- cross-posted to:
- lemmyshitpost@lemmy.world
- cross-posted to:
- lemmyshitpost@lemmy.world
We met here on Lemmy, of all places, believe it or not (sorry fellas, lol). I’ve never had communication so effortless. It’s like she already knows exactly what she wants to say as soon as I finish my thought (sometimes before, that’s how you know)!
After being jerked around so much over the years, I think this might finally be the one.
Has anyone actually messaged this “person”? I assume this is some kind of scam but I am always curious where they go and how they work. But not enough to investigate personally.
I messaged them the first time I got a message, back before anyone else had ever posted about it. I’ve gotten a few random DMs from confused people not familiar with how this site works, and just assumed it was one of those.
They didn’t respond back though, and then I started seeing others posting about it. They also keep making new accounts to spam the same exact message. I keep blocking and reporting them, and I’ve still gotten 3 more just this week.
Wait, this an inside joke? Who is she?
It’s a DM spammer bot.
ftfy.
Why spam if you’re not going to follow up though
The DM I got had external links, so that’s probably the goal. They’re too cheap to setup a DM chat bot apparently.
Huh, wonder what the scam is?
If the image has a unique name or unique-combination of images sent to any one user and is hosted on a server that the sender controls — haven’t checked — it could be an attempt to deanonymize Threadiverse users by getting their IP addresses.
For example, say tal@lemmy.today gets https://imagehost.com/girl34720.jpg and https://imagehost.com/girl83710.jpg.
The server can see the IP address of the client that loaded the images. The attacker knows that only tal@lemmy.today received that combination. Now the attacker knows tal@lemmy.today’s IP address.
Lemmy proxies access to embedded images
…
But do the other frontends also do this?
EDIT: I checked and the embedded image points to an uploaded image, however it’s hosted on another known instance (
https://lemmings.world/pictrs/image/1936a27f-ff82-4ec9-9da4-2942c21ad54a.png). This means that they can’t get people’s IP’s using it unless they control the instance. The other links don’t include any identifiers either.That’s exactly why I didn’t click any of the links in the DM. The image is safe, but external links are not.
The first message I got I asked if I knew them and got zero response.
Maybe it’s not a conventional scam but just a way to get followers.