Attention Profile Posts for Registered Users disabled due to rampant fraud.

SwissHeritageCo said:
iI still mantain that the staff has done everything they can. If people want to use Zelle, Cashapp, PPFF they are going to have to use their brains.
Click to expand...
Agreed.

In allot of Type As, despite warnings from those who have more knowledge and experience, they do what they want. I "was" one of those Type As and it took my personal experience of being burned for $400+ ignoring those warnings. I am still Type A but a more cautious one that will take heed to the warnings of the moderators of this forum.

You can lead a horse to water but you can't make 'em drink ...
 
Blues said:
These same people get to vote. (Yeah, I'm a bit frustrated after hours, days, weeks of dealing with it without letup. Can you tell?)
Click to expand...
Your patience is definitely greater than mine…

So many of these scams could be avoided well before payment is even sent if they just bothered to learn the basics or even think logically for a second.

Some people can genuinely only learn by having it happen to themselves. Its hard for emphasizers to watch idly but the person does learn in the end and comes out better.

You mods all do great work on the forum as a whole. I’d hate to see that interest dwindle from focusing energy on things truly out of your control and on people who won’t even help themselves.

Just my 2 cents.. back to lurking 👍
 
Here is a question about posting your email in a thread.

IS THERE A WAY TO DISGUISE IT or is any version of an email address posted in public a potential victim?

Example 1) I see that SwissHeritageCo SwissHeritageCo posts an email in his tag line but not written in such a way that it can be copied and used directly in an address line.

Example 2) I typically create a hot link in my sale threads as an option to contact other than PM. I write my - EMAIL HERE - and then hot link my email address to those words EMAIL HERE.

Note - I also say in my thread that if you send me an email ID yourself with your BF user name in the subject line or I will ignore. I also encourage that I be contacted by PM.

Am I and/or SwissHeritageCo SwissHeritageCo , just one easy step away from being compromised?
 
My guess is that the ne'er-do-wells are sophisticated enough to assemble the email address from the supplied data. Why chance it?

Personally, I would create another email address that is not the one you are registered to bladeforums with. Have folks contact you at that email address, and then if everything checks out sufficiently, you can provide your BF email or any other relevant information for the individual you are dealing with.

Not a perfect solution, but better than having your forum email potentially compromised.

PMs remain the method of choice. I simply can't wrap my head around serious folks who are willing to risk hundreds of dollars (or more) to save 83 cents a month for a "Basic" membership which allows PMs. "Penny-wise but Pound-foolish" comes to mind.
 
I have posted my email address in my ads pretty much since I started posting things for sale here, though in a format that decreased the likelihood of it being picked up by bots.
I recently redacted the old ones as sort of a Best Practice thing until I make a throwaway.
That said, if your email can be seen by somebody doing a quick scan of your posts, it could be used in this type of scam. The best way to beat it is by not posting claims in the ad. I never do that, and that is part of why I include my email and told people not to post in my ads (people refused to heed that request; so I started closing my ads). If you don't post in the ad, you can't be targeted for this particular scam.
*Edited to add: And, no, posting in the ads is not required for feedback. That became a thing with the change to Xenforo; but went away with one of the updates. It's been gone for a couple of years, now. (I didn't/couldn't use the feedback system during the time posting was required)
 
Last edited:
... BUT - would/could some bot or script dissect a hotlink such as my EMAIL HERE to extract the email address imbedded in the link?
 
I'm not tech savvy enough to know how that is done; but the people getting caught in this one are getting found with a simple scroll down the post list. They're primarily most (if not exclusively) active in the exchange, so they don't have tons of other posts to screen. I don't think it's taken me a full minute to find any of their email addresses
 
Since OPM unwittingly provided foreign regimes with my own, as well as the personnel and security clearance files of many thousands of other federal employees and retirees some years back, I'm inclined to believe that everything is (at least potentially) discoverable that is connected by any device or site to the net.

Assume that they can and take prudent measures to prevent their successes.
 
Even if your email is posted, it won't matter(at least for this scam), if you recieve an email and double check the source before sending any money. However for $10 per year you can avoid the problem altogether.
I still have some email listings in old threads where the address was quoted, but am not alarmed since anyone using it wll not be getting any money. 99% of the time no one even knows I am involved in a transaction, since I use PM for all contact and discussion.
Even if you do of things wrong or potentially wrong IMO, such as using ff and leaving your email visable, you won't get scamed(by this scam) if you do one thing right- verify the source of the email before sending money.
But then this is not the only scam today or in the future, so it is best to cover yourself as may ways as possible.
 
Last edited:
It takes multiple failure points for this scam to work. The victim has to have not seen the MANY warnings about it. The victim has to post their email somewhere public. The victim has to do no checking and send money to the first email request they receive. The staff cannot stop the entire chain. They've done everything they can think of to prevent it.
Unfortunately some thought profile posts were direct messages, and private, so Spark Spark wisely limited this feature, but until everyone notices the many warnings and takes steps to protect themselves, there will be more victims.
 
On the bright side, we can hold the Bladeforums Darwin Awards for those so oblivious, they get taken multiple times.

We can also break it down into categories so there's no end to the fun. :rolleyes:

(This post may be intended to be slightly facetious...)
 
RayseM said:
... BUT - would/could some bot or script dissect a hotlink such as my EMAIL HERE to extract the email address imbedded in the link?
Click to expand...
Yes. Just because something isn’t “human readable” doesn’t mean the contents can’t be parsed by program.

Every step you take to obscure it adds another level of complexity, but a scammer with enough time and motivation can find just about anything that is posted publicly. The hardest part for them is coming up with the code to do it, but once they’ve got it, it’s rinse and repeat.
 
The Big Secret Let’s test it out.

ETA: So in the hyperlink I put “Poissons Ratio”.
The I went to the search, and a simple search showed the post containing the word “ratio”. RayseM RayseM I didn’t even need anything fancy, just our very own search feature.

qFseKPC.jpeg
 
Last edited:
RayseM said:
Here is a question about posting your email in a thread.

IS THERE A WAY TO DISGUISE IT or is any version of an email address posted in public a potential victim?

Example 1) I see that SwissHeritageCo SwissHeritageCo posts an email in his tag line but not written in such a way that it can be copied and used directly in an address line.

Example 2) I typically create a hot link in my sale threads as an option to contact other than PM. I write my - EMAIL HERE - and then hot link my email address to those words EMAIL HERE.

Note - I also say in my thread that if you send me an email ID yourself with your BF user name in the subject line or I will ignore. I also encourage that I be contacted by PM.

Am I and/or SwissHeritageCo SwissHeritageCo , just one easy step away from being compromised?
Click to expand...

Refuse to use PPFF, and none of this matters.
 
As a seller at some point I would need to disclose a pay email address for PayPal. From the answers above - thank you for the replies - the only way to insure that my email is not hacked is to ONLY disclose in a PM. So word to the wise Ray, don't even imbed in a hot link or try to fake out with oddly spelled out variants.
Make people come to you directly in a PM for that email info.
 
RayseM said:
Here is a question about posting your email in a thread.

IS THERE A WAY TO DISGUISE IT or is any version of an email address posted in public a potential victim?

Example 1) I see that SwissHeritageCo SwissHeritageCo posts an email in his tag line but not written in such a way that it can be copied and used directly in an address line.

Example 2) I typically create a hot link in my sale threads as an option to contact other than PM. I write my - EMAIL HERE - and then hot link my email address to those words EMAIL HERE.

Note - I also say in my thread that if you send me an email ID yourself with your BF user name in the subject line or I will ignore. I also encourage that I be contacted by PM.

Am I and/or SwissHeritageCo SwissHeritageCo , just one easy step away from being compromised?
Click to expand...

What Blues Blues has described in the post just below yours is exactly what I have done.

The email in my sig is an auxiliary address that isn't connected to any payment system or my forum registration.
 
You must log in or register to reply here.
Back
Top