Hacker News new | comments | ask | show | jobs | submit login
The little black book of scams (2016) (accc.gov.au)
182 points by Ibethewalrus 81 days ago | hide | past | web | favorite | 62 comments

I recently fell victim to a nasty scam I've never heard about before. Wonder if anyone had similar experiences.

Happened in Serbia on a highway. We had an RV on German plates and slept on a gas station there, next to the truckers. Morning comes and the clutch pedal is dead - no resistance when I press it (this is a manual transmission car). Obviously not driveable, and we're not car gurus to debug it. We call the insurance but it's not responding (perhaps because it's Sunday). I find a tow car nearby and ask the guy for help, to which he suggests to tow the car 10km to his garage to investigate. I agree.

There they use the debug interface of the car to figure out that we need some part replaced (language is a bit of a barrier now) and quote us 700 EUR + VAT. I agree because we need to drive, and because I cannot contact insurance.

After the job is done I ask them for the old part (the replaced one), and they just say it's "software", after which I realize that I was just massively overcharged/defrauded.

Later when we discuss the situation with my girlfriend she tells me she's seen that tow car waiting seemingly for us for several hours, which suggests that the clutch damage was perhaps inflicted by the very people that fixed our car. I became scared of the whole situation and decided to not report it to the Serbian police and just leave the country asap (I mean if people cut cables in cars on the highway to get 700 EUR I have very low trust in the local law enforcement).

> she tells me she's seen that tow car waiting seemingly for us for several hours

FWIW, at least in the U.S. it's common for tow truck operators to wait alongside various roads. Breakdowns are predictable and service is faster if the operator is already nearby. It's not like the driver has anything better to do during his shift.

That doesn't mean you weren't overcharged or even scammed. Really can't say without more information.

It's also common for towing companies to show up to the scene of an accident before police arrive with hopes of convincing those in the accident their vehicles need to be towed for some reason or another. Canada has even gone as far as implementing new laws to prevent this.

Yeah the cable cutting is just a conjecture, have no evidence for that. Overpriced repair - pretty sure about that one.

Most clutches are hydraulic, not cable-operated. There will be a bleed valve under the car which can be opened with a wrench, causing the symptoms you experienced. Would take an experienced scammer maybe a minute to do.

As a Serbian expat I would very much avoid putting too much trust in Serbian locals.

Sure, there are obviously some nice people but overall it's a very poor, corrupt, and cut-throat country. Serbian doctors have been caught stealing children from hospitals for god's sake.

Learned this the hard (but not too hard) way.

Also I hold no grudge against Serbian people in general - had some great Serbian friends in the US, they made fantastic barbecue. I'd sooner blame the general state of the country.

> If people do crimes, why trust law enforcement?

That really helps noone. Report in a nearby larger city. If they don't care they just drop it.

Yeah in retrospect I should have done this, but to be fair I was just frightened by the realization of what might have just happened here, and wanted to simply leave the area. Another thing is that I have no proof to distinguish between an overpriced fix and deliberate cable cutting.

Now I'm way too far from Serbia to report it.

Not knowing about Serbia specifically, but know about highly corrupt countries. Reporting to police has its own risks, through most likely they will ignore you. Ignore because don't care or ignore because they are friends with perpetrators. Also, it is highly likely they don't talk English enough.

With there being no proof, you likely saved yourself pointless frustrating experience.

However most likely explanation really is no cut cable, but taking advantage of foreigner with bad luck.

Count your lucky stars it wasn’t worse than it was. A terrible scam indeed “tow it to my shop” should have set off a flag but I can totally understand your desire to just get going again. Sorry to hear about your terrible experience, it could have happened to anyone really, myself included. Try not to lose sleep over it and be extra careful from now on.

Thanks! I've checked off the lost cash as an expensive lesson and am at peace. Hopefully someone else can benefit from knowing this story.

>A terrible scam indeed “tow it to my shop” should have set off a flag

Curious, why is this a red flag? Lots of small towns have combined tow-service/mechanic shops.

This is a common scam on tourist in many poorer areas of the world, on all continents. Happens too sometimes on rentals (car/scooter/truck/wtv) with collusion by the rental company.

If the clutch pedal was seemingly disconnected, that would be due to a loosened flare nut or a backed off cable end/clamp/adjustment. Likely Wouldn't even show up on a diagnostic scan (except possible low clutch hydraulic fluid).

They likely sabotaged your vehicle.

I remember the first time I got one of these "Nigerian scam" mails. In retrospect it is funny that what made me suspicious was not the offer to make millions in return for an upfront price of a few thousand bucks; it was the fact that the mail did not address me by name but started with the claim that I seemed to be trustworthy person. If I was trying to move a huge amount of money out of the country, would I ask some random stranger on the Internet for help? Exactly.

At dinner, I told my parents about it. My mother's husband, who is a (now retired) police officer who worked in white collar crime for more than a decade, started to laugh. "Do they still use that old trick?" And so I learned that this particular type of scam dates back at least to the 1980s, when scammers used fax to contact their potential victims.

It dates back longer than the territorial boundaries of Nigeria: https://en.wikipedia.org/wiki/Spanish_Prisoner

My mother's husband had lots of interesting stories to tell that involved scammers and con artists; it seems people very quickly let go of all skepticism when faced with the prospect of making lots of easy money.

I also remember that kind of email that used to go around back in the late 1990s that said Microsoft was sending out this mail to measure the size of the Internet or something silly like that, and that if I forwarded it to people from my address book, I would get some stupidly large amount of money for it, like 10$ per person.

As far as these things go, this was fairly benign, of course, but I almost fell for it. And what made me delete the mail without forwarding it to anyone was not that "to good to be true"-aspect, but the fact that I started wondering how Microsoft would know I had forwarded this mail. And then I wondered, if everybody did forward this mail to everyone they knew, for $10 a pop, how much would that cost Microsoft? I mean, they were filthy rich back then, but still, such a thing could easily get out of hand.

And even when I got the first phishing mail from "my bank" asking me for my PIN and a TAN, what made me delete it was not the fact I had deleted dozens of these from other banks where the scam was obvious because I had no affiliation with them, but the fact that I had not ever given my bank my email address.

It is so easy to think that I would never fall for an obvious scam like that. But it pays to remember that the human psyche has some major bugs, and scammers know disturbingly well how to exploit those.

My favourite Steve Martin film :)

Have you read the https://www.419eater.com/ website?

It has made me laugh so hard I was in tears. Especially the ones where they reverse the scan, and make the scammer physically travel to other locations while working towards "receiving the money".

EDIT: it seems some of the site is unavailable. It must be accessed via Archive.org then

You sit with an old friend in bar, already quite drunk. You haven't seen this guys for years but now that you had such a nice evening you really feel like old brothers. Now he tells you about this great house he has and that he considers to move to another town. He might let you take it before he puts it on the market and to a friendship price that he could certainly not achieve on the market.

Will you, at this point, remember that "Scammers dress up ‘opportunities’ with professional looking brochures and websites to mask their fraudulent operations. They often begin with a phone call or email out of the blue from a scammer offering a ‘not-to-be-missed’, ‘high return’ or ‘guaranteed’ opportunity. The scammer usually operates from overseas, and will not have an Australian Financial Services licence"?

Probably not. But you might remember the story that guy on hacker news told you. You might remember, just as in that story, that you should look out carefully when a "great opportunity" arises. You might check your emotional state and find the comradry you feel to that old friend might not be based on facts since you haven't seen him for a long time. It's rather related to you two having a great night together.

And you might recognize that this combination of great offer, excitement, and a person who doesn't spend time with you often are combining to red flags for a scam.

But that is all because it was a specific example, a story. Not just a list of facts and attributes that generally relate to a set of scams that can be categorized as rather similar.

Therefore I'd argue that such a general list of scams, without specific examples, is not worth much. People's brain simply doesn't work like that. Rather check on Youtube for actual scams. Like "tourist scams in <countryX>".

I think I must not be a people, because my brain does generally work that way.

Perhaps it can be that some peoples' brains work one way and others another way, and perhaps there are multiple ways of working.

Can you explain how that works out? Like, do you have virtual checklists and for everything you experience over the day your head goes "check check check -> we must be in event X"? It's really hard to imagine.

What I already know is emotional pattern matching. E.g. one smells a spice that one's mother used as a child and one is immediately transferred back to that time. In that way if one recognizes that high excitement is often related to advertisements or scams one might recognize when one feels that way that something might be fishy.

Or what I also know is path recognition. E.g. "at first we did this, then we did this, then we did this, and therefore we arrived at X". In that way we can remember processes like riding a bike or our way home. That's also how memory palaces work.

Experience helps a lot. For example, I will never give money to a Buddhist monk walking the streets asking for donations, er, ever again.


"Genuine monks do have a practice of having gifts or giving alms as part of their religion but it is meant to be a generous donation of those who wish to give without any solicitation whatsoever."

In a similar way, I'd never work for another startup again. While I'm sure many startups have great intentions, others are out and out scams, and the vast majority will never break even enough to pay you the pot of gold at the end of the rainbow that they promised you. Once burned, twice shy etc.

I was once waiting to board an airplane and a Buddhist monk sat beside me. I had a glance at him and notice a rolex watch. "That's odd", I thought. But sometimes Buddhist monks have stuff like that. And then I noticed that he hadn't shaved his head. Or his beard. "That's odd", I thought. But different orders do different things. And then he got called up to the desk and the attendant asked him, "I'm sorry sir, but I noticed that you didn't have a the vegetarian meal ordered. Would you like me to order one for you?". He said, "No thank you." "That's odd", I thought, but even monks have free choice in their meals. And then some guards with sniffer dogs walked up to him and took him away. "Oh. Not so odd after all".

Well, well. You still have a lot to learn, my Padawan. The better answer is not "that's odd" but "we'll see". ;-)


I believe it is more like path or pattern recognition, I have read about X + Y + Z, I experience something that has X + Y + Z, I think that reminds me of something what is it? My past reading flashes for me and then I start to draw conclusions about what I am experiencing.

As a general rule I don't seem to require it to have been an example based communication, or a personal communication on the subject, but just an abstract description can be enough for me to say - hey this situation seems like a subclass of the general class described in that book of scams I read. Maybe I should think about that! That's all I took exception to, that abstract descriptions of things would not be helpful without concrete examples because people don't find abstract descriptions helpful enough. I tend to find them helpful.

that said I have never experienced this smell a spice or eat a food thing and immediately remember that time years ago. To me that seems like bs, but I guess it must happen so many people talk about it.

FYI: I've put together an Awesome Initial Coin Offerings (ICO) Truths page. Subtitled The Art of the Steal - The Scammers' Big Lies at https://github.com/openblockchains/awesome-ico-truths . Buyer beware! Cheers. Prost.

Great that you put actual examples together. I like that. But I'm not sure if you can really improve the world through that. A lot of these problems are quite obvious and if people iwll still put their money into ICOs I'm not sure anything could help that.

That, I feel, is the hardest part of learning more about scams and how to protect yourself. You inevitably see a lot of people who simply can't avoid it, almost going for getting scammed like a moth goes to the lamp, never learning from bad experience that you simply can't get rich quick if you aren't already rich.

>never learning from bad experience that you simply can't get rich quick if you aren't already rich.

or a scammer

> A lot of these problems are quite obvious

Not to everyone.

Even when lightning strikes, and the coin you were supposed to get goes up x50,000 good luck trying to get them if you weren't watching the people behind it like a hawk.

Case in point NEM, who kept the coins from hundreds of initial stakeholders.

good content, but: why has it has become popular to use github in this manner? to create a repo for what is essentially a blog post?

I suspect it's so that people can contribute to the list through the pull request functionality that Github offers?

They could at least set it up to use Github pages then.

Then you could access http://openblockchains.github.io/awesome-ico-truths

I'm the author / editor. Done. Works now with Github pages too. Cheers. Prost.

Looks good! Thanks!

As an added benefit, the pages version loads much faster than loading GitHub itself!

I'm the author. Why not a blog post? The idea is that the page is not frozen / done and gets updated (from time-to-time) and, yes, you (in theory) can contribute too. In practice doesn't really happen.

These TV shows are very educational about this, especially the Real Hustle, which was a documentary demonstrating how to avoid scams in real life situations. I'm sure you can find them on some streaming service as repeats.

The Real Hustle https://www.imdb.com/title/tt0791615/

Hustle https://www.imdb.com/title/tt0379632/

Coworker of mine fell for this same scam in Turkey that was featured on Scam City https://turkeytravelplanner.com/details/Safety/SingleMaleSca...

I enjoyed Scam City too. May still be on Netflix.

As my brother often says:

In life, you can be greedy, you can be stupid. But you cannot afford beeing greedy and stupid at the same time.

“Only pay via the website’s secure payment method—look for a web address starting with ‘https’ and a closed padlock symbol“

Someone should notify the Australian govt. that a padlock and https do not equate to security.

"Never pay via a website with an address that does not start with HTTPS" would maybe be better?

The padlock is the first step, and possibly the most impactful security check that a non-technical person can do. Recognising Fake webpages, XSS, CSP, malware, etc is very hard and impossible to expect from any visitor of a website.

"Only" implies necessary but not sufficient here.

I didn't know there's a special "Creative Commons Attribution 3.0 Australia licence" (and apparently there are separate versions for other countries as well).

It was the old Creative Commons v3 license. At that time, people thought, in addition to the "international version", it would be good idea to write many localized licenses for each country, so that people from each country can use the license in their native language and the legal experts can take special cares to make sure the license is completely valid under the copyright laws of a country, and the courts can understand it easily.

But people eventually decided that localized CC licenses were "considered harmful" - The biggest problem is that you can never be sure whether all the localized licenses are equivalent. It makes things very complicated when you want to create a derivative work of a project, even under the same conditions, if the work released under another localized version by the author. Also, it creates lots of ambiguity in a international community project. Finally, it was difficult to maintain, they need legal experts from all the countries if the license needs changes.

So localized CC licenses have been abolished when Creative Commons v4.0 was released, v4.0 only has the One True Version, the international version, it was made to be a perfectly valid license for all countries that signed Berne Convention, I believe.

As a teenager I fell for the most dumb in person scam. I was coming out of Barnes and Nobles with my gf and a guy approached me asking for money. I said no initially but then he made up this whole story about being out of gas on the way to see his kids and so on. You’d have to be an idiot to fall for that and idiot I was. So I ended up giving him $20, left feeling weird right away. I got in the car, looked at my gf and said “I bet that was a scam”. We went some place to eat then started driving home when not more than a few hundred yards away I see the dude buying booze at a nearby gas station. The only time I felt shittier in my life was when an elderly person sold me a car with a leaking gas tank, knowing that it had a leak.

I can confidently say I’m scam-proof today, learned the hard way to trust nobody, especially unwelcome advances. Ah, the things I did as a stupid kid!

Getting off the bus in NYC one day, guy comes up to me, seemingly nice guy asks if I have $5 so he can get home.

Give him some money, feel scammed, couldn’t say exactly why.

Talk to my Dad about it later and he asks what was it? Was he holding a book or something? Yep, right in his hand obviously when I recalled it was a cheap rough condition paperback book. My dumb brain saw that and said “surely this guy is ok, he reads!”. Dad informed me this was an old scam.

5am in Penn Station, waiting to board the early Acela. I've been in NYC 20 years at this point and have become tolerably good at deflecting our local street scammers, for the most part. I'm printing my ticket out and a construction worker comes up to me, wiry dude with a hi-vis jacket carrying a hard hat. $5 to get home to NJ, his truck got broken into and wallet stolen, blah boo hoo. He got the $5, and it didn't take him much talking to get it. The hard hat sold me. Soon as he turned I realized I'd been scammed.

I gave money to these people, and I don't think it's a scam. They're just begging by another mean. Often I just assume they don't have the chop to just ask for cash, or want to ease me into giving. I just ignore their made up story and give them change if I have some. It's charity, not "being scammed".

>I can confidently say I’m scam-proof today

Congratulations, you are _the_ perfect mark, one that is confident in not being one

I was approached at a gas station with a similar story. I figured it was most likely a scam, but I thought "maybe not" and, feeling generous, I bought the guy a tank of gas using my credit card on his pump, which was the same pump as mine but opposite side.

Then I filled up my car, and later reviewed my charges on that card and realized that my fill-up was never charged. Which is really weird because modern automatic pumps will not dispense fuel without validating the credit card.

Can't explain it. I just chalk it up to karma.

I don't think this makes you a gullible person. I think it means you are a helpful, empathetic person. That the world has a number of bad actors does not mean you should change.

Still gullible though. If all it takes is a story about going to see kids to get $20 out of you, you are gullible whether or not your are helpful/emphatic.

I was hoping it included the fiddle scam from American Gods.

That's the one.

Good guide.

I didn’t notice these scams:

Higher Education Mental Health Religious Organizations Political Elections

Can you tell me why each one is a scam? I'm curious because none of those to me seem like a scam.

Higher Education is increasingly a bad investment, including unforgivable loans.

Religious Organizations that take your money while oppressing your sexuality and agency.

Mental Heatlh system that gives you drugs that often makes your problems worse or at best placebo.

Political Systems that promise change and consistently simply advance the interests of the rich.

Scams meaning these are things people spend money on with a particular result in mind, they end up without that result and the people promoting it are pretty aware they can’t deliver the result.

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact