My Scammer Girlfriend: Baiting a Romance Fraudster
155 comments
·March 12, 2025kgeist
mgfist
> It's kinda sad that we're associated mostly with Prigozhin in the West
Unfortunately, Pringles had such a hilarious (in a dark way) last few years that it makes it very hard to compete with.
shatsky
Yoshkar-Ola itself is a forgery, just google for its photos and name of that embankment street (no offence, just kidding, I even kinda like it, hope they didn't destroy some valuable authentic architecture to build it).
thaumasiotes
I recently encountered a YouTube video talking about a related industry: https://www.youtube.com/watch?v=eYup8chgkwM
It seems to be a similar idea, but with the scamming hidden in less-obviously-illegal places.
H8crilA
[flagged]
dang
Nationalistic flamewars are not allowed on Hacker News. No more of this, please, regardless of which nation you have a problem with.
kgeist
Prigozhin visited one of our prisons once; that’s the only violence there is. The paganism is not Slavic, it's Uralic. Local indigenous people are related to the Finns.
bufferoverflow
"Prigozhin visited one of our prisons once; that’s the only violence there is".
No, it's not.
sat0ri
Hate to be pedantic, but it's definitely not slavic paganism. Finno-Ugric, maybe.
dullcrisp
Bit rude but okay
danielvf
One warning, this scam, with it's fast timeline and request for funds to be sent to the girlfriend is a classic, but modern scams can be quite different than this.
"pig butchering" scams can run for months of contact with no requests for money, and then instead of asking for money, the user "invests" into what appear initialy to be profitable investments alongside the scammer.
fmajid
The people doing the pig butchering are themselves trafficked and working in horrendous slavery conditions in Cambodia:
https://theconversation.com/pig-butchering-fraud-the-link-be...
EvanAnderson
I stopped trying to mess with them and string them along after I heard about this.
pavel_lishin
I used to be somewhat mean to telemarketers, until I learned that some of them are prison laborers - getting paid pennies per hour to work in a prison call center.
That already feels morally un-great, and messing with them further no longer felt like something I could justify.
Scoundreller
There are downsides to engaging and not engaging, but I’m still on team engage and waste time.
Once they can’t find any true victims in a reasonable amount of time, the industry will disappear (or automate and remove the torture and amplify the attempts 1000x)
tdpvb
What if everyone started responding with aggressive encouragements, "Escape!" "Run from that place," "Murder your overlords, you outnumber them!"
derefr
I send them messages written in Khmer asking if they need help. (Most of the victims are not themselves Cambodian and cannot read this. But the messages are not for them; they're to spook their captors.)
Mistletoe
I used to be mean to scammers and ask if their mother was ashamed of them etc., but I recently tried another tactic and told them I loved them. It works a lot better. One told me his name and where they were located. It costs me nothing to tell them I love them. Maybe they need to hear it.
geodel
This is terrible. We must demand better working conditions for these folks.
saaspirant
I can confirm. Someone I know went there for "job abroad" via an "agent" and then came back after knowing what it truly was. It's common in India
asah
I suppose it's good news that AI will displace these humans ?
Henchman21
Removed as my context was incorrect
gadders
I ask them to invest in an alt coin I'm launching and then they stop talking to me.
lurk2
I saw this happen a few times where I used to work. The one instance that I remember was an older pensioner and a Filipina woman in her 30s. She met him in our city and eventually convinced him to move back to the Philippines with her. He used his pension to build her family a house for them all to live in. Once the house was finished, they locked him out of it and threatened to call the police if he didn't leave. This guy was in a wheelchair and didn't know how to read. What struck me was how nice he was - he wasn't at all bitter when he was describing what happened, and was extremely polite to everyone in the office.
I guess they look for people like that.
pat_space
Sad example of out rural kansas: https://www.cnbc.com/2024/08/21/cryptocurrency-shan-hanes-pi...
inimino
And in case it isn't obvious, with AI "companionship" models and such, this is about to get a lot worse as the cost of the string-along goes to zero.
LoganDark
I await the day where the companionship models are actually as good at creative writing as even ChatGPT. Of course if they're ever as good as a real person (the holy grail) then I'll be very happy, but I don't see that happening any time soon.
guappa
I think at this point pig butchering is so famous that if you fall for it you'd fall for any scam.
mesofile
Many years ago when advance-fee email scams [0] became common I was likewise amazed that anyone would fall for them. Then it was pointed out that the seemingly obvious warning signs were a feature and not a bug, they are there to filter out everyone with a minimum of common sense and ensure that the scammers, who are casting their nets wide, only get responses from a few people but those people who do respond are quite gullible. The pig butchering thing is just a different filter meant to trap a different kind of vulnerable person.
Zak
This thread is the first I've heard of it. I had to look it up.
The scammer convinces the mark to put money into fake investments and escalates until the mark runs of of money or gets spooked, then disappears. It's often made more persuasive by engaging in a fake romance.
bell-cot
If only that was true. In reality, outside of the more online-fraud-savvy demographics...
Lanolderen
Getting scammed on Runescape should be part of the school curriculum.
HeyLaughingBoy
I have literally never heard of it before this thread.
scyclow
Romance scams are pretty wild. A few years ago someone attempted to catfish me on hinge by impersonating WWE wrestler Mandy Rose. I think the irony or impersonating a professional wrestler (whose job is to act within an artificially constructed kayfabe universe) was lost on them.
I ended up turning the exchange into an interactive website: https://0ms.co/sexydating
Aspos
Kazakh names are typically unique planet-wide. There is a very, very low chance of there being another person with the same name. Chances of finding another person with the same name and the same year of birth are practically zero.
Edit: Seems like this particular combination is not unique after all. Found quite a few people of the same name. Perhaps they chose a victim which can't be found trivially.
bloak
Though the name Aidana is Kazakh, the pictures would be more plausible for a member of the Russian minority in Kazakhstan (15% of the population according to Wikipedia). The article doesn't reveal where those pictures were stolen from, does it? And the voice? Typical spam call centre voice ... Philippines?
Aspos
Sounds clearly Russian to me. Russian spoken in Yoshkar-Ola I guess.
alecmg
nothing like Russian, South Asian maybe
thaumasiotes
> The article doesn't reveal where those pictures were stolen from, does it?
It says they're taken from the Instagram account of "a Russian personal trainer".
I doubt the author is making an ethnic distinction between European Russians and Turkic Kazakhs, so the woman is probably identifiably located inside Russia.
thaumasiotes
> Kazakh names are typically unique planet-wide.
Really? What kind of structure do their names have? I think even cultures that used full-sentence names tended to have some conventional ones.
And certain name ideas are very common cross-culturally, as witness Bogdan / Nathaniel / Theodore (and older Diodorus / Apollodorus / Herodotus / etc) / Dieudonné / Atallah...
Going to something I know better, Chinese names can be unique, and I know someone who tells me her father specifically attempted to ensure that nobody shared her name, but I wouldn't go as far as saying that being unique is the typical case. Some names (小丽, 国强) have an attractive meaning and are used with identical spelling by large numbers of people; other names (Xīnyuè, Sījiā) show a lot of spelling variation while always being pronounced identically.
Aspos
There are quite a few pre-Islamic taboos some of which persist to this day. For example, can't give a child a name of a living person parents know of. This of course includes extended family, friends and even acquaintances. This restriction alone enforces creative naming.
Typically names consist of 1-5 elements which can be combined arbitrarily. There are literally thousands of such elements though.
Last name often is a first name of an ancestor a few generations deep and it is likely to be unique too.
So as a result first+last name combinations are quite unique.
Urbanization is changing all this of course but some traditions are still strong. In my entire life I've met just 3 people with the same first name as mine.
thaumasiotes
> Typically names consist of 1-5 elements which can be combined arbitrarily.
Out of curiosity, are those elements meaningful or just pure sounds?
BobAliceInATree
The author should redact the face of the woman whose photos were stolen
z3j4e
Thanks for this great example of how much metadata can work against the person generating it.
And I also want to thank the author for the wiki regarding the identification of the MUA by the Message-ID, that was a nice new detail I didn't know :)
potato3732842
Yeah, a pass with some exif scrubbing software would've gone a long way here.
They probably just don't care though because not doing so doesn't really risk anything.
compiler-guy
Anyone sophisticated enough to even look at the exif data is not a good mark.
codedokode
I thought gmail doesn't disclose sender's IP address? Or I was wrong? This is not good for privacy.
Also, for fingerprinting you can obtain a GPU model via WebGL (helps in detecting a VM), and probably can scan for known browser extensions by trying to fetch extension-specific URLs. Some sites also scan ports on the localhost by trying to connect to them to find out which software is run.
mmsc
>I thought gmail doesn't disclose sender's IP address? Or I was wrong? This is not good for privacy.
The IP address is the smtp server of course, not the individual user.
leni536
I learned that most email services do attach the IP address of the MUA (that is, the user's computer) if you send through SMTP. I set up an SMTP relay for myself to hide that.
The user's IP address is not attached if you use webmail.
LeonM
> I thought gmail doesn't disclose sender's IP address? Or I was wrong? This is not good for privacy.
This is not necessarily a Gmail thing, but just how SMTP works. It's not as bad as you'd think though.
SMTP services log the IP address and/or hostname of the remote host, and the address used by the host to identity itself (known as the HELO address). This is the address of the remote SMTP service (known as the MTA), which isn't typically the IP address of the users computer where the email client runs on (known as the MUA).
Under normal circumstances your email client (MUA) connects to your email service provider (MTA), which then sends the email to the MTA of the recipient. So the IP of your MTA (email hosting service), not your MUA (your computer) is exposed.
For example: if you send an email to a Gmail inbox using MS365, the receiver (the Gmail user) would see only the IP-address from Microsoft's outbound SMTP services.
So unless you run your own SMTP service at home, or attempt to directly connect with the receiving MTA using SMTP, your IP address won't be exposed.
badmintonbaseba
If you send through a MUA (like Thunderbird) that uses Gmail's SMTP then Gmail do expose your IP address. Most other email providers do the same.
> Under normal circumstances your email client (MUA) connects to your email service provider (MTA), which then sends the email to the MTA of the recipient. So the IP of your MTA (email hosting service), not your MUA (your computer) is exposed.
This is incorrect, most email providers' MTA includes the MUA's IP address in the headers.
neuroticnews25
Now i think it doesn't but it did as recent as in 2014, in a Received header like the one in the article.
badmintonbaseba
It still does, just tested it.
CPLX
Pretty sure that gmail doesn't disclose a useful email address when using web version of gmail, is that right?
__jonas
Interesting read, I wonder why they didn't get more into details about this fake dental practice website used by the scammer, like what server it's hosted on, who the domain is registered to, I guess they just had pretty good opsec and there was nothing interesting to find there?
brohee
A bit of a missed opportunity with the war in Ukraine. He could have expressed pro-Ukraine sentiment and the (most likely Russian) scammer could have echoed them back and possibly be caught in a FSB dragnet.
ChrisMarshallNY
It was probably a Chinese slave in a Myanmar boiler room.
Romance scammers and “pig butchering” scams are usually run by Asian gangs. Nasty folks.
The “good” news, however, is that AI is likely to make a big impact, here, and reduce the need to kidnap poor folks.
brohee
The fact that the scammer was in Russia was pretty credible. It'd be pretty odd for a scammer in Myanmar to alter the metadata to appear as to be from Russia and not from Kazakhstan as the "woman" claimed to be.
ChrisMarshallNY
Good point.
netsharc
Ha, with AI scammer traps (e.g [1]), it'll be AI lying to other AI, trillions of CPU cycles wasted accomplishing nothing other than speeding up the destruction of the planet.
I suppose one can then declare the mission accomplished: zero scammers left on the planet.
Nextgrid
> trillions of CPU cycles wasted accomplishing nothing other than speeding up the destruction of the planet.
Also known as "advertising".
pavel_lishin
> Ha, with AI scammer traps (e.g [1]), it'll be AI lying to other AI, trillions of CPU cycles wasted accomplishing nothing other than speeding up the destruction of the planet.
Reminds me of a small part of Neal Stephenson's "Anathem".
Or maybe a bit of Peter Watts' Rifters trilogy.
martin_a
Man, not even slaves are needed for scams anymore. Sad to see job losses even there... /s
znpy
[flagged]
inexcf
I find it strange that you seem to think he called them nasty because they are Asian an not because of the slavery and scams.
heraldgeezer
Yes, let us focus on virtue signalling instead of the scammers stealing people's hard-earned money.
InDubioProRubio
Its also important to get the maximum engagement from the scammer. Text produced is work and time. This is the only thing you can cost them, so its time to engage chatgpt and have them stuck in a telenovella.
lnsru
Modern lawyers use preproduced text blocks for their letters. I would like to believe, that scammers do the same. Probably they even have figured out what phrases are the most effective for good engagement.
voidUpdate
Their early emails are often boilerplate, but once you get them out of their opening book, they have to write their own emails. I've often seen in advance fee scams, after the first few emails, there's a sudden decrease in the quality of the text, that's how you know they're writing their own emails
decremental
[dead]
1024core
Reminds me of those 419 scams ("Nigerian Prince" scams) from the 90s and early 2000s.
ashoeafoot
Every message International 1 cent.. and doing nothing against the scaming is promoting deglobalization.
scottndecker
"Although I was invested in this project, I definitely wasn't "flirty sex chat with some random scammer" levels of invested. The thought also dawned on me that part of their playbook could even involve "Aidana" calling for phone sex.
Either would be crossing lines that I didn't want to cross, meaning that I'd stumbled upon an unexpected 4th rule of engagement: don't talk dirty with scammers."
Rules of life to live by.
Yoshkar-Ola, Russia is mentioned there. I'm from Yoshkar-Ola. This kind of scam business exists here at least since the early 2000s. We were once called the capital of such scam business in Russia. I didn't know it's still a thing. One of my acquaintances worked there in around 2005-2007. It was mostly students renting an appartment, rows of PCs. He left right before they were raided by police. Some British individual reported to our authorities and law enforcement acted on it. Never heard about them ever since, before this article.
It's kinda sad that we're associated mostly with Prigozhin in the West (the first thing the OP remembered), although we have other interesting stuff, for example we have probably the last remaining, still practiced pagan religion in Europe: https://hwpi.harvard.edu/pluralismarchive/news/europes-last-...