No Stupid Questions
No such thing. Ask away!
!nostupidquestions is a community dedicated to being helpful and answering each others' questions on various topics.
The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:
Rules (interactive)
Rule 1- All posts must be legitimate questions. All post titles must include a question.
All posts must be legitimate questions, and all post titles must include a question. Questions that are joke or trolling questions, memes, song lyrics as title, etc. are not allowed here. See Rule 6 for all exceptions.
Rule 2- Your question subject cannot be illegal or NSFW material.
Your question subject cannot be illegal or NSFW material. You will be warned first, banned second.
Rule 3- Do not seek mental, medical and professional help here.
Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.
Rule 4- No self promotion or upvote-farming of any kind.
That's it.
Rule 5- No baiting or sealioning or promoting an agenda.
Questions which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.
Rule 6- Regarding META posts and joke questions.
Provided it is about the community itself, you may post non-question posts using the [META] tag on your post title.
On fridays, you are allowed to post meme and troll questions, on the condition that it's in text format only, and conforms with our other rules. These posts MUST include the [NSQ Friday] tag in their title.
If you post a serious question on friday and are looking only for legitimate answers, then please include the [Serious] tag on your post. Irrelevant replies will then be removed by moderators.
Rule 7- You can't intentionally annoy, mock, or harass other members.
If you intentionally annoy, mock, harass, or discriminate against any individual member, you will be removed.
Likewise, if you are a member, sympathiser or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people, and you were provably vocal about your hate, then you will be banned on sight.
Rule 8- All comments should try to stay relevant to their parent content.
Rule 9- Reposts from other platforms are not allowed.
Let everyone have their own content.
Rule 10- Majority of bots aren't allowed to participate here. This includes using AI responses and summaries.
Credits
Our breathtaking icon was bestowed upon us by @Cevilia!
The greatest banner of all time: by @TheOneWithTheHair!
view the rest of the comments
The same reason a lot scam emails are riddled with typos, follow recognisable formats (eg nigerian prince) and can be easily determined as scams. If you can spot it, you aren’t the mark. It’s a form of selection bias. If you recognise Nicole you probably aren’t new to Lemmy or the Fediverse and are a bad mark. I’d guess, I never followed the links, don’t generally follow links dm’d from random, days old accounts in general. Maybe Nicole truly is just thirsty for Lemmy friends and keeps getting banned lmao.
Honestly people that do recognize it for what it is should respond. Keep them talking to waste their time so they can't hurt someone else.
But then you're also wasting your own time.
If we all wasted 5 minutes we could shut down the system.
People really underestimate the power of collective action. It's just meat based ddos.
What a fascinating sentence.
I mean if everyone "collective action" ignored them together, no one would have to waste even 5 minutes ¯\_(ツ)_/¯
And theoretically, if there would be the same amount of scammers as decent people, everyone would have to waste all their time with your strategy, but with my strategy none of the decent people would waste time.
But yes I understand it of course, protecting the weak is not a bad thing.
you mean, everyone who already knows it's a scam or can recognize that it probably is. which is not everyone. otherwise the whole thing wouldn't exist.
Which is what I acknowledged with my last sentence. All I'm saying is that both methods could be worthwhile, and in a perfect world where everyone is educated, everyone ignoring the scammer would be better.
In a perfect world, anyone who attempted to go around hurting people would be removed from society.
"They" will be an LLM.
Maybe. That gets expensive very fast. We should all ask for artwork.
Time you enjoy wasting is not wasted. I always love talking to Indian scammers when they call about my student loans that don't exist.
I already asked 2 scammers on discord for bathwater and they never took me up on it :( it's a cruel world
Yep, then of course this doesn't matter :) go for it!
yeah but it's fun
Their time is worthless, they use slave labor.
That easier done with more involved scams like phone calls you see YouTubers do. Especially since they likely paid for that info. Places like here there’s no buy in so it’s a volume game i imagine. If I can’t get you to another platform to buy me stuff I’d move on to the next one quickly as possible.
I had one Indian scammer use my name so I was interested. Then he asked if my email was still current and gave an email that I used like 20 years ago in middle school. I laughed and told him he paid for shitty info. It was a goddamn Hotmail account to give you an idea.
And if you can get them to do stupid things, you can post about it here!
https://www.419eater.com/html/trophy_room.htm
This doesn't make any sense to me.
Why would you deliberately make your bait less appealing to filter out the fish that might wriggle off the hook before you land them?
The typo's are in order to evade bayesian spam filters which get suspicious about certain words.
The common formats are used because those are the ones that work.
The initial fishing is a low effort, wide net. What follows actually takes the investment of man hours and/or other resources. They would rather get 1 catch they can take all the way, than 500 where 495 will figure it out later and bail.
Sure but there's no evidence that the typos effectively weed out the ones they don't want.
No evidence that we have. The spammers obviously think it's worth doing however, and they are the ones that would have the statistics.
All the evidence we do have demonstrates that the typos evade Bayesian filters and improve deliverability. This is demonstrably true.
When you hear hoof beats think horses not zebras.
Provide the evidence?
Does it however? I'm not up to speed on modern anti spam, but a huge number of spelling mistakes screams spam to me. I would be extremely surprised if it wasn't the case. The best way to deliver spam is to make it indistinguishable from legit messages.
Also, the existence of spear fishing implies it's a choice.
Do you mean to say, you've learned to associate spelling errors with spam because most of the spam you see... the spam that gets past your spam filters... has a lot of spelling errors?
That's just not true. The best way to deliver spam is to send it from a reputable address, and to avoid looking like spam.
Bayesian filters need to be trained by a user identifying email as spam. From those emails it learns which words frequently appear in spam emails. Including spelling errors means more unique words rather than words that look like spam.
More than I see very few of them anymore. I see more of them when I look in the junk mail, but even hotmail has gotten good a filtering out all the crap.
Because you’re selecting with people who lack experience with scam/critical thinking to figure out they’re scams.
I understood you the first time. My point is, it's nonsensical.
If you're sending emails to potential victims you want as many responses as you can get.
It's an absurdity to suggest that typing errors would intelligently select for people more likely to be scammed.
I’m not arguing about this. Especially not with a baby account. This is an opinion informed by expert opinion on the matter, and I work in tech. If you think it’s “nonsensical” that’s on you.
Source.
Oh boy. Sure ok you must know everything about security and spam and scammers because you "work in tech". Honestly, telling people that doesn't make you sound any more credible.
Did you honestly just google "scammer typos" so you could provide me with an expert source?
You're making a very simple assertion - that typos weed out potential victims who are gullible enough to fall for a nigerian prince scam with no typos, but not gullible enough to follow through to actually paying the scammer.
It's a preposterous claim with absolutely no evidence supporting it. Any idiot can see it doesn't withstand a moment's thought.
On the other hand, it's demonstrably true that typos can help to evade bayesian filters.
The actual situation, which both you and mr security blog guy have gravely misunderstood, is that including typos in order to evade filters improves response rates because it improves deliverability and does not discourage a significant number of victims.
Er go, the type of people who become victims are not likely to be discouraged by typos.
That's not the same as including typos in order to discourage people who are not good victims.
Never claimed that, said that because that’s why I’m aware of it, not that it indicates any authority.
Not quite but pretty much yep. Given you claimed it was “nonsensical” I had hope me showing sources that weren’t just my saying so might make you reconsider your position. Perhaps unsurprisingly, it didn’t.
You’re free to google “scammer typos” and check out the results yourself given there seems to be nothing I can do or link to convince you that this is a silly hill to die on.
What filters are these? I’ll have to keep an eye out for the grammar section in the inbound spam/phishing policies next time I’m managing a client in the exchange section of their tenant. Bad luck for those who don’t spell well, can’t use spell check or are ESL, I guess. Mistyped URLs or domains however, sure are a thing.
*Ergo. I guess you’ve made up your mind, based on god knows what. I’ll leave you with a link from a university's IT department from your google search terms, feel free to look at the rest of them any time you like.
But what would the opinions based on another “Mr security guy”, aka a Microsoft researcher know.
indeed
I can't believe I need to explain this to Mr exchange server administrator, but you have it the wrong way around. Spelling errors are a common strategy to avoid emails being classified as spam. Bayesian filters collate tables of words that commonly appear in spam. Spelling errors create words that the filter hasn't seen classified as spam.
Bayesian filtering is a legacy strategy and Microsoft, for example, does not use it any more (because it’s inferior) except for legacy on-prem setups. Given you’ve attempted to be insulting, put words in my mouth and failed to provide supporting articles for your opinion I’m out. As I get enough of these sort of conversations at work and unless I start billing you... Lol’d at “Mr exchange server admin” though ngl.
If their claim is so preposterous then why are they providing sources and you're not. Writing longer and longer walls of text and being more and more disrespectful isn't going to convince anyone. If you have evidence just provide it instead of insisting is exists.