I spent some time creating this mind map to sum up everything you’d want to know about the scam messages, as well as the common theories. I will try to keep it updated. If you have anything to add to this or critique, please let me know.
Might take a while to load, it’s a very high res image. Here’s a link alternative: https://files.catbox.moe/csls12.jpg
This should be obvious, but due to the recent developments I want to have this here as a warning:
Don’t send the scammer any money, even as a joke.
You must log in or register to comment.
The crypto scam may be a copycat. If you sort by new in this community, the latest messages don’t have a crypto address in it.
Possibly, but I think there was also proof provided by multiple people that it is real. I think it’s not only in the messages, but also on the matrix server.
What tool did you use btw. Looks amazing.
Edit: oh ok, figma.
I can add a few data points… https://lemmy.ca/u/fujinamilo was the nicole spammer on lemmy.ca, they used this account to test getting through filters. They logged into it from a VPN, and logged out (destroyed their session) when they were done.
They seem to message in batches of users, notice how both batches went to the same users in the same order at the top here: https://lemmy.ca/pictrs/image/b40f9e02-a162-4e56-8b5e-79b563a786c9.png
They like to spam the same users repeatedly: https://lemmy.ca/pictrs/image/ffd36fbd-2452-4806-960a-6d291b9c6d1a.png
Seeing as they actively joined lemmy.ca and tried to get through my filters after I made a post about them, it’s reasonable to say they’re watching us and probably having a lot of fun playing with everyone. Have we tried just asking for an AMA?
It’s kinda interesting that they seem to be targeting specific users, glad your filters are working.
I really want to know how people are being targeted. I’ve only received one, have zero idea if it was a specific post or community? I think mine was after a post rather than a comment, but I can’t recall.
in friendica, her profile shows a work address
If Nicole is the victim of harassment then we probably shouldn’t post this.
i love everything about this… huge diagram fan…
my only criticism is the lack of mbin… ive been nicoled ~5 times directly on an mbin instance.
only really pertinent because im on a small instance with ~ 180 user accounts. how does she knooooow
Can confirm: Also mbin, also been nicoled
deleted by creator
Ok, i’ve been thinking about this since the first time i received a nicole spam message because of the timing and what i was i doing and saying at that moment on another lemmy account and maybe i’m just paranoid, but you don’t go and pull a pig butchering scam on a platform like this or any scam that is so obvious.
What i think is this is a mass surveilance attempt and in this thread https://lemmy.today/post/25826615 someone try to explain what might be happening. The bitcoin scam and everything else are probably a decoys in my opinion.
I could be wrong but this is all too fishy.
Excellent, despite not using ISO 8601 date formats!
RFC 3339 is superior to ISO 8601
What Mindmap software is that? It looks really cool
Not FOSS sadly, but this is FigJam on figma.com.
… figma … FIGMA BALLS
(I can do that, I’m a mod)
I suppose you can.
I recently tried Minder as it’s kinda beautiful, sorry for being a fosstechbro, nobody was asking (ಥ﹏ಥ)
Looks like an actual nice program. I’m a big FOSS advocate myself, but I still use some other software for convenience’s sake.
The first one I received here was about a month ago from “missy29” at lemmings.world. Body of the message still said “Nicole” though, with some very early boilerplate text.
For completeness sake, I’ve also gotten from a nicole101 and a nicole40.
If we could get the IP and email addresses from instance admins it could help figure this out.
Not all instances require an email. For example we don’t.
What % of the instances these are coming from are instances that require email also would be a good thing to collect.
Most of the used instances are abandoned without active moderation and even with the email requirement, there isn’t a built-in way for lemmy to filter out temp mails. The abused instances are unlikely to have automod running.
Is it perhaps someone rolling out a relatively harmless spam across Lemmy to get Lemmy to improve its moderation tools?
Possibly, but I think this is off the table since they added crypto addresses
I mean if i was doing this I’d add crypto addresses just for the lols, and wouldn’t actually expect any.
The picture doesn’t seem to be AI, and it’s unlikely to be the person from the picture. I highly doubt someone would use an innocent person’s face for spam across the fediverse for the sake of improving security.
Especially because the security against spam was always going to be put to the test no matter what.
How can I see the language or my account? My instance is PT-BR
Thanks. Looks like I have undetermined, English, Spanish and Portuguese.
