Yoshkar-Ola, Russia is mentioned there. I'm from Yoshkar-Ola. This kind of scam business exists here at least since the early 2000s. We were once called the capital of such scam business in Russia. I didn't know it's still a thing. One of my acquaintances worked there in around 2005-2007. It was mostly students renting an appartment, rows of PCs. He left right before they were raided by police. Some British individual reported to our authorities and law enforcement acted on it. Never heard about them ever since, before this article.
It's kinda sad that we're associated mostly with Prigozhin in the West (the first thing the OP remembered), although we have other interesting stuff, for example we have probably the last remaining, still practiced pagan religion in Europe: https://hwpi.harvard.edu/pluralismarchive/news/europes-last-...
Yoshkar-Ola itself is a forgery, just google for its photos and name of that embankment street (no offence, just kidding, I even kinda like it, hope they didn't destroy some valuable authentic architecture to build it).
One warning, this scam, with it's fast timeline and request for funds to be sent to the girlfriend is a classic, but modern scams can be quite different than this.
"pig butchering" scams can run for months of contact with no requests for money, and then instead of asking for money, the user "invests" into what appear initialy to be profitable investments alongside the scammer.
I saw this happen a few times where I used to work. The one instance that I remember was an older pensioner and a Filipina woman in her 30s. She met him in our city and eventually convinced him to move back to the Philippines with her. He used his pension to build her family a house for them all to live in. Once the house was finished, they locked him out of it and threatened to call the police if he didn't leave. This guy was in a wheelchair and didn't know how to read. What struck me was how nice he was - he wasn't at all bitter when he was describing what happened, and was extremely polite to everyone in the office.
Thanks for this great example of how much metadata can work against the person generating it.
And I also want to thank the author for the wiki regarding the identification of the MUA by the Message-ID, that was a nice new detail I didn't know :)
Romance scams are pretty wild. A few years ago someone attempted to catfish me on hinge by impersonating WWE wrestler Mandy Rose. I think the irony or impersonating a professional wrestler (whose job is to act within an artificially constructed kayfabe universe) was lost on them.
Kazakh names are typically unique planet-wide. There is a very, very low chance of there being another person with the same name. Chances of finding another person with the same name and the same year of birth are practically zero.
Edit: Seems like this particular combination is not unique after all. Found quite a few people of the same name. Perhaps they chose a victim which can't be found trivially.
Though the name Aidana is Kazakh, the pictures would be more plausible for a member of the Russian minority in Kazakhstan (15% of the population according to Wikipedia). The article doesn't reveal where those pictures were stolen from, does it? And the voice? Typical spam call centre voice ... Philippines?
Really? What kind of structure do their names have? I think even cultures that used full-sentence names tended to have some conventional ones.
And certain name ideas are very common cross-culturally, as witness Bogdan / Nathaniel / Theodore (and older Diodorus / Apollodorus / Herodotus / etc) / Dieudonné / Atallah...
Going to something I know better, Chinese names can be unique, and I know someone who tells me her father specifically attempted to ensure that nobody shared her name, but I wouldn't go as far as saying that being unique is the typical case. Some names (小丽, 国强) have an attractive meaning and are used with identical spelling by large numbers of people; other names (Xīnyuè, Sījiā) show a lot of spelling variation while always being pronounced identically.
I thought gmail doesn't disclose sender's IP address? Or I was wrong? This is not good for privacy.
Also, for fingerprinting you can obtain a GPU model via WebGL (helps in detecting a VM), and probably can scan for known browser extensions by trying to fetch extension-specific URLs. Some sites also scan ports on the localhost by trying to connect to them to find out which software is run.
A bit of a missed opportunity with the war in Ukraine. He could have expressed pro-Ukraine sentiment and the (most likely Russian) scammer could have echoed them back and possibly be caught in a FSB dragnet.
Growing up in the cold war, we always heard of "Mail order brides from Russia".
In 2008 I had a disastrous international romance that began on an MMORPG.
It was then that I learned that mail order bride companies often mediated between prospective girlfriends and the men overseas, and they actually protected both sides from scams or utter heartbreak. They made secure matches if they were reputable and they were able to arrange romances, or visas, immigration or whatever was being looked for.
Their clients alone would never have the resources to research and verify and vet one another.
It may have been a backpage, craigslist, back alley sort of operation, but perhaps sometimes it actually worked?
Interesting read, I wonder why they didn't get more into details about this fake dental practice website used by the scammer, like what server it's hosted on, who the domain is registered to, I guess they just had pretty good opsec and there was nothing interesting to find there?
"Although I was invested in this project, I definitely wasn't "flirty sex chat with some random scammer" levels of invested. The thought also dawned on me that part of their playbook could even involve "Aidana" calling for phone sex.
Either would be crossing lines that I didn't want to cross, meaning that I'd stumbled upon an unexpected 4th rule of engagement: don't talk dirty with scammers."
I've never quite understood this sort of anti-scammer content and what its appeal is to readers. There are a million YouTube videos and other articles out there that explain, analyze, as well as mock[1] and denigrate scammers - who are essentially modern day slaves [2].
Yesterday someone tried to hack my WhatsApp. He call me and said something like:
> Hello! I'm from phone company $Name. Someone tried to register your WhatsApp number form $Another_city. We are calling to confirm because otherwise we will have to block your phone line with $Name.
The first problem was that $Name was not my phone company. I though it was a "change company" call that is worse than a scam because it's real and is done by the phone companies. They even let children accept the company change. So I said that I didn't authorize any change to anything. He replied that:
> You are in WhatsApp group $Something and if you don't confirm we will have to block your phone line with $Name.
Weird pause because I was in group $Something! And he continued:
> We will send you now an SMS with a code to confirm your identity, because if we don't get the confirmation we will have to block your phone line with $Name.
I hang up.
I got a SMS from WhatsApp with a secret number to install WhatsApp in a new device, that explicitly says that I should not share the number with anyone.
They probably hacked the account of other member of group $Something. The main plan is to send money request to other persons in the group. Our bank system is quite modern and everyone has in their phone an app from the bank to transfer money instantly for free. (I have not seen a dead-tree check in decades.)
So today I have zero sympathy for scammers. Moreover, I think the employees of the call centers of the real companies here have worse working conditions than the scammer here. And neither of them are in almost slavery conditions.
(From time to time we have police investigations of slavery conditions but mostly for forced prostitution and ilegal cloth factories. It's a real problem but not in the scammer area.)
I can think of three things: serving as a guide, serving to raise awareness, and entertainment.
On the "serving as a guide" part, some people are activists and subscribe to the idea that if they are wasting a scammer's time, this means the scammer has one victim fewer.
On the raising awareness side, there are absolutely plenty of YouTube videos, but it's always good to educate people before they become targets. The psychological and financial impact of getting scammed can be devastating. Raised awareness could also prompt the authorities to crack down on scam centers.
On the entertainment side - some people just get a kick out of it.
Additionally, this particular article breaks down the various tactics used and teaches the reader to identify them.
It’s a form of “justice porn”. You’re right that these scammers are victims themselves. But seeing how they treat vulnerable groups (particularly less tech savvy, trusting, older people - which may well be your mom one day) is absolutely fucking vile.
Also, some anti-scammer YouTubers are legitimately very skilled and entertaining to watch. Kitboga is the first that comes to mind. He has all these voices, characters, sound effects - and takes scammers on quite some adventures. Pretty funny.
This deserves some nuance. Much of the scam-baiting content - in fact, all of the ones I'd seen until this post - revolves around tech support scams, advance fee scams and the likes, which unlike these romance scams are generally not done by slaves.
I posted it because I find awareness of these scams is useful. If you have older relatives or friends you might want to be ready if they report a new online relationship.
I also don’t spend much time on YouTube so a blog post is good for people who don’t want to take the time warning a video.
Based on crime research, it seems that most organized crime is composed of modern day slaves, with varied degree of slavery. The most extreme are those that involve trafficking. It is a key distinction of the lowest level of their hierarchy, including the aspect that the lowest levels do most of the hands on work and most/all of the interaction with victims.
I view articles like this to be similar to those that explain and analyze the behavior of foot solders in street gangs. Who do they approach, how, what strategy do they employ to build trust, and how do they avoid detection.
scams are not acceptable, no matter who's performing it
> I've never quite understood this sort of anti-scammer content and what its appeal is to readers.
mocking is a very effective way to raise awareness of the issue, it delivers information on how scammers act and how to understand you're being scammed, and make that information stick.
making that kind of scam inefficient is a very good way (entertaining, non-violent, essentially harmless to scammer) to make the phenomenon disappear.
Are you maybe falling into the trap of being surprised at other people not yet knowing what you know? "Today's ten thousand" as it's called in xkcd: https://xkcd.com/1053/
If you're not already jaded with the topic, it's really interesting! There's a lot of detail and nuance to it, and yeah, there's some satisfaction in seeing the bad guys get foiled for once.
This particular investigation doesn't actually mock or denigrate the scammers. The author sets a strict rule at the very start:
Techniques not people: the aim of this is not to identify the individuals behind the scams, it's to see how they work.
That doesn't actually rule out mockery, but they don't engage in it anyway (beyond a "cheeky bastards" aside, which in any case is more about acknowledging their chutzpah).
Unrestrained empathy is self-destruction. Being a victim is not a blanket excuse for the act of victimizing others. There is no easy, feel-good solution to this problem.
Every few weeks I'll get a DM on Discord where they try to sell me some art. Of course they never have any public portfolio and don't identify themselves further. Usually I ask them directly "what's the scam this time" or similar and they always reply along the lines of "I'm not scammer. I'm real!". Haven't had the patience to find out how the scam eventually works.
[+] [-] kgeist|1 year ago|reply
It's kinda sad that we're associated mostly with Prigozhin in the West (the first thing the OP remembered), although we have other interesting stuff, for example we have probably the last remaining, still practiced pagan religion in Europe: https://hwpi.harvard.edu/pluralismarchive/news/europes-last-...
[+] [-] mgfist|1 year ago|reply
Unfortunately, Pringles had such a hilarious (in a dark way) last few years that it makes it very hard to compete with.
[+] [-] thaumasiotes|1 year ago|reply
It seems to be a similar idea, but with the scamming hidden in less-obviously-illegal places.
[+] [-] inemesitaffia|1 year ago|reply
[+] [-] shatsky|1 year ago|reply
[+] [-] H8crilA|1 year ago|reply
[deleted]
[+] [-] danielvf|1 year ago|reply
"pig butchering" scams can run for months of contact with no requests for money, and then instead of asking for money, the user "invests" into what appear initialy to be profitable investments alongside the scammer.
[+] [-] fmajid|1 year ago|reply
https://theconversation.com/pig-butchering-fraud-the-link-be...
https://restofworld.org/2022/cambodias-scam-mills/
[+] [-] gadders|1 year ago|reply
[+] [-] lurk2|1 year ago|reply
I guess they look for people like that.
[+] [-] pat_space|1 year ago|reply
[+] [-] inimino|1 year ago|reply
[+] [-] guappa|1 year ago|reply
[+] [-] z3j4e|1 year ago|reply
And I also want to thank the author for the wiki regarding the identification of the MUA by the Message-ID, that was a nice new detail I didn't know :)
[+] [-] potato3732842|1 year ago|reply
They probably just don't care though because not doing so doesn't really risk anything.
[+] [-] scyclow|1 year ago|reply
I ended up turning the exchange into an interactive website: https://0ms.co/sexydating
[+] [-] Aspos|1 year ago|reply
Edit: Seems like this particular combination is not unique after all. Found quite a few people of the same name. Perhaps they chose a victim which can't be found trivially.
[+] [-] bloak|1 year ago|reply
[+] [-] thaumasiotes|1 year ago|reply
Really? What kind of structure do their names have? I think even cultures that used full-sentence names tended to have some conventional ones.
And certain name ideas are very common cross-culturally, as witness Bogdan / Nathaniel / Theodore (and older Diodorus / Apollodorus / Herodotus / etc) / Dieudonné / Atallah...
Going to something I know better, Chinese names can be unique, and I know someone who tells me her father specifically attempted to ensure that nobody shared her name, but I wouldn't go as far as saying that being unique is the typical case. Some names (小丽, 国强) have an attractive meaning and are used with identical spelling by large numbers of people; other names (Xīnyuè, Sījiā) show a lot of spelling variation while always being pronounced identically.
[+] [-] codedokode|1 year ago|reply
Also, for fingerprinting you can obtain a GPU model via WebGL (helps in detecting a VM), and probably can scan for known browser extensions by trying to fetch extension-specific URLs. Some sites also scan ports on the localhost by trying to connect to them to find out which software is run.
[+] [-] brohee|1 year ago|reply
[+] [-] duxup|1 year ago|reply
[+] [-] AStonesThrow|1 year ago|reply
In 2008 I had a disastrous international romance that began on an MMORPG.
It was then that I learned that mail order bride companies often mediated between prospective girlfriends and the men overseas, and they actually protected both sides from scams or utter heartbreak. They made secure matches if they were reputable and they were able to arrange romances, or visas, immigration or whatever was being looked for.
Their clients alone would never have the resources to research and verify and vet one another.
It may have been a backpage, craigslist, back alley sort of operation, but perhaps sometimes it actually worked?
Hail Melania
[+] [-] DamonHD|1 year ago|reply
[+] [-] __jonas|1 year ago|reply
[+] [-] BobAliceInATree|1 year ago|reply
[+] [-] unknown|1 year ago|reply
[deleted]
[+] [-] scottndecker|1 year ago|reply
Either would be crossing lines that I didn't want to cross, meaning that I'd stumbled upon an unexpected 4th rule of engagement: don't talk dirty with scammers."
Rules of life to live by.
[+] [-] _tk_|1 year ago|reply
[1]: https://www.youtube.com/watch?v=dWzz3NeDz3E [2]: https://www.abc.net.au/news/2025-03-02/human-trafficking-vie...
[+] [-] gus_massa|1 year ago|reply
Yesterday someone tried to hack my WhatsApp. He call me and said something like:
> Hello! I'm from phone company $Name. Someone tried to register your WhatsApp number form $Another_city. We are calling to confirm because otherwise we will have to block your phone line with $Name.
The first problem was that $Name was not my phone company. I though it was a "change company" call that is worse than a scam because it's real and is done by the phone companies. They even let children accept the company change. So I said that I didn't authorize any change to anything. He replied that:
> You are in WhatsApp group $Something and if you don't confirm we will have to block your phone line with $Name.
Weird pause because I was in group $Something! And he continued:
> We will send you now an SMS with a code to confirm your identity, because if we don't get the confirmation we will have to block your phone line with $Name.
I hang up.
I got a SMS from WhatsApp with a secret number to install WhatsApp in a new device, that explicitly says that I should not share the number with anyone.
They probably hacked the account of other member of group $Something. The main plan is to send money request to other persons in the group. Our bank system is quite modern and everyone has in their phone an app from the bank to transfer money instantly for free. (I have not seen a dead-tree check in decades.)
So today I have zero sympathy for scammers. Moreover, I think the employees of the call centers of the real companies here have worse working conditions than the scammer here. And neither of them are in almost slavery conditions.
(From time to time we have police investigations of slavery conditions but mostly for forced prostitution and ilegal cloth factories. It's a real problem but not in the scammer area.)
[+] [-] VPenkov|1 year ago|reply
On the "serving as a guide" part, some people are activists and subscribe to the idea that if they are wasting a scammer's time, this means the scammer has one victim fewer.
On the raising awareness side, there are absolutely plenty of YouTube videos, but it's always good to educate people before they become targets. The psychological and financial impact of getting scammed can be devastating. Raised awareness could also prompt the authorities to crack down on scam centers.
On the entertainment side - some people just get a kick out of it.
Additionally, this particular article breaks down the various tactics used and teaches the reader to identify them.
[+] [-] jdiez17|1 year ago|reply
Also, some anti-scammer YouTubers are legitimately very skilled and entertaining to watch. Kitboga is the first that comes to mind. He has all these voices, characters, sound effects - and takes scammers on quite some adventures. Pretty funny.
[+] [-] jjani|1 year ago|reply
[+] [-] acdha|1 year ago|reply
I also don’t spend much time on YouTube so a blog post is good for people who don’t want to take the time warning a video.
[+] [-] belorn|1 year ago|reply
I view articles like this to be similar to those that explain and analyze the behavior of foot solders in street gangs. Who do they approach, how, what strategy do they employ to build trust, and how do they avoid detection.
[+] [-] znpy|1 year ago|reply
scams are not acceptable, no matter who's performing it
> I've never quite understood this sort of anti-scammer content and what its appeal is to readers.
mocking is a very effective way to raise awareness of the issue, it delivers information on how scammers act and how to understand you're being scammed, and make that information stick.
making that kind of scam inefficient is a very good way (entertaining, non-violent, essentially harmless to scammer) to make the phenomenon disappear.
[+] [-] iainmerrick|1 year ago|reply
If you're not already jaded with the topic, it's really interesting! There's a lot of detail and nuance to it, and yeah, there's some satisfaction in seeing the bad guys get foiled for once.
This particular investigation doesn't actually mock or denigrate the scammers. The author sets a strict rule at the very start:
Techniques not people: the aim of this is not to identify the individuals behind the scams, it's to see how they work.
That doesn't actually rule out mockery, but they don't engage in it anyway (beyond a "cheeky bastards" aside, which in any case is more about acknowledging their chutzpah).
[+] [-] kibwen|1 year ago|reply
[+] [-] ashoeafoot|1 year ago|reply
[+] [-] 1024core|1 year ago|reply
[+] [-] namaria|1 year ago|reply
"I am true woman! Scammers are bad!"
[+] [-] eXpl0it3r|1 year ago|reply
[+] [-] chatmasta|1 year ago|reply
[+] [-] not_a_bot_4sho|1 year ago|reply
[+] [-] throway3142025|1 year ago|reply
[deleted]
[+] [-] bevenhall|1 year ago|reply
[deleted]
[+] [-] spoonjim|1 year ago|reply
[deleted]
[+] [-] unknown|1 year ago|reply
[deleted]
[+] [-] temptemptemp111|1 year ago|reply
[deleted]
[+] [-] rexpop|1 year ago|reply
[deleted]