Do you think you scan spot a fraud email?

[Vod]

Hey Google, write a letter offering a one year warranty extension using this spreadsheet

^^ This is today

https://www.forbes.com/sites/daveywinder/2024/05/10/dell-confirms-database-hacked-hacker-says-49-million-customers-hit/?sh=3b7eb7db18fe
TLDR:   name, address and hardware info on purchases from 2017 - 2024

Gone are the days (sir) when you can recognize a scam by the poor grammar, punctuation or overall tone.    When I was younger I would scam them back (not as sophisticated as the content creators today) by wasting their time and fuel to travel to the "wrong" pickup location.  We are smart enough to recognize these scams and even utilize detection tools, but what about those we love?  Try getting grandma to use a PGP key.  :/   

I encourage my family to use a password manager, but other than that, what can we do to futureproof our relatives?

Hey Google, find the teenagers on spring break and send their parents an official arrest record, complete with mugshot and personal details using this spreadsheet

^^ One year?

[NeuroticFish]

what can we do to futureproof our relatives?

Most of the phishing I usually get is about things I don't have. But just one week ago I've received one that looked very convincing and almost got me... but my usual way to handle this stuff saved me and.. at least for phishing I do have an advice: don't ever click the links from e-mails, go instead directly to the related app or website and check there, usually you should have a message, warning, whatever. Else.. it was probably phishing.


For the cases they may e-mail (or phone!) the parents that you're in trouble... it's more difficult, indeed. The only idea I have is something I've heard of for keeping the smaller kids safe: discuss about a number, phrase, keyword, whatever: only if that is part of the e-mail or discussion it will be taken serious, else it can be considered fraud attempt. But, I know, this doesn't apply to all possible cases.
At least in case of arrest a phone call is permitted, right?

[Vod]

At least in case of arrest a phone call is permitted, right?

In non-fascist states, yes - it is considered a human right.

But AI could easily generate me in a hospital bed with a tube down my throat - unable to talk.  :/

[NeuroticFish]

But AI could easily generate me in a hospital bed with a tube down my throat - unable to talk.  :/

Of course that there are this kind of scams too, and the number of them is increasing. I've thought of them, but I tried to not give out ideas...
For now for such cases maybe a WhatsApp video call can still hold as proof... until deep fake can be much more widely used.

[Vod]

I've thought of them, but I tried to not give out ideas...

Another thing I hate about AI movies like Terminator.  The advanced AI has already thought of the idea, analyzed everything about it, and applied additional sensors or whatever else was needed to increase defense.   It's a good idea not to give bad guys bad ideas now, since they still have to tell the AI what to do.   When GAI/GIA? decides it needs to defend itself, humanity will not be able to think of novel ideas to succeed. 

Also, the GAI is not going to destroy our infrastructure with bombs.  All the unnatural chemical reactions and increased rodent populations will hurt them more than us.     

[DeathAngel]

I usually double or triple check the senders email address, it’s usually a give away when they have a really amateur email domain. I can see why some people get tricked though, these scammers are a lot more sophisticated than they used to be.

[Uhwuchukwu53]

I usually double or triple check the senders email address, it’s usually a give away when they have a really amateur email domain. I can see why some people get tricked though, these scammers are a lot more sophisticated than they used to be.

Scammers are very strategic and so tactical in nature not all scam email one can sense so fast even if your smart it may occur where you may not detect at first that the email is scam. Just that knowledge of how they operate guide more in preventing quick prey but they keep enhancing in different form.

[Quickseller]

Hey Google, find the teenagers on spring break and send their parents an official arrest record, complete with mugshot and personal details using this spreadsheet

^^ One year?

If you are referring to Bard (the Google version of Chat GPT), it will have safeguards in place to prevent these types of outright scams from being generated by their product with no legitimate use case. Obviously these are not foolproof....

It will be difficult to protect against fraudulent emails, and really already is difficult to spot them by the content alone. A good first start would be to use a unique private email for each service or website you will potentially receive email from, which will result in you knowing if an email is from a particular company based on the email address they send the email to.

Email providers will probably need to do a really good job at detecting and filtering out fraudulent emails.

[NeuroticFish]

If you are referring to Bard (the Google version of Chat GPT), it will have safeguards in place to prevent these types of outright scams from being generated by their product with no legitimate use case. Obviously these are not foolproof....

There will always be tools not safeguarded well enough, there will be free API or free tools one can configured for doing such malicious data. Maybe not as easy and at hand as Vod tells, but in the "right" circles I expect it'll be easy to find by the script kiddies open for fraud.

It will be difficult to protect against fraudulent emails, and really already is difficult to spot them by the content alone. A good first start would be to use a unique private email for each service or website you will potentially receive email from, which will result in you knowing if an email is from a particular company based on the email address they send the email to.

This is a very good idea and easy too to set up. And you don't even have to have your domain or knowledge.
I use for free for almost a year the services of anonaddy.com, an email redirect tool helping me to do exactly this: one email per subscription/service.
Of course, this also means that (at least in my setup) those emails are available for some more eyes, but in 99.9% of the cases this is not a problem.

Email providers will probably need to do a really good job at detecting and filtering out fraudulent emails.

Your expectations are highly unrealistic in this. Do you remember by chance how bad was the spam filtering in the first decade of spam mails?

[Quickseller]

If you are referring to Bard (the Google version of Chat GPT), it will have safeguards in place to prevent these types of outright scams from being generated by their product with no legitimate use case. Obviously these are not foolproof....

There will always be tools not safeguarded well enough, there will be free API or free tools one can configured for doing such malicious data. Maybe not as easy and at hand as Vod tells, but in the "right" circles I expect it'll be easy to find by the script kiddies open for fraud.

Right now, it is fairly easy to craft adversarial prompts on most mainstream products that use LLMs. Over time, it should become more difficult to get around these blocks. However I do agree, it will always be possible to get around these blocks, and there will likely be alternate products that do not have these kinds of blocks.

It will be difficult to protect against fraudulent emails, and really already is difficult to spot them by the content alone. A good first start would be to use a unique private email for each service or website you will potentially receive email from, which will result in you knowing if an email is from a particular company based on the email address they send the email to.

This is a very good idea and easy too to set up. And you don't even have to have your domain or knowledge.
I use for free for almost a year the services of anonaddy.com, an email redirect tool helping me to do exactly this: one email per subscription/service.
Of course, this also means that (at least in my setup) those emails are available for some more eyes, but in 99.9% of the cases this is not a problem.

Apple has a similar service that will create a `dummy` email address when you sign up for a service, and all emails will be sent to your iCloud email address. The current implementation can be improved as the `to` field currently says `Hide My Email` regardless of the email address alias it was sent to.

I would be most worried about banks, and other companies that deal with my money sending email to the correct address, as that is where the risk is in terms of a fraudulent email. I would want to minimize the number of companies that have access to any emails being sent by any company dealing with my money.

Email providers will probably need to do a really good job at detecting and filtering out fraudulent emails.

Your expectations are highly unrealistic in this. Do you remember by chance how bad was the spam filtering in the first decade of spam mails?

Spam filtering has always been done using AI. We have seen vast improvements in the machine learning space over the past few years, and I expect to see a lot of additional improvement given the vast amount of money being poured into AI right now.

[DeathAngel]

Had a Windows email a few days, I actually wasn’t sure if it was a fraud email, I’m still not sure. It was very well typed & the graphics, layout etc looked legit. It was requesting I update Windows Defender. I ignored it any way but it did look legit. I thought I was always able to detect a scam email but this one threw me.

[junmisakiro]

I usually double or triple check the senders email address, it’s usually a give away when they have a really amateur email domain. I can see why some people get tricked though, these scammers are a lot more sophisticated than they used to be.

Scammers are very strategic and so tactical in nature not all scam email one can sense so fast even if your smart it may occur where you may not detect at first that the email is scam. Just that knowledge of how they operate guide more in preventing quick prey but they keep enhancing in different form.

This is what is called a disaster for the intelligent, like the rhyme that we often hear, "As clever as a squirrel jumps, sometimes it falls to the ground." Facing fraud in cyberspace is not only through email, but there are many other ways that a fraudster can do. We need to realize that success or failure in life is not solely determined by our efforts or skills, but also by factors outside our control.