Krebs doesn’t mention it but The Register makes the connection;
https://www.theregister.com/2025/05/30/fbi_treasury_funnull_...
I mean there name is literally “Funnull”. They know exactly what they’re doing.
Edit: It's tough to give due processs to foreign individuals, especially those who don't want to be found. But there are many ways, including via their own government, or via the fact that American company resources are used for these crimes - everyone in the US connects through an ISP operating on US soil.
FBI investigated a bunch of scams and found somebody assisted scammers. It's not like they pulled a name out of a hat and sanctioned them.
It's the same law [1] that everybody is talking about w.r.t. Trump's Tariffs except that global trade isn't emergent while Funnull is a new actor.
[1]: https://www.govinfo.gov/content/pkg/DCPD-201600880/pdf/DCPD-...
However, he's also welcome to email an appeal [1].
Note: This is a civil penalty. Much like a traffic ticket and does not require a judge.
---
You won't necessarily show up in front of a judge if you get arrested. You may get released with no charges. You might also not get court time until a year+ from now inwhich case you'll probably plead guilty to time served regardless of the crime since it lets you out now.
Due process does not mean "judge approved". It just means consistent with written law.
[1]: https://ofac.treasury.gov/specially-designated-nationals-lis...
Many of the less-known providers are doing shady business, they provide shield for cracked MMORPG servers in the 00s, the most infamous one was "Legend of Mir" and was quite popular in East Asia underground market especially those Internet pubs.
https://www.bleepingcomputer.com/news/security/polyfillio-ja...
Not to start a big argument, but to my eyes the main usecases of cryptocurrency are to bet on them as a speculative asset or to use them for various forms of crime. Someone will probably tell me about some theoretical situation where it is a positive force, but I still think those are by far the two most common daily uses.
I suspect that for majority of the earth population the trust level is rather low, even though in some countries it could be different.
And my trust in the current administration is rather low.
I place exactly zero trust in what our administration says, because they've lied about the country's economic situation and what they're planning to do about it four times during my lifetime, and several more times during our parents' lifetimes. Our savings were cut in half (or more) several times because of this, and so much of it was lost, the total amount of time wasted working for effectively free is in the decades now.
There's really no reliable way of saving money long-term here, unless you scrounge enough to buy real estate or something else that is unlikely to be devalued to 30% of its original value with a stroke of a pen.
I can imagine why some people would resort to cryptocurrency and extracting money out of the country asap.
Perhaps if financial regulations were not so onerous, traditional payment processors like PayPal would be able to handle more types of transactions with a lower overhead. As it is, the large number of prohibited categories creates a demand for cryptocurrency. As you noted, inflationary monetary policy is another source of discontent. Perhaps if central bankers had exercised a bit more restraint, there would be less demand for cryptocurrency. The same can be said for capital controls and more...
So there is a bit of irony when posters appeal for even heavier regulations and prohibitions. These are the forces which have created demand for wholly unregulated markets. It shouldn't be hard to see how these overreaches have created a counterbalancing force. Tragically, these overreaches generate a safe-haven for additional bad actors.
And if you compare chances of that with chances of being deported to El Salvador prison... Well let's say frozen bank accounts doesn't sound that impossible.
To complicate things further, international transfers require cooperation not only between the sending and receiving states but also from states that control the transfer system. Any hiccup along the way and you may lose your money, sometimes forever (true story).
> And my trust in the current administration is rather low.
Again, I'm not sure you realize what the "low trust into the government" means for the rest of the world.
When you don't agree with the laws that are being broken in a particular case.
Of course, the opposite argument is "what about north korea", but it's a package deal is my point.
If almost half of the population disagree with something then it’s probably a stupid restriction to begin with.
When i first saw Upwork where hours were paid by the tracker in a guaranteed manner and people SIGNED for it, i knew West was doomed. I still find it hard to believe people can be that easy to dupe.
Level of trust in the Western societies needs to be radically reduced through government propaganda, church and other channels. The world has become global. Westerners are now a small minority in an ocean of people where the manner of relationship that will be seen as sociopathic in the West, is the everyday norm and always have been. If they won't adapt, they will cease to exist. The cozy world where one could trust another because they all shared fear of God and had a reputation to lose, is gone.
I think it’s also the kind of thing that can easily overwhelm anxious minds. The kind where “what if it’s a scam?” leads them to never taking a risk, donating to a cause, doing someone a favour.
Not that there isn’t a fight to be fought here. But waving the surrender flag on fostering a trusting society is a very weak move.
100% agree, and seeing it erode is painful (e.g., toothpaste now locked behind plexiglass).
But to steelman the parents point, while it is be good to be high trust society, that society may be poorly adapted when rapidly integrated into a low trust globalized world.
It's all using the same schemes that have been explained in the news over and over again, there's little innovation on that front. You have to be living under a rock the for past few years to fall for them, and yet people do. I think there's simply a certain amount of marks in every society, regardless of how its members trust each other, and the only reliable way of protecting them is managing everybody's lives DPRK-style.
https://www.axios.com/2025/05/14/childhood-hunger-food-insec...
During the initial pandemic, great strides were made in the United States to mitigate childhood poverty, but these measures were quickly overturned. Now the administration wants to defund SNAP and other food security programs. Alas.
If you feel wronged, you can take appropriate legal recourse.
Crypto offers no such thing.
If you don't then you'll easily get the bad side of it since abusing the power is not that hard.
modulo all the ToS / arbitration clauses, that is still the fundamental difference
and although not a recourse available to most people, still not nothing
Generally they're unwilling to do that because it involves losing money for them.
Transfers work in a multi-step process to ensure money isn't created.
You tell Bank A to transfer money to person X at Bank B.
Bank A tells an intermediary bank C to move funds from Bank A's account to Bank B's account. (This step is unnecessary if either A or B are large enough to be an intermediary)
Bank C lets Bank B know that it's gained funds
Bank B moves funds internally from Bank C to customer X.
If you want your money back and Bank C says it's already been withdrawn then somebody in A,B,C is going to take a loss. Personally I think we should have an easy way to pay in a 7d settlement or something. Who really cares if somebody sends a 7d settlement when buying a house as long as its done 7d before closing.
To the unending dismay of crypto fans, the same is true about cryptocurrency - but its design fundamentally gives the law less leverage and actual points an intervention could be made. That, plus the whole thing is very new. But that's just a transient state; this kind of immutability is not compatible with society or real life, so the only cryptocurrency-based systems that'll survive long term will be the ones that give up on the whole cryptoanarchy thing.
And then less people have bank accounts.
The scammer isn't necessarily the person with the final bank account. Its often somebody who was told they're managing payroll for some made-up company and they're going to get a 2k transfer and to keep 500 of it and withdrawal 1.5k of it as cash to do payroll.
While you may think that now only people who aren't scammers won't get bank accounts what actually is happening is that anybody that can be fooled doesn't get one.
https://www.bitsaboutmoney.com/archive/optimal-amount-of-fra...
Banks are more careful, and that's why they don't deal with certain kinds of transactions. And that's where crypto comes in to "disrupt banks" and "democratize finance".
Long term, crypto will be no different than regular currency and finance because people don't like getting ripped off and defrauded. We'll have a period of time with people pulling old scams but with crypto, and eventually it'll be regulated just like normal finance.
The dilemma is that you can either escape those regulations by going to unhosted wallets (self-custody) and transacting on the blockchain, or you keep everything (by regulation) entirely within the regulated intermediaries, but then there's no need to waste 1% of world electricity on some slow "decentralized" database.
You're the one that was defrauded. The bank processed the transfer exactly as you told them to. So therefore, if person X isn't providing the service you expected then you should have to go to the courts to get it back?
The general problem is that it takes a lot of leg work. Often Customer X was being defrauded through some payroll scam (they take out ~500 and forward the remaining 1500). So now you have to recover $500 from them and then trace the 1500 again. Possibly through multiple countries and their courts (who may see this as beneficial for their country; jury nullification goes both ways).
Irreversible transactions are not desired by anyone in payment networks. Consumers don't want to get scammed out of money. Merchants want customers to feel like transactions are low risk so they are more willing to make them. That's a big reason why merchants put up with the outright hostile to them system of chargebacks. Sure, you will lose some money to chargebacks you might think were not valid, but you have made much more than that back from liberalized spending habits.
Nobody benefits from irreversible transactions except fraudsters and other bad actors. And they benefit soooo much from transactions being irreversible. Why would you build and advocate for a system that explicitly empowers bad actors over anyone else?
An escrow is not a solution. The escrow itself could be a bad actor.
In such cases it is win-win for both the merchant and customer, the customer doesn't have to foot the reversibility overhead and the merchant is able to offer goods at the same profit margins but lower price which should yield more sales.
Basically everybody who's ever sold something in person wants to know they get to keep the money when the other person walks away with their stuff. It's the fraudsters in those everyday transactions who want reversibility.
So introducing another third party to trust makes it more complicated than the alternative of allowing transactions to be reversable.
Several years ago my credit card was stolen. I contacted my bank, who then accused my wife of cheating on me in another state (I know this didn't happen because there is no way she left 1000 miles away for several days multiple times between me seeing her, unless she has a hidden personal jet). By 'lying' about it being a fraudster instead of my wife who 'had cheated on me' the bank then accused me of bank fraud.
The bank then obtained fraudulent invoices, which were used to 'prove' I owed the money. They just buried me in false paperwork to the point I could never win. When the bank was done with all that, they closed my regular checking account too, because they had now flagged me as a criminal.
I will take anyday, an 'irreversible' crypto account over a banking system where they just close my other accounts because they think one was fraudulent because I was defrauded.
It was much more fun, at least, when Amazon tried to tell me one of my children must have taken my card and made the purchases. I took it to mean the children I have not conceived yet will have access to time travel, in which case I'm not even mad. Pranking me in the past deserves whatever trinket they bought!
IF reversibility is a desired feature of digital currencies, the market will bear that out. People can and will choose those currencies.
As with any "feature," there are tradeoffs, and it might well be that people en masse decide they would rather everyone control their own money than have central powers supervising, just as it might well be that people opt back into a system very much like the one that exists today, but with new efficiencies.
Adding programmability to money in the digital age was necessary. I don't know why anybody is surprised it hasn't reached some sort of final, settled state this early in the digital age. It basically only came into practical existence after the launch of smartphones and ubiquitous internet access. Give it a minute.
I'm confident that any other country who cares to (i.e., anywhere people bother to try to evade taxes) can also do so.
Obviously, you can't just reverse a cash transaction. It's one of the reasons people try to avoid using it in many situations.
You find the criminal, and the cash and give back the cash to the wronged party. With cash, the criminal can hide the cash in some random location, and nobody can say if they spent it or they lost it. With crypto, everyone knows where the money is. You just have to figure out the passwords to the wallet in some way.
The bank refused to return the funds. The concept that just because it is a bank and it must be irreversible, is totally wrong. Another very good example of this is the whole corrupt Zelle service.
Just google "zelle fraud" and go down the rabbit hole...
It's not a coincidence that a guy who was found liable for financial fraud is reducing regulations around crypto currency and then launched a meme coin.
What argument can even be had? This is factually true. Whatever other use cases were hoped for when it was invented, they have failed to materialize.
I have two bank accounts in Kazakhstan. Both card credentials were stolen after I used a popular hotel booking website, which, by the words of reddit, shares my card details with hotels. Some money was stolen. Seems like 3D-security only affects my payments, and theifs have a freedom to choose a website without 3D. Now I have to keep that cards always locked. Unlocking them for a short moments, when I need to make a card payment. Like booking an hotel, or buying an airline ticket.
That sounds great. What do you use?
Nothing more annoying than having your largest bill be worth about $20 and having to carry stacks of them around for things like just paying rent.
And before someone comes in with very specific, anecdotal examples - notice I said "common", ie not buying your indie music from a retro-Serb band that plays using the concept of instruments as instruments and from abandoned sewers; but only on Mondays.
I definitely feel like the majority of crypto traffic is primarily due to bubbles/moneymaking/bets/pumps+dump and then the secondary/next closest use case is for criminal activity. And then after that perhaps the myriad of much smaller use cases like people paying for Proton using crypto.
One of my favorited comments/threads:
The comment argues that for people in stable, wealthy countries, Bitcoin can seem unnecessary or overhyped. But for those living in countries with dysfunctional banking systems, currency controls, or even mild corruption (like Argentina), it solves very real problems.
Traditional financial systems often restrict access to dollars, limit foreign transfers, and are vulnerable to government seizure or devaluation, leaving people with few safe options to save or send money.
Bitcoin offers a practical alternative for remittances, savings, and financial autonomy in places where the local system fails to protect or empower its citizens. While Bitcoin may look inefficient compared to ACH transfers in the U.S., it’s a lifeline elsewhere, and one that could become more relevant globally in times of instability.
*: until I convert it to fiat
Challenge accepted. My positive use case for cryptocurrency pertains to someone like me being over sixty and worried about being swept up into the guardianship system. With most of my assets in crypto and assuming decent opsec, they would be inaccessible to the guardian. If a judge ordered me to grant access, could I be cited for contempt by refusing to comply given that I had already been legally ruled incompetent? If I were cited regardless, would the threat of incarceration carry any weight given that I would be already incarcerated in an old age home? Unless there's some principle the guardian is trying to uphold, the rational course would be to choose a different victim.
There are greater protections against elder abuse today, but often by the time their broker or finance manager finds out, the damage has been done.
You're worried about falsely being forced into a guardianship, but what happens if you actually do develop Alzheimer's or some other form of dementia and your family legitimately needs access to your assets to care for you? It's easy to say you'd just give them access before it gets really bad, but an insidious part of the problem is that someone suffering from such a decline either doesn't, or refuses to, recognize it happening.
She was an excellent card player 10 years before that, probably because she could recall most/all of the playing cards in the discard pile, so I'm sure she could have remembered a Bitcoin wallet passphrase — until the last few years.
Paranoia is a common side effect of dementia, and I’ve seen lots of anguish and money (legal/bank fees) spent on recovering non-life-changing savings that were just too well hidden. At least there was a fallback option to get them back – crypto would have been permanently lost.
Finding a middle ground between security and availability is hard even as a healthy adult and only gets worse with age.
The flip side of this is that there’s also a decent chance of your assets becoming completely inaccessible to anyone, including you or any of your successors (if applicable), unless you’ve made careful preparations involving time locked contracts or similar.
And yes, you’re probably safer against the enforcement of court rulings you might disagree with, but you are extremely vulnerable to blackmail or cyberattacks compared to traditional bank accounts.
youre going to be incarcerated in an even worse kept old folks home, and anything you actually try to spend on will be both spied upon - you getting a nurse to type in the secrets for you, or confiscated an sold before yoy could enjoy the results.
i think you'd be better off trying to tackle the problem directly, and get legal changes to how guardianship works, since itll still screw over your crypto assets
Functionally speaking you'd have to be incapable of calling a lawyer on your own, which means you'd already be under someone's care. Even if you're being scammed dry, the absolute last thing you want in that situation is a lack of funding.
Find someone who understands end of life financial planning and set up whatever trust-like scheme they recommend.
With spam like the below (note that the original contains mostly UTF8 characters to avoid spam filters). I get these every so often on the NOC and postmaster addresses of domains I manage.
It's not even phishing. Just spam blasts to find anyone uninformed enough to believe it, and insecure enough to be afraid of the (empty) "threat":
Ţaƙе a second tо ѕtор, іոhɑlе ԁeерly, aոd соոсеntrate оn this мeѕsaԍе. It'ѕ
сruсiɑl to gіѵe it yоur ϲомplete focus.
Wе'rе about tо ԁisϲusѕ а ѕіgnіficɑnt mɑttеr bеtweеո uѕ, аոԁ І'м аbsоlutely
ոоt kidԁіոɡ.
Үоu miɡht nоt recоgոіᴢe me, but І'м fаmіlіar with yоu and at thіѕ mомеnt,
yоu'rе lіkеlẏ ẇоnderіոɡ hоԝ, rіght?
Үоur brоwѕіոɡ hаbіtѕ hɑѵe beeո riѕky - ѕϲrоllіnɡ thrоuɡh vіԁеоs, clickіոɡ
lіnκs, аnԁ vіѕіtiոɡ some unѕɑfe ẇеbѕitеѕ.
I dерlоуеd мalwɑrе oո ɑո ɑdult sіtе, aոd уou ѕtuмblеd ɑcross it.
Whіlе уоu ẇerе streɑміng, ẏour ѕуѕtем wаѕ eẋрosеd thrоugh rdp, аllowing ме
full аcсeѕѕ to your deѵiϲe.
Noᴡ I cаn mоnitоr everẏthіnɡ oո your ѕϲrееn, rемоtеly ɑсtіvаte your ϲɑmеra
and мiсrорhoոе, aոd yоu wоulԁո't eѵen notice.
I alѕо hɑνе соmpletе ɑccеsѕ to ẏour eмaіls, ϲontаcts and other acϲountѕ.
I'νе beеո obserѵіnԍ your аctivitіеs fоr quite somе tіme now. Іt's ѕiмрlẏ
unfоrtunate for yоu thаt I ϲɑmе ɑcrosѕ whɑt уоuâνe beeո up to.
I speոt morе tiме thаn neсеsѕarẏ dіԍԍinԍ іnto уоur pеrѕoոɑl datɑ. І'vе
соllected a significɑոt aмount оf ѕeոsitіνе іnformɑtion frом ẏour devicе аnd
reѵiеwеd it thоroughlу. І еѵen hɑve reсordiոgs of yоu еոԍagіոɡ іn ѕoме rather
ԛuеѕtiоnаble behɑviоr аt hoме. I've сoмріlеd viԁеоѕ anԁ sոɑрshots (incluԁiոԍ
іmagеѕ оf ẏour liviոԍ spaсе) ẇhеrе оnе siԁe ԁisрlays the соոtеոt ẏou wеre
viewing, ɑnԁ thе other siԁе shoᴡs you... ԝеll, let'ѕ just saу уоu κոоԝ what I
меаո.
With a singlе ϲlіcƙ, I could ѕharе thiѕ with еѵery оnе оf ẏоur ϲoոtactѕ.
І uոderstanԁ уоur uncertaіոty, but don't eхpect anу leոieոcẏ from mе.
Тhat ѕaid, I'м рrерarеd tо let thiѕ ԍо aոd аllоẇ yоu tо ϲarry on аѕ іf
nothing еνer оϲсurred.
Неre'ѕ thе deɑl - I'm offеrinɡ ẏоu twо chоiсеs:
- Igոore this меѕsаɡe ɑnԁ fіոd оut ԝhɑt hаpреոs next. If ẏоu taƙе thіѕ рath,
I'll ѕhаre thе ѵiԁeo with аll уour coոtaсts.
It's ԛuіtе а reѵеɑlіng ϲlip, aոd I can oոlẏ іmаginе the huміlіаtіоn уоu'ԁ
facе whеn your сollеaɡueѕ, friends, and fаmіly ѵіeẇ іt.
But, ɑѕ they ѕay, аctіоnѕ have соnѕequеnceѕ. Dоn't роsitiоո yourѕelf aѕ thе
νіctiм here.
- Раy me tо kеeр thіѕ мɑttеr privatе. Let's rеfer tо іt aѕ a prіvɑcy fеe.
Hеrе'ѕ thе ԁeal іf you ԍo thіs route: уour sесrеt reмɑiոs sаfe, ոo one еlsе
ᴡіll eνer knоẇ.
Օոcе I reсеіve thе pаẏмеոt, І'll dеlеtе еverẏthіոɡ. Thе paуmеոt iѕ to bе
mаdе eхϲluѕivеly iո сrẏptо.
І'м ɑімing for a rеsolutioո that ẇоrκs for bоth оf uѕ, but mу termѕ are
fiոal anԁ noո neԍоtіɑble.
1100 USD tо мy bitcoiո ɑԁԁrеѕs beloᴡ (remove whitespaces if any):
bc1qt30ya4ssczyhzpe03t6jt8524hgfswe7pdxq9u
Onϲe the paymеnt іѕ мɑԁе, yоu ϲаn rеst еɑsy κnoᴡiոԍ І ƙeер му word.
Үou hаνе 50 hоurs tо сoмplеte the trɑnsaсtion, аnd btс іѕ the onlу fоrм оf
pɑymeոt І'll ɑccept.
Thе syѕtем I'vе sеt uр ԝіll ɑutомаticɑllу ԁеtect thе payment anԁ imмedіɑtely
dеlete eѵеrуthіnɡ I hаνe on you.
Don't wаste tіme rеѕpоndіnԍ or atteмрtіոg tо ոeԍotіatе - it wоո't work.
Іf І notiсe yоu'vе sроƙeո to аnyоոе about thіѕ оr ѕоuԍht aԁνicе, thе vіԁеo
will be sеnt to уоur соntaсtѕ withоut hesitatіоn.
Aոd ԁoո't thіոk аbоut turniոg off ẏоur рhonе оr attеmрtiոԍ a fаctоrẏ rеѕеt -
it won't мaκe a diffеrеոϲe.
І ԁon't makе errors, aոd I'm ѕimplẏ ԝаіtіnԍ for the pɑyмent.
I'd expect that each spam recipient is given a unique BTC address, so that they can be identified for further "blackmail"[0] should they actually comply.
And to clarify, the above message was received by a "postmaster@domain" account on 23 May 2025. And since I've been seeing them for at least a few years I can only assume they are at least occasionally successful.
There are other scams that target folks with bitcoin demands too. Likely with similar claims.
[0] https://malwaretips.com/blogs/ive-recorded-many-videos-of-yo...
Keep in mind that most of the world doesn't live in a perfectly functioning country with proper rule of law. Being able to use crypto to commit a crime in those countries is a feature. You never know when you will need this feature in your own. (Stupid example: tomorrow Trump wakes up and decide to block all bank accounts of non-citizen until they prove that they are in the US legally: will being able to make crypto transfers be good or bad ?)
But even assuming that all criminal use of crypto is bad, as our money become more digital, we are more and more dependent on a small number of payment processors that get to decide what is good and what is bad, regardless of the legal status (or decide that the legal status that matters is the one of the US, even if you live in Nigeria). This is particularly true for businesses that handle anything sex-related.
For an example of the latter, just a few days ago a payment processor suspended its services to Civitai [1] because it lets people to make ai-generated porn. "The company that had been processing credit card payments for Civitai made the decision to cease processing payments beginning May 23, 2025, due to their discomfort with enabling AI-generated explicit content."
[1] https://www.laweekly.com/civitai-ditched-by-credit-card-proc...
Interesting panel discussion on the state of crypto today at the Regan National Economic Forum event.
I believe it is the third panel in the stream:
https://www.reaganfoundation.org/events/videos/2025-reagan-n...
Perhaps the solution is trying to better understand how victims are acquiring and transferring their funds? Perhaps we need to regulate centralized exchanges to better protect their customers. In the U.S. it's necessary to pass some simple online questionnaire before trading advanced financial products like options/futures. Perhaps we need something like this for cryptocurrency? I'm just throwing out ideas, because I don't know the solution. But even if you think regulating it out of existence is the ideal outcome, that is simply not going to be possible at this point.
I don't know if there will ever be a global crackdown, but I know it's definitely not going to happen in the US, because, well, freedom, and the man in charge is all-in in crypto.
But at least some governments in the world see clearly that crypto does more harm than good and take action accordingly -- surprisingly China in this case.
It may not be the best solution, but it is a solution.
That said, China is one of the most authoritarian countries in the world. It has some of the most effective controls in place around media, speech, technology, and capital of any country. I'm not sure whether that model could be easily copied, and whether it should be copied is maybe a different conversation altogether.
Plus with advancements in AI, people are gonna have to finally get pretty good at seeing anything and thinking "I don't know if this is real, I should fact check it" but I personally think that'll never happen, people will continue to go on believing whatever they see as evidenced by YT/TT comments that I've seen on obviously fake or scripted videos.
There was a study recently (last year?) that found Millennials are more likely to fall for online scams than Boomers and Gen-X.
The reason is because Boomers and Gen-X grew up during the advent of the internet, when there was a lot of media about the dangers online. Millennials (and presumably Z's, too) never knew life before the internet, and didn't get all those warnings when it was spinning up, so they trust what they see more.
> INTERPOL argues that the term ‘pig butchering’ dehumanizes and shames victims of such frauds, deterring people from coming forward to seek help and provide information to the authorities.
"Romance baiting" is proposed instead.
https://www.interpol.int/News-and-Events/News/2024/INTERPOL-...
"Pig butchering" is more apt as the long con is like fattening up an animal before slaughter.
Reported to Vercel a bank phishing site weeks ago, no response still. It’s amazing how little companies care.
Declaring states that do nothing about these criminals as harboring terror is a good start. This is the same legal principle that resulted in the https://en.wikipedia.org/wiki/Barbary_Wars which stopped Barbary pirates enslaving US sailors.
But instead of forcing them, we have been letting them drag their feet while while regular people are losing billions to scams.
The whole phone system is ancient and long deprecated. When I get a call from my bank I should see their name and a badge of authentication. Not a random phone number.
Imagine you could register irs.gov and start sending e-mails from that domain. That is pretty much the current state of the phone system.
Un-fucking-believable no one is forcing change here.
They have these services and continue to offer them because they get paid for having them, despite the double decker bus sized hole this provides for scammers.
I agree 100% that there should be much tighter regulation on telcos.
What I'm not sure of is actually whether it's possible without having to rebuild a lot of their networks almost from scratch.
I like to do things in a modular fashion; sectioning off related parts.
The solution is to roll out signing for phone numbers. The owner of each phone number is known. It could even be published in DNS with ENUM. Most phone calls are from big companies like telcos and mobile providers. The VOIP callers would be harder to update, but could be restricted so can't spoof known numbers.
If going to roll out new identity system, easier to use existing phone numbers than make a whole new identifier system.
Anyone with BGP-equivalent access to the phone network can spoof numbers, even if they're coming from a landline. Might even be able to when you have a business landline terminated in a PBX.
i.e. the phone network backend is built on trust.
I got a call with the caller id of my (credit union) credit card company. They had my name and address, knew I had a card, and were claiming they were investigating fraudulent charges. It sounded more official than my actual credit card company. The only real things to tip me off was that the list of fraudulent charges kept changing, and they were super keen on me reading the entire credit card number back to them.
There were never any fraudulent charges, and the actual fraud department didn't seem to care.
I'm guessing it was due to the Experian leak.
From my limited research there seem to be a surprisingly large number of bad actors that own moderate swathes of ip address ranges and even Autonomous Systems (AS) that are known and can therefore be blocked.
I use OPNSense, which seems to allow AS blocking in the firewall rules, and also have some automated blocking based on external malicious IP address lists. My not very well maintained project can be found here: https://github.com/UninvitedActivity/UninvitedActivity
I have no idea if these sites would have been blocked by my setup.
Another concept I like but haven't put the research time into is blocking recently registered domains (RRDs). It would appear to be the case that RRDs probably aren't crucial to the average persons daily browsing experience, so blocking them for a certain period of time shouldn't cause too much hassle. There are some services that list them - problem is that there can be tens of thousands per day, which can be difficult to manage into lists compatible with various blocking softwares ( I haven't found how to automate it for pihole yet - but I haven't tried very hard either).
Choose your own level of "censorship" or choose none at all.
All such things can descend into the political mudpit, it just takes effort to keep the pigs noses out of the technical experts trough.
I don't know if it does anything for suspicious AS.
Should be (CCDN) then
duxup•1d ago
I know a friend who told me about a loved one getting scammed. Dude meets some girl from a foreign country online. Next thing you know he thinks she got him into some great cryptocurrency, and nothing anyone can tell him will make him realize he is getting scammed.
Sad stuff.
AuryGlenz•1d ago
To anyone reading this thinking it wouldn’t happen to your parents, don’t be so sure. I thought he was smarter than that, and at some point he was, but age dulls things.
He was a construction worker. That money didn’t come easily; he ruined his body to get it. I think these scams work in part because it’s hard for the rest of us to imagine so many people being so cold-hearted. It’s almost inconceivable.
jerry1979•23h ago
Centigonal•23h ago
AuryGlenz•22h ago
It all would have been so clearly a scam to anyone with any internet sense at all it blew my mind he would have been fooled.
Workaccount2•11h ago
A guy intentionally went down the rabbit hole of one of these and wrote about the anatomy of it. In his case it was a young (like 30 something young) woman who graduated at the top of dentistry school in Uzbekistan and got a large grant to start a practice in the UK. Something like that. They talked/flirted for weeks/months, sent pictures, all that. The mark of course lives in the UK and she will need a place to stay while she gets her feet on the ground.
Finally right as she is leaving to come to the UK there is a bureaucratic problem and she needs ~$10k to resolve it quickly before the grant lapses, and she cannot access the grant money for expenses until she is in the UK. Also her bank froze her account because of this mess so she needs to use these alternate means to get the money to her, and she can immediately pay you back upon arrival. You get the idea.
fennecfoxy•11h ago
For men; sexy pictures, flirting, promises or chances of physical intimacy.
Older, single or widowed people are especially vulnerable.
recursivecaveat•9h ago
abletonlive•23h ago
As much as I agree it's partially mental decline, it's hard for me to imagine it's not at least also partially a character flaw that would get you into this situation
JKCalhoun•22h ago
To be sure, I invest in order to see a return. That's greed, I guess? Or maybe not?
I think having (unrealistic) expectations of doubling your money in anything shorter than ... about a decade ... should be sending up red flags for anyone. "Make money fast" should fire the same neurons as "Put it all on zero and spin".
I had a friend who began to believe he had written code that could play the stock market and rake in the cash on trades (he was testing it on historical data and doing very well). The best way I could try to reel him in was to simply suggest that if it were so easy, everyone would be doing it.
Same goes for any get rich scheme.
AuryGlenz•22h ago
He is, however, pretty trusting. It took them months to get to the point where he was putting money in. I think he (naively) just trusted them. I wish he would have trusted us instead.
alexey-salmin•22h ago
Probably he trusted people who spent more time talking to him. I don't mean it as an way to blame anyone, I just think it's the way the trust mechanism is wired into the human brain, and this is why these scams work so well.
Ironically this mirrors the parent's frustration of "I wish my kid trusted me and not his dumb-ass friends".
AuryGlenz•21h ago
RainyDayTmrw•22h ago
guerrilla•11h ago
jimt1234•10h ago
He's a reasonably intelligent, humble guy. But he was also the perfect mark. He had just gotten divorced from a 10-year marriage, and he was lonely. So I wouldn't call his situation ego. I would call it loneliness. And I think that's how a lot of people get scammed. Everyone wants to feel loved.
guerrilla•10h ago
wmf•22h ago
SpicyLemonZest•22h ago
FabHK•9h ago
const_cast•13h ago
But we all have character flaws. Everyone. So we are all vulnerable. Not to the same scams, but to some scams.
abletonlive•6h ago
multjoy•12h ago
These scammers don't have code of ethics, they will push whatever emotional button they think will get the result they want. You're conditioned by society to respond to certain patterning, they take advantage of that in full.
tacon•12h ago
Alas, most good entrepreneurial activities violate the efficient market hypothesis. Ditto for many investments. Some people are more alert to opportunities, have better deal flow, etc.
https://news.ycombinator.com/item?id=28029044
creato•9h ago
I don't know how common the "savior" victims are vs. the "get rich quick" victims, but they definitely exist, at least according to various mini-documentaries on pig butchering I've watched. Maybe these victims were modifying the story to seem more sympathetic, I can't say.
AuryGlenz•22h ago
dehrmann•22h ago
It's usually greed. The aphorism isn't entirely true, but you can't cheat an honest man.
Windchaser•13h ago
But it's not greed in the sense of Ebenezer Scrooge or finance bros. All it takes is some pie-in-the-sky naivete and trusting the wrong person.
larrled•12h ago
FabHK•9h ago
silisili•23h ago
I've mentioned before here wondering if there is a name for this phenomenon, it's similar to sunk cost fallacy, but more emotionally charged. Like, the thought of having been scammed makes you put on blinders and keep going hoping you weren't. It doesn't make a ton of sense to me, but it happens all the time, to people of all ages.
This guy was only 53 and fell for the same traps, rather famously -
https://www.cnbc.com/2024/08/21/cryptocurrency-shan-hanes-pi...
AuryGlenz•22h ago
gosub100•9h ago
toomuchtodo•23h ago
AuryGlenz•22h ago
toomuchtodo•22h ago
Sorry for your loss.
petesergeant•21h ago
throwaway912312•19h ago
After tracing 250k wired in just 6 months, we detangled my mom out of potential liability and reported him. He was put into financial stewardship (= personal finances done by an attorney). He appealed and the court ruled he seems normal, so he could also be in charge of his finances with only a monthly checkup. We still had his email access. He contacted his scammers the day after promising more money soon...
Fast forward to today, he's broke, likley evicted from his auctioned off appartment in a couple of months at age 79 and dividing his pension between wiring it to scammers and eating just enough to stay alive. Lost all his friends (many borrowed him money), doesn't see his wife or grandkids grow up. The opposite of a happy end.
If you find yourself in such a situation: - I received a lot of valueable advice from the local anonymous addiction hotline (how to react, where to seek help). Best call you can make. - In Switzerland, the KESB (govt authority for protection of elderly and children) can help you. They had a neurological assessment made and a court put him financial stewardship. It would have saved him from himself if not for his appeal. - Think ahead and have one person act as "bad guy" - everything I tried was in consensus with the whole family, but I played bad guy. Of course my dad broke with me, but he keeps sporadic contact with everyone else - his only social contacts - priceless.
I see legislation improve hereabouts - my bank (in France) now requires to watch a screen for 3 seconds and confirm you're sure to wire X to Y and you are sure Y is Y before oking a transaction. Far from enough. We infortunately won't convince our dads that they are getting scammed, but better consumer (and boomer) protection is something we can lobby and vote for.
FabHK•9h ago
crossroadsguy•18h ago
AuryGlenz•10h ago
sagarpatil•23h ago
strogonoff•23h ago
See Number Go Up by Zeke Faux for a glimpse into that (and how cryptocurrency, in particular stablecoins, in particular Tether, facilitate it). True, much of book is largely about the weird cryptobro culture and FTX collapse, but research into pig butchering and personal travel to scam compounds was the most visceral part for me.
hamandcheese•23h ago
I think there might be a word for this.
wmf•22h ago
tbrownaw•22h ago
dfxm12•13h ago
fennecfoxy•11h ago
whimsicalism•23h ago
strogonoff•22h ago
While I don’t know anyone personally, a local semi-famous person was abducted in Thailand and sent to one of these compounds (except in Myanmar). He was rescued by a combined rescue mission of his country’s and Thai governments. This made big news a few months back, and resulted in a drastic reduction in Asian tourist travel to Thailand (which itself doesn’t run these compounds, but is a big destination for tourism), so much so that Thai government was (maybe still is) in panic mode because of it.
Remember how Thailand tried to enact measures even technically abroad, like cutting off electricity and Internet connections (and how these compounds are controversially using Starlink now)? This was all posted on this site in the year leading up to today, and the reason for it is that pig butchering related abductions driven by crime nearby states made it unsafe for most Asian-looking people to travel to Thailand. Does it create an impression of voluntary labour in your mind?
Perhaps in near term LLMs will allow them to reduce headcount so much that the bosses become willing to pay and less inclined to keep them captive, but so far claims that it’s all mostly voluntary labour just don’t compute with available evidence.
strogonoff•20h ago
SOLAR_FIELDS•10h ago
Usually, as you would expect, the employees don't really realize until after they are recruited in what they are doing, and oftentimes the money and job is cushy enough they are willing to set aside their morals to do it.
xsmasher•7h ago
merek•21h ago
I believe these guys can be a big part of the solution. YouTube creates a financial incentive for individuals to go down this route, and apart from being entertaining to viewers, it broadens awareness of scammer tactics, which hopefully means more people detect scams early.
I wish these guys success and hope to see more anti-scam YouTubers appear.
Examples:
https://www.youtube.com/@NanoBaiter
https://www.youtube.com/@KitbogaShow
teddyh•11h ago
No, YouTube creates a financial incentive for individuals to produce videos where they seem to do this. The problem of this is obvious, and if, as you hope, more of this content appears, there will not be enough people to check them all and keep them honest.