a small part of a percentage on top.
Be very careful with that, because the point of asking for a small amount of change is often not really for the money itself, but for their buddies to see where you keep your wallet, so they can pickpocket you right after.
Other favourites include "beware of pickpockets" signs (because people reflexively check their wallet), "accidentally" spilling something on you and trying to helpfully wipe it off, tying "friendship bracelets" (often with the double scam of threateningly demanding ridiculous sums for it), some inane "street magic" act or 3 cup scam. More options available, but basically anything that gets people distracted.
And yet my wife still scolded me, when, sat in a cafe, a woman who was quite obviously a drug addict* from her demeanour, appearance and behaviour came up and started her spiel and I cut her off with a loud and forceful, "No".
Even though the scammer then proceeded to (successfully) beg money from the table next to us, and was trying it on people sat outside another place further down the street when I walked past five minutes later.
This sort of scam is as old as the hills, yet there still seem to be plenty of people taken in by it.
*The actual solution to drug addiction is proper treatment, and housing to get them off the street and somewhere safe. Decent social care for the most vulnerable was one of the first things to go under austerity, which is why our towns and cities are seeing an epidemic of homelessness, and of people with substance abuse issues. I'm not unaware of the problems such people face, but at the same time, I'm not giving them money to feed an addiction. I'll donate money to a shelter instead (and do).
How about: "bus ticket, where to ? I'll buy it for you."
I remember, years ago, being asked to help with the price of a meal. So I offered to buy a kebab from the shop that we were in front of; I was told "I do not like kebabs" -- so I walked off. If he had been hungry he would have accepted.
If you have nothing, the barrier to work is pretty high. First you need to make yourself presentable. You'll need to have clean, smart clothes, which means you'll need to have somewhere to wash, which means you'll need to have somewhere to live, which means you'll need a job...
By all means, you can acknowledge that giving money to beggars isn't necessarily a helpful thing to do (for reasons I outlined above), but being a dick to them just makes you look like a dick.
"If you have nothing, the barrier to work is pretty high. First you need to make yourself presentable. You'll need to have clean, smart clothes, which means you'll need to have somewhere to wash, which means you'll need to have somewhere to live, which means you'll need a job..."
Exactly.
There's a film I remember seeing from 30 years ago with that exact plot. A young druggie wants to get clean and is promised job in a restaurant but his bare feet need to be covered. The quest for footwear thus begins.
Personal Protective Equipment is the employer's responsibility to provide. Ordinary street shoes don't actually offer any more protection, in the eyes of Health and Safety, than bare feet. If falling knives, spilled hot liquids &c. are deemed hazardous enough to require special safety footwear, that's the employer's business to sort out.
Better than that, even: Act as though you're going to make up the shortfall, wait for the bus to pull in, get on it with them -- and then tell the driver to let them know when they get to [the last fare stage they can afford with the money they told you they have] so they can get off and walk the rest of the way.
Beggars get kicked out of towns, thus bus drivers are probably, as private company and allowed to turn away customers, told not to allow homeless back into the town or city.
So nothing to do with someone else paying probably. But more about keeping up appearances of solving a problem, when really just passing it on down the road.
About 20 years ago I used to walk to work through one of the main parks in town. One morning I passed a bloke who had clearly been sleeping on a park bench all night and was just getting up and packing his sleeping bag. He asked me if I could spare 20p so he could buy a small sachet of shampoo, because he had a job interview that morning. A likely story, I thought, but I gave him the 20p anyway and wished him good luck.
About three weeks later I ran into him again in town. He was dressed in new clothes and came over to me, and said "Remember me? Here's the 20p I owe you. I got the job. Thank you." I don't now care if I do risk getting scammed by handing anyone who asks some loose change, because if that good outcome is repeated just once it will make every single loss worthwhile.
@Rich 11: my philosophy exactly. If it's a small amount and I've got it (less likely these days due to rarely carrying cash), I'd rather take the risk I'm being scammed than risk not helping someone who needs it.
@sundog uk: more dog than human in your soul, I'm afraid. Compassion is not weakness.
Its an obvious scam and I'd have told the person so. Even if the person being impersonated was a close friend I'd have no sense of guilt because it is obviously a scam and they would talk (type) differently. For an internet only contact I'd never met? Well they are not a friend so I'd refuse even if it wasn't a scam.
This is even easier if you have never used social media, like myself. I don't think I've ever used Skype either.
My favourite scam is where they say they've hacked your computer and have video of you masturbating that they will release unless you pay.
Even if it were true, my stance would be "publish and be damned"...it ain't me that's going to be traumatised: I'm more than happy about the size of my penis and can stand some sarcastic commentary about my'O' face As things stand, I highly doubt that I've been videoed through the Rizla packet that's been taped over the camera since before the machine was switched on for the first time.
The other thing I like about it is that it is unambiguously blackmail, so the computer fraud chaps have something definite to work with when you forward the details to them; if they can be bothered.
It always struck me that you wouldn't have the screen of your laptop angled in such a way that the camera would record anything incriminating, unless your eyes happened to be in your balls.
Laptop cameras are, in my experience, without exception at the top of the screen angling towards the face of the person looking at the screen. The same goes for phone cameras.
Unless you're the sort of pervert who likes to toss themselves off over the laptop, then it's literally a case of "nothing to see here", even if the scam was half-way believable to start with.
I'd almost pay a little for them to publish. Almost. You'd guarantee some classic banter in the pub for a couple of weeks, plus younger folks going "Ewwww!" would be a source of amusement in it's own right. Probably worth a fiver. Then I could start a r/itgaffersgonewild subreddit and find some way to monetise it.....
Ain't me that would be traumatised.
On the other hand, I had a rather embarrassing conversation with a friend about this scam. She'd had the email, and because it had her password she believed she'd been hacked. I explained about the Experian leak (and others - but she was signed up with them) and how her password and email had got online for hackers to exploit.
What I didn't say was, "what have you been doing while using your laptop that has you so worried?" Because that's not a converational avenue I wished to get involved in. But of course it was always there in the background, and she's not at all comfortable talking about sex. So I was trying to think before I said or asked anything. Normally I just like to open gob and shove both feet in.
So I diverted into a riveting conversation about password security and why you should only re-use passwords on unimportant sites - and to change that password on any account it was still on. While checking it wasn't one she used for anything important.
However on the camera issue - if you're being naughty online while using an iPad in landscape mode - the camera might be a bit more explicit - depending if it's on the right or the left side of you I suppose. And whether you're an ambidextrous wanker...
Scams have been around long before the internet - they are merely now more prolific. A certain degree of cynicism and common sense are required to prevent yourself from being victimized. All scammers are sociopaths and look for any weakness they can exploit such as the feeling of guilt the author mentioned.
I can honestly say I wouldn't have any such feelings for someone whom not only have I never met but contacts me out of the blue to ask for money. What am I, a bank? You have no other relatives or close friends (big red flag) that can help you? Yes I can help you, but I'm not going to. The internet is a big place full of bleeding hearts, you'll find someone else to scam, move along.
Same for someone phoning me who I haven't seen in 20 years asking me for money. So in all that time you never thought to get in touch other than now to ask me for money? Clearly we're NOT friends therefore the answer is no.
This world is not for those fond of rose-colored glasses. The proper term is enhanced awareness, not paranoia.
I once spent an amusing 20 minutes letting a phone scammer try to talk me through changing my system settings so he could get control of my computer to remove a supposed virus. He was assuming I was running Windows. After about the first 15 minutes, he finally deduced I must be using a Mac and started swearing at me. I told him I was not using a Mac as I couldn't afford Apple gear, and the swearing got worse as I tried to do exactly what he told me to do, describing exactly what I was seeing on my screen. He finally hung up on me.
I was using XFCE. On BSD.
We rent out holiday cottages, and a sure sign of a scam is that the emailer knows nothing about our place and ask for multiple bookings. Often along "coming to your area" and generic stuff like that.
Year ago, a group of greek priests we often used, and when titles are used that is an alarm bell.
Sometimes I have been in doubt and answered tentatively, that usually clears is.
I think some of the attempts have been for the cheque forwarding scam, luckily we have never accepted cheques.
Oh, and then of course I have received the Nigerian 419 emails. As someone wrote as comment to the huge promised payouts: Give me £25000 and I will get anything out of Nigeria.
A neighbour of mine has over 4300 "friends" on FB!!! Yes, really...4300+ "friends".
*
This tells you a number of interesting things:
1. The meaning of the word "friend" has changed in the last thirty years!!
2. Technology (FB in this case) makes the impossible quite possible (4300+ "friends")
3. Technology makes the possible (back then) now quite impossible (Do you recognise a "friend" chosen at random? Back then you only had a dozen friends -- no quotation marks -- easy to recognise one)
4. And of course, as the author implies, "trust" is another word which has changed, to the point that it probably doesn't exist any more.
5. "The Global Village" -- much touted in the Sixties -- is here in 2020, and it doesn't look quite so attractive as it did back then.
6. Can't go back -- so we just have to suck it up -- even if it sucks!
Not all these problems are that unsolvable.
If something claims to know me, there always are control questions (both positive, when an answer exists, and negative, completely fake -so that real person knows that).
As for sense of guilt - a good portion of skepticism can cure it nicely. After all, Internet isn't safe place. "Put everything to doubt".
I wonder what would happen if, in this case, you offered to pay the cash to the hotel reception?
"Oh, how terrible! Just let me know the name of the hotel, etc. and I'll send the cash to reception for you to pick up."
I figure at least you'll get some fun whilst they squirm and try to find a reason why that won't work...
This article is right, but it didn't start with the Web. Lies, deceits and scams are nothing new!