Like, it can’t be a real person, right? Has anyone tried following the links? I’m curious how they’re scamming people. It just seems like anyone getting the same message 5 times won’t fall for being catfished, so I don’t understand what their strategy is.
Because you’re selecting with people who lack experience with scam/critical thinking to figure out they’re scams.
I understood you the first time. My point is, it’s nonsensical.
If you’re sending emails to potential victims you want as many responses as you can get.
It’s an absurdity to suggest that typing errors would intelligently select for people more likely to be scammed.
I’m not arguing about this. Especially not with a baby account. This is an opinion informed by expert opinion on the matter, and I work in tech. If you think it’s “nonsensical” that’s on you.
Source.
Oh boy. Sure ok you must know everything about security and spam and scammers because you “work in tech”. Honestly, telling people that doesn’t make you sound any more credible.
Did you honestly just google “scammer typos” so you could provide me with an expert source?
You’re making a very simple assertion - that typos weed out potential victims who are gullible enough to fall for a nigerian prince scam with no typos, but not gullible enough to follow through to actually paying the scammer.
It’s a preposterous claim with absolutely no evidence supporting it. Any idiot can see it doesn’t withstand a moment’s thought.
On the other hand, it’s demonstrably true that typos can help to evade bayesian filters.
The actual situation, which both you and mr security blog guy have gravely misunderstood, is that including typos in order to evade filters improves response rates because it improves deliverability and does not discourage a significant number of victims.
Er go, the type of people who become victims are not likely to be discouraged by typos.
That’s not the same as including typos in order to discourage people who are not good victims.
If their claim is so preposterous then why are they providing sources and you’re not. Writing longer and longer walls of text and being more and more disrespectful isn’t going to convince anyone. If you have evidence just provide it instead of insisting is exists.
Never claimed that, said that because that’s why I’m aware of it, not that it indicates any authority.
Not quite but pretty much yep. Given you claimed it was “nonsensical” I had hope me showing sources that weren’t just my saying so might make you reconsider your position. Perhaps unsurprisingly, it didn’t.
You’re free to google “scammer typos” and check out the results yourself given there seems to be nothing I can do or link to convince you that this is a silly hill to die on.
What filters are these? I’ll have to keep an eye out for the grammar section in the inbound spam/phishing policies next time I’m managing a client in the exchange section of their tenant. Bad luck for those who don’t spell well, can’t use spell check or are ESL, I guess. Mistyped URLs or domains however, sure are a thing.
*Ergo. I guess you’ve made up your mind, based on god knows what. I’ll leave you with a link from a university’s IT department from your google search terms, feel free to look at the rest of them any time you like.
But what would the opinions based on another “Mr security guy”, aka a Microsoft researcher know.
indeed
I can’t believe I need to explain this to Mr exchange server administrator, but you have it the wrong way around. Spelling errors are a common strategy to avoid emails being classified as spam. Bayesian filters collate tables of words that commonly appear in spam. Spelling errors create words that the filter hasn’t seen classified as spam.
Bayesian filtering is a legacy strategy and Microsoft, for example, does not use it any more (because it’s inferior) except for legacy on-prem setups. Given you’ve attempted to be insulting, put words in my mouth and failed to provide supporting articles for your opinion I’m out. As I get enough of these sort of conversations at work and unless I start billing you… Lol’d at “Mr exchange server admin” though ngl.