I don’t think anyone has gotten to the bottom of it. It’s a scam that has been sweeping Lemmy, Mbin and Mastodon (possibly others) for awhile now. It features a picture of that girl, we’ve seen several different pictures, it’s the same girl and they’re just about always posed as if it’s a frame from a Skype call or Zoom meeting like that. At first, the picture would show up with the text as plaintext, it has mutated and now the text is baked into the image to get around spam filters. At some point the message started asking for crypto.
It’s pretty obviously a spam/scam/spcam, so it’s become a little bit of an in-joke, receiving one is something of a rite of passage, and referring to the almost certainly fictional character of Nicole as “our” girlfriend.
Exactly what scam it’s pulling isn’t clear. I’ve seen several hypotheses put forward:
It’s just asking for crypto. Simple “Look at girl. Think with dick. Send bitcoin.” plot
It’s a pig butchering scam. A long-term confidence trick where the scammer actually befriends you for months at a time, then convinces you to “invest” in legit looking shady shit. Designed to get around defenses that were built up against the Nigerian Prince scam.
It’s a harassment campaign against the girl in the photos. Which…this is the most diabolical and circuitous way I can think of achieving that. "We have several screenshots of this girl on Zoom calls. We’ll spam Lemmy, not Reddit or Twitter or Instagram, Lemmy, as if she’s inviting people to join a Matrix chat to socialize, and then these nerds will pull a Cicada 3301 job of following the breadcrumbs to finding the actual girl and annoying/attacking her. This is the most G-rated revenge porn campaign I’ve ever seen.
It’s for de-anonymizing Lemmy accounts. I’m not enough of a nerd to know how the nuts and bolts of this one works but I think they send you a DM that links to a jpeg stored on another server, they send a slightly different jpeg to each account they’re targeting, and which IP address requests which jpeg can pin an IP address to a Lemmy account. A lot of the mainstream web falling to fascism you can see why Big They might want to see who’s who on the platform that still allows subversive ideas like “genocide is bad”.
It’s come from accounts made on several instances, I think at least one instance specifically for the purpose but a few random accounts with no post history started blasting it out on several instances including sh.itjust.works. So whoever’s behind it is pretty persistent.
Just today I tried to get some info from graphics stored on a lemmy server and found them to be highly anonymized. I’m gonna guess you have to engage with a potential scammer in order for them to extract data, and just viewing the message gives them nothing. Lemmy probly has security flaws, but seems well designed as far as I’ve looked.
Ya, I getcha that if its harassment, its really weird harassment. But if its harassment of a real person out there, I certainly don’t want to be part of it. I haven’t been on lemmy very long. I’ve already tangled with one batshit crazy person. I’m fully willing to believe that more exist.
I don’t think anyone has gotten to the bottom of it. It’s a scam that has been sweeping Lemmy, Mbin and Mastodon (possibly others) for awhile now. It features a picture of that girl, we’ve seen several different pictures, it’s the same girl and they’re just about always posed as if it’s a frame from a Skype call or Zoom meeting like that. At first, the picture would show up with the text as plaintext, it has mutated and now the text is baked into the image to get around spam filters. At some point the message started asking for crypto.
It’s pretty obviously a spam/scam/spcam, so it’s become a little bit of an in-joke, receiving one is something of a rite of passage, and referring to the almost certainly fictional character of Nicole as “our” girlfriend.
Exactly what scam it’s pulling isn’t clear. I’ve seen several hypotheses put forward:
It’s come from accounts made on several instances, I think at least one instance specifically for the purpose but a few random accounts with no post history started blasting it out on several instances including sh.itjust.works. So whoever’s behind it is pretty persistent.
Ok. Thanks for the extended perspective.
Just today I tried to get some info from graphics stored on a lemmy server and found them to be highly anonymized. I’m gonna guess you have to engage with a potential scammer in order for them to extract data, and just viewing the message gives them nothing. Lemmy probly has security flaws, but seems well designed as far as I’ve looked.
Ya, I getcha that if its harassment, its really weird harassment. But if its harassment of a real person out there, I certainly don’t want to be part of it. I haven’t been on lemmy very long. I’ve already tangled with one batshit crazy person. I’m fully willing to believe that more exist.