Monday, February 16, 2026

Isaiah 49:20-21

The children born during your bereavement
    will yet say in your hearing,
'This place is too small for us;
    give us more space to live in.'
Then you will say in your heart,
    'Who bore me these?
I was bereaved and barren;
    I was exiled and rejected.
    Who brought these up?
I was left all alone,
    but these—where have they come from?'
Posted by at No comments:

Thursday, February 12, 2026

Wrong place

I figure that I am always the wrong person in the wrong place and situation.

I am a scientist who believes in God.  I am a believer in discourse and consensus, in a world full of division and denial.  I am a devotee of lifelong learning, in a church that has reached new heights of anti-intellectualism.  A protector of those who think that they are too street-smart to be tricked or trapped.  I am a believer in donating everything that you can, in a world that believes every need is an opportunity for a side hustle.  A teacher in a society where most people avoid learning anything they can.  I am a believer in partnership and relationship, in a society which believes everything is a transaction.  A specialist in information security, in a world where no one wishes to take any account of risk.  I am a specialist in information integrity in a world which no longer believes in the truth.  I am a depressive in a society that worships positivity (even if toxic).
Posted by at No comments:

OSF - 3.20 - spam - packages

Package scams are probably yet another variant in the general class of advance fee fraud.  Packages, as well as various gift and lottery, scams have been around for quite a while, but they really picked up during the pandemic, when everybody was ordering things online.  Online ordering, and delivery services, are still quite active, and so package scams are still around.

I have a possible advantage over the scammers, in regard to package scams.  At one time I did a lot of reviewing of technical books, and so I was receiving an awful lot of packages, of books, through the mail, or via the various delivery services.  Therefore, I was more aware than most people of the announcements that you would, and would not, receive from delivery services, and so I was more able to identify the variations that indicated that something was a scam.

As with any advance fee fraud, there is the promise of a benefit to come, dependent upon you paying some kind of fee in advance.  In the case of packages, or the free gifts mentioned earlier, the fee is generally fairly small.  Usually, package scams are a kind of a one-off fraud, rather than the ongoing requests for a constant stream of fees or assistance that are part of the classic advance fee fraud.  However, it is possible that some of the package scams may involve an initial small fee, perhaps five or ten dollars, and only later report that you need to pay extra taxes or duty.


Package scams very often come via text, rather than email.  In this case, it offers us a bit of a twofer, in terms of red flags.  The first message is for a delivery scam.  How do we know?  Well, Canada Post isn't likely to host its rescheduling Website in Hong Kong (.hk).  So that's one indication, for a start.  However, as chance would have it, these particular scammers seem to be involved in a number of different scams.  You'll notice that both messages came from the same number, and one is for a completely different scam (threatening that you have not paid your Disney+ account).


These texts didn't come from the same number: this is from my reporting of spam to a research account.  However, you can see that there are a variety of package scam attempts: one purportedly from Canada Post, one from DHL, and one unnamed.  Notice also one mention of a "border fee."


I really love this one.  They've put a bit of thought into the social engineering: in order to prove that they actually have a package for you, they've sent you a *picture* of it!  Relatively few people would think to question the fact that the picture isn't clear enough to indicate who sent it, or to whom it is addressed.  I mean, it's not possible that someone just took a picture of *any* package and sent it to you, is it?


Posted by at No comments:

Wednesday, February 11, 2026

OSF - 3:15 - spam - red flags 3

A few more issues that can indicate that you should maybe not trust this message.


One of the things that you should watch for is any indication that the party that actually sent the message is not the party that the message is supposedly from.  In the case of this message, it is supposed to be from Shaw, who provide my Internet service.  Obviously I want to continue my Internet service, but, in this case, the message doesn't come from Shaw (a Canadian company), but from BTConnect, a British company.  Obviously a Canadian Internet provider would have no need to route their email via a different provider in Britain.

But there is another factor here, and that is a problem with Shaw.  Shaw, in providing an interface for email, should be providing its users with the information about who sent the message.  Shaw does not.  The creator of this message has crafted the message such that the "personal name field" shows "Shaw."  But Shaw, in presenting the message, does not provide the actual email address, only the personal name field.  The only reason that I was able to quickly figure out that "Shaw" wasn't the actual sender was that the images in the message were stored on an external server, and the email system balked at displaying them.


There are a bunch of fairly obvious red flags in this message.  Supposedly it is in regard to a Google Workspace.  Right off the top, we should suspect that nobody who works for Google would need, or even be allowed, to use an obviously external email server such as defence-s.org.  Then there is the fact that VCN (and particularly my account on it) isn't run by Google.  In addition, the link to contract.lisojea.contractors is extremely suspect.

However, note that the user interface for this system does at least give you this information rather than hiding it.


Posted by at No comments:

OSF - 2.40 - scams - naive AI?

In a posting about recent activities on Moltbook, someone made the observation that AI agents are pretty naive.

The observation was in regard to the ability of agents to successfully perform various tasks, but my professionally paranoid mind immediately went in another direction.

As we use them more, and particularly as we use them on the Internet, AI agents are going to get scammed.  Since I'm writing up a bunch of material on scams right now, this is kind of top of mind for me.

OK, probably most AI agents don't have any money, so, I can hear you say, how can they get scammed?  Well, they do have access to something of value: they have a lot of information about *you*.  In order to make them more useful to you, you've given them a lot of information about you.  You've probably given them access to a lot of your online accounts.  (Possibly you've given them access to your bank accounts and credit cards, in order that they may make purchases for you?)

And this, of course, is only one way in which AI agents could be scammed.

Somebody could claim to *be* you, and give them new orders.  Botnets on steroids?

I suspect somebody needs to think about this ...




Posted by at No comments:

Tuesday, February 10, 2026

OSF - 3.10 - spam - red flags advance fee

OK, most of these will have something to do with variations on advance fee frauds.


First of all, we've got this one.  You may not recognize it as advance fee fraud, because, in this initial message, it just says that you have won the lottery.  However, lottery winnings, particularly for a lottery that you have never entered, have become a very common come-on for advance fee fraud.

This is, of course, very fancy and official looking.  After all, nobody could go online and get the logo for FIFA in order to create a fake, could they?  It's even got a barcode, so it *must* be official!  (There are lots of sites on the Internet that will help you create all kinds of barcodes.)  In terms of lotteries that you have never entered, it says that it is your *email* address that has won.  That sounds reasonable, right?  Well, it has become an indicator that this is, in fact, an advance fee fraud.  That particular rationale has been used in a lot of examples of this type of fraud.

You will notice that it does not, initially, mention any kind of fee.  But you'll also notice that there are all kinds of oddities in regard to releasing the funds to you.  For one thing, it says to keep this confidential.  That is common in order to discourage people from discussing this message with others, and possibly being warned that it *is* a fraud.  Also, the money is to be released to a bank in South Africa.  This then allows the scammers to claim all kinds of bank transfer fees, and you'll have no way to verify that, because it isn't likely that you live in South Africa.

They seem to want a lot of information about you.  Even if you only replied with that data, and refuse to pay any fees, They could likely collect and use, or sell, that information for subsequent phishing scams.

Then there is the fact that, even though this is supposed to be associated with FIFA, the contact email is a GMail account, which anyone can create.  Then there is the verification of the winning number, which is to be via the PowerBall lottery in the United States.  (They probably pick a combination of numbers that *has* been drawn in the PowerBall lottery.  Which would have nothing to do with a FIFA lottery.

Oh, and the FIFA lottery?  You don't win money in the FIFA lottery.  You win the chance to pay FIFA a lot of money in order to buy tickets for one of the FIFA games ...



This is a message I received, recently, that was the opening of the gift card variation on advance fee fraud.  I replied to it, wondering what it was about, and got this in reply:


I did a bit of digging on this one, and this person is, actually, Senior Pastor at the church noted above.  But the message is undoubtedly not from him.  I have received messages in a similar vein, from unknown people, people that that I do know, and even relatives.  In this case, their email address and account have been obtained, probably through a phishing attack, and then is used for this type of scam.  As with the grandparent scam, the rush and urgency will require, at some point, that you send the gift card numbers, probably in another email, and then, as previously noted, the value is used and gone.



In this list, notice that several mention cash or benefits.  Once again, supposedly you have come into some kind of windfall, and you only have to claim it!  (*After* you pay the fees, of course.

But also notice that at least four of the messages are addressed to "Josefina."  One of the things that I am very used to is people incorrectly giving *my* email address as *their* email address.  So I have lots of email messages addressed to Ralph, Rufus, Roger, Ruth and others instead of my actual name.  And I'm used to spammers trying to *guess* at what my name might be.  But how do you get "Josefina" out of my name, or email addresses?  So I started to suspect that this is actually deliberate.  The scammers, trying to trick the greedy, and deliberately addressing a name that is very uncommon.  Social engineering comes into play again, since they assume that some people will feel that they can get in on cash that is rightfully Josefina's!  (And, figuring that they are pulling a fast one, will not be as aware of the fact that they are the ones getting taken ...)


And this is probably something along the same line.  The greedy will possibly assume that they can get away with someone else's Bitcoin purchase, by intercepting the email invoice that has gone astray.  And they are less likely to be watching for the indications that this is, in fact, a fraud.


At one point they were doing a lot in this regard with casino winnings.



Another very common variation in the advance fee space is in regard to inheritances.  Someone has died, and you are part of the estate.  Sometimes somebody has died, and you actually *aren't* part of the estate, but an unscrupulous barrister is willing to split the takings with you.  Beware of all enterprises involving the purchase of new identities.


Posted by at No comments:

Monday, February 9, 2026

OSF - 3.05 - spam - red flags 1

OSF - 3.05 - spam - red flags 1

So, here are some indications that the email, or text, that you have received may have some issues that you might be concerned about.


Actually, here's one to be concerned about, regardless of whether it's a text or a call.  Supposedly I have received a call (which I didn't pick up) from 604-555-1212.  If you watch a lot of TV or movies, you will recognize the 555 exchange.  It is, in fact, a reserved exchange, regardless of the area code it is under.  There are some numbers in it that are used purely by the telephone companies, for internal purposes.  There are no legitimate numbers that will call you from the 555 exchange, and that is why TV and movie phone numbers always use that exchange: nobody does, and nobody will.  (555-1212 was, at one time, and in some areas, used as a directory information number.)


This comes under the heading of, "if it seems to good to be true, it probably is."  All (well, *almost* all) of these messages are offering you something for free.  You have won a free prize, and all you have to do is confirm your account (which lets them steal your account) or pay the shipping fee, or the handling fee, or both fees, one after the other, and then possibly an additional fee after that ...  Sometimes this is a version of advance fee fraud, and they will be after you for multiple fees.  Sometimes they are after your account, and you may think that your account is of no value: after all, it's not a *bank* account.  But email accounts, social media accounts, and other "free" accounts can have a lot of value, even beyond the nuisance value of having to get a new email account and contact everyone.  For example, these days, a great many other accounts are tied to your email account, and you could lose all of them, as well.

This type of attack is a kind of subset of the larger class known as phishing attacks.  These are messages that attempt to obtain information from you, that can be used in other attacks.  Very often the information is about you: person information, but not necessarily *too* personal.  For example, what were your parent's names at birth?  Since many systems suggest that you use your mother's maiden name as a security question, this is information that can be used to break into your accounts.


This particular spam came via text, but it points up a warning that applies to texts, email, and even Websites.  The message says to make a claim at https://bit.ly/ICBCcove .  There are a couple of points to make.  The first is the https.  Some people may have been told, or believe, that this provides for some level of security.  It doesn't provide any security against scams or frauds.  The second issue is with regard to the site bit.ly.  This site is a URL redirector.  It is usually used simply to shorten URLs, but it can also be used to specify a particular name.  So, just because it *says* ICBC, it doesn't really mean that ICBC has anything to do with it.  Since it is a redirector, all it really means is that you have no idea where this link is sending you.  Always be somewhat suspicious of these types of links.


This is a fairly common type of spam, and scam.  These particular people are trying to steal your email account, and, as noted above, there are a variety of uses and values that they can obtain from it.  The red flags here start with who this email is from.  on the top line, towards the right, you will notice that the email is from someone at AOL.  I really can't see why someone in authority to remove your account, at Microsoft (*not* Micro Soft), needs to use an AOL account for email.  Also, as I pointed out, Microsoft is unlikely to spell or format their own name incorrectly.  The 48 hour time limit is yet another use of social media to panic people and get them to make decisions in haste, and without considering these factors.  (The "Dear Customer" salutation is also a bit of a flag.  If you actually *are* a customer, presumably they know who you are.)  The mention of the account not being updated on their servers is another oddity: *you* don't need to update *their* servers.

This particular message came to an Outlook ( Microsoft) account that I have and do use.  Outlook is particularly bad at spam filtering, and (rather oddly) particularly at identifying and filtering this kind of messaging attacking their customer's Outlook email accounts, which are often tied to other Microsoft services.  As noted, I do receive legitimate email on this account, but much of the time I find that at least three quarters of the messages I receive via Outlook are attacks on the Outlook account itself.  (Just something to consider when you are choosing email services.)

More to come ...


Posted by at No comments:
Subscribe to: Comments (Atom)