I really appreciate when people who've been scammed share their story. It's important to see how easy it is to be taken advantage of under the wrong circumstances. I personally follow the approach...
I really appreciate when people who've been scammed share their story. It's important to see how easy it is to be taken advantage of under the wrong circumstances.
I personally follow the approach of never giving out info when an institution calls me, except mayyyyybe confirming my name. Instead, I call back.
But, of course, Cory addresses this practice, and the circumstances that led him to not do that. It's a humbling reminder of our potential fallibility.
Well shit, I had no idea. Found a few Canadian articles that confirmed there can be a delay of 10 s after hanging up, so it's possible where I am, too. For other Canadians curious to rad more,...
Well shit, I had no idea. Found a few Canadian articles that confirmed there can be a delay of 10 s after hanging up, so it's possible where I am, too.
For other Canadians curious to rad more, news articles seem to call this a delayed disconnect scam.
Reading this, all I could think was: I wonder how much the credit union actually appreciated Cory Doctorow's "help"? Were they thinking, yeah this is great, this guy knows what he's talking about...
Reading this, all I could think was: I wonder how much the credit union actually appreciated Cory Doctorow's "help"? Were they thinking, yeah this is great, this guy knows what he's talking about and can help us harden our systems. Or: OMG, this fucking writer, why couldn't it have been anyone else to get scammed so we could move on with our day.
I had the same thought. There's a certain arrogance in thinking that people want your advice, even if it's good advice. (And, of course, we always think our advice is good or we wouldn't give it.)...
I had the same thought.
There's a certain arrogance in thinking that people want your advice, even if it's good advice. (And, of course, we always think our advice is good or we wouldn't give it.) And of course he can be a bit arrogant.
Read this over on Tumblr I think. I think it's possible to be like "ah that's the part you shouldn't have fallen for" but frankly, I'd have been scammed several times in that chain of events. I...
Read this over on Tumblr I think.
I think it's possible to be like "ah that's the part you shouldn't have fallen for" but frankly, I'd have been scammed several times in that chain of events. I agree than our systems are setting us up to make scamming easier.
I've shared probably every story about myself on the internet at one point or another, but I've never shared how I almost got scammed that one time: I received mail from [hotel chain] saying I won...
I've shared probably every story about myself on the internet at one point or another, but I've never shared how I almost got scammed that one time:
I received mail from [hotel chain] saying I won a cruise trip for two. It worked because
my family was in a rough place and
my sick mom loved loved loved cruises and indeed have entered a bunch of cruise prize contests hosted by different hotel chains and cruise lines
It had the [hotel chain] name on it
It almost worked. I'd paid for additional passengers over the phone with my credit card and only after calling up my sister did she immediately said, uh that's probably a scam. :l I was able to get my money back from the credit card company because we called right away
But yeah, any other time or small changes would have made it obvious.
AI won't make this worse, but business choosing to use anti human tech, cheap out on call centers and cost cutting automation will.
I agree with Cory on how the popularity of AI chatbots will accelerate companies' attempts to replace human support with automated support. It's probably not just a coincidence that every single...
I agree with Cory on how the popularity of AI chatbots will accelerate companies' attempts to replace human support with automated support. It's probably not just a coincidence that every single company I interacted with over the last few months now tries really hard to make me "talk" to their creepy personified bot, going as far as lying to me about how busy their support lines are and badgering me every 15 seconds while I'm on hold about how I should really be talking to the bot. It wasn't this bad before.
There can be so much shame in getting scammed. Especially if you consider yourself well educated. It really makes you feel like a n idiot for not seeing the obvious signs, but we need to remember...
There can be so much shame in getting scammed. Especially if you consider yourself well educated. It really makes you feel like a n idiot for not seeing the obvious signs, but we need to remember that we are just smart primates after all and that comes with biases than can be exploited, no matter how smart or educated you might be. Good for Doctorow in sharing this and making it less of a stigma. So in the same spirit, here's mine.
I was scammed on a domain name renovation several years ago. The scammers sent a mailer that looked to be from my registrar to my home address saying that it was about to expire. It had a phone number to call to do the renewal, which I called without much hesitation and gave my card number over. It was all fake and they scammed me of about $500 before I noticed and blocked the card. We really need to treat any public information about ourselves as a potential attack vector.
I refuse to give ANY information on an incoming call. They ask for my name I say sorry, I don't give out info on inbound calls, I will call you directly and see if you actually need something from...
I refuse to give ANY information on an incoming call. They ask for my name I say sorry, I don't give out info on inbound calls, I will call you directly and see if you actually need something from me.
This is occasionally frustrating as fuck because I'll have to wait on hold for over an hour to talk to someone who I had just hung up on. And sometimes I don't actually know which department was calling me so I never end up talking to them (or it was actually a scam that time, who knows).
Particularly scary to me are hey-we'll-call-you-back-instead-of-you-waiting-on-hold services. How hard is it to spoof Amazon's return-call service and call hundreds of thousands of numbers and one of them just wanted Amazon customer support?
I really want a standardized business-auth-to-the-user service. If I need to 2FA to talk to you, you better bet I want you to 2FA to talk to me. Seems like the kind of service a tech giant could run as a SaaS product.
I really appreciate when people who've been scammed share their story. It's important to see how easy it is to be taken advantage of under the wrong circumstances.
I personally follow the approach of never giving out info when an institution calls me, except mayyyyybe confirming my name. Instead, I call back.
But, of course, Cory addresses this practice, and the circumstances that led him to not do that. It's a humbling reminder of our potential fallibility.
Well shit, I had no idea. Found a few Canadian articles that confirmed there can be a delay of 10 s after hanging up, so it's possible where I am, too.
For other Canadians curious to rad more, news articles seem to call this a delayed disconnect scam.
Thank you for educating me!
Reading this, all I could think was: I wonder how much the credit union actually appreciated Cory Doctorow's "help"? Were they thinking, yeah this is great, this guy knows what he's talking about and can help us harden our systems. Or: OMG, this fucking writer, why couldn't it have been anyone else to get scammed so we could move on with our day.
Edit: typos fixed
I had the same thought.
There's a certain arrogance in thinking that people want your advice, even if it's good advice. (And, of course, we always think our advice is good or we wouldn't give it.) And of course he can be a bit arrogant.
Read this over on Tumblr I think.
I think it's possible to be like "ah that's the part you shouldn't have fallen for" but frankly, I'd have been scammed several times in that chain of events. I agree than our systems are setting us up to make scamming easier.
I've shared probably every story about myself on the internet at one point or another, but I've never shared how I almost got scammed that one time:
I received mail from [hotel chain] saying I won a cruise trip for two. It worked because
my family was in a rough place and
my sick mom loved loved loved cruises and indeed have entered a bunch of cruise prize contests hosted by different hotel chains and cruise lines
It had the [hotel chain] name on it
It almost worked. I'd paid for additional passengers over the phone with my credit card and only after calling up my sister did she immediately said, uh that's probably a scam. :l I was able to get my money back from the credit card company because we called right away
But yeah, any other time or small changes would have made it obvious.
AI won't make this worse, but business choosing to use anti human tech, cheap out on call centers and cost cutting automation will.
I agree with Cory on how the popularity of AI chatbots will accelerate companies' attempts to replace human support with automated support. It's probably not just a coincidence that every single company I interacted with over the last few months now tries really hard to make me "talk" to their creepy personified bot, going as far as lying to me about how busy their support lines are and badgering me every 15 seconds while I'm on hold about how I should really be talking to the bot. It wasn't this bad before.
They got sold the kool-aid that they'll save so much money by firing people, but in the end they just got sold an extra product that annoys customers.
There can be so much shame in getting scammed. Especially if you consider yourself well educated. It really makes you feel like a n idiot for not seeing the obvious signs, but we need to remember that we are just smart primates after all and that comes with biases than can be exploited, no matter how smart or educated you might be. Good for Doctorow in sharing this and making it less of a stigma. So in the same spirit, here's mine.
I was scammed on a domain name renovation several years ago. The scammers sent a mailer that looked to be from my registrar to my home address saying that it was about to expire. It had a phone number to call to do the renewal, which I called without much hesitation and gave my card number over. It was all fake and they scammed me of about $500 before I noticed and blocked the card. We really need to treat any public information about ourselves as a potential attack vector.
Did they get your home address and registra from a whois search?
Yeah
The full post: https://pluralistic.net/2024/02/05/cyber-dunning-kruger/#swiss-cheese-security
If only there was some kind of cryptographic way to verify ownership of an account without inherently giving access to it.
I refuse to give ANY information on an incoming call. They ask for my name I say sorry, I don't give out info on inbound calls, I will call you directly and see if you actually need something from me.
This is occasionally frustrating as fuck because I'll have to wait on hold for over an hour to talk to someone who I had just hung up on. And sometimes I don't actually know which department was calling me so I never end up talking to them (or it was actually a scam that time, who knows).
Particularly scary to me are hey-we'll-call-you-back-instead-of-you-waiting-on-hold services. How hard is it to spoof Amazon's return-call service and call hundreds of thousands of numbers and one of them just wanted Amazon customer support?
I really want a standardized business-auth-to-the-user service. If I need to 2FA to talk to you, you better bet I want you to 2FA to talk to me. Seems like the kind of service a tech giant could run as a SaaS product.