Comment by xnx
4 days ago
> The one-day waiting period is so arbitrary.
Scammers aren't going to wait on the phone for a day with your elderly parent.
4 days ago
> The one-day waiting period is so arbitrary.
Scammers aren't going to wait on the phone for a day with your elderly parent.
Brother, there's an entire genre of scamming where the scammers spend months building rapport with their victims, usually without ever asking for anything, before "cashing out". One day is nothing.
Wouldn't a wait time like 2 hours with some jitter make it more difficult for a scammer to pursue the case? People aren't going to be willing to stay on the phone for hours at a time. With 24 hour wait, the scammer could just schedule another call for the next day.
>People aren't going to be willing to stay on the phone for hours at a time.
"Okay, come back to me in a few hours and we'll continue"
Remember, these are already people who took the time to respond. They are invested.
1 reply →
Scammers already will spend multiple days on a scam call. Watch some Kitboga videos, he'll strings them along for a week.
"Google will call you again tomorrow to get you your refund."
There, we've successfully circumvented all of Google's security engineering on this "feature."
Check out this A&E Intervention episode for Greg. They have continuously worked this guy over for months.
https://youtu.be/YIR-nJv_-VA?t=121
They don't mind being patient when they have dozens of other victims in the wait queue.
This is obvious to anyone with a brain. I'm not familiar with scam logistics or the videos you mentioned, and the exact same line you put in quotes is what first came to my mind.
tl;dr of this post is that Google wants to lock down Android and be its gatekeeper. Every other point of discussion is just a distraction.
I think the more important aspect is that people will have 24h to slow down, think, and realize that they are being scammed. Urgency and pressure is one of the top tactics used by scammers.
Scammers will definitely call back the next day to continue. But it is quite possible that by then the victim has realized, or talked to someone who helped them realize that they are being scammed.
There's been some reporting recently where I live about a case of some woman being scammed.
She went to a bank to transfer the scammer money. They told her no. She came back the next day. The police got involved and explained everything to her. Then she came back the next day. After that, she apparently found another location which let her transfer the money.
There's basically zero chance a 24 hour (or any amount of a) cool off period will help these people.
Just because you have one example of someone who would not realize doesn't mean that the number of people who would realize is zero.
4 replies →
Right, this friction makes it much harder for a scammer to get away with saying something like, "wire me $10,000 right now or you won't see your child ever again!" as the potential victim is forced to wait 24 hours before they can install the scammer's malicious app, thus giving them time to think about it and/or call their trusted contacts.
The sheer arrogance that you think someone manipulated successfully will just re-think the situation and ask their friends/family. The naivety to assume all scammers are impulsive fools and don't do this for a living, as their primary line of work.
So Google's going to add some nonsense abstraction layer and when this fails to curb the problem after a 24 hour wait, it will be extended more maybe a week, and more information must be collected to release it. We all know how this goes.
[flagged]
Potencial victim's AI agents will wait patiently those 24 hours. In fact it may just wait exactly 24 hours and not one more second.
Goalposts moving, who says this on an official forum?
Sure, but what about a 30 minute delay? 1 hour? 2 hour?
24 is just so long.
But also, my expectation is that a scammer is going to just automate the flow here anyways. Cool, you hit the "24 hour" wait period, I'll call you back tomorrow, the next day, or the next day and continue the scam process.
It might stop some less sophisticated spammers for a little bit, but I expect that it'll just be a few tweaks to make it work again.
24 hours is long enough to get them off the phone, and potentially talking to other people who might recognize the scam.
There will be some proportion of people who mention to their spouse/child/friend about how Google called them to fix their phone, and are saved by that waiting period.
Exactly - the idea is to make it harder for scammers to create a false sense of urgency.
1 reply →
Sure, but wouldn't 35 hours do the same trick? Or 5 hours? Or 10 hours and 28 minutes? :)
The question is, why exactly 24 hours? The argument is that the time limit is set to protect the users and sacrifice usability to do so. So it would be prudent to set the time limit to the shortest amount that will protect the user -> and that shortest amount is apparently 24 hours, which is rather.. suspiciously long and round :)
2 replies →
Have you watching literally ANY scamming video in your life? Even if you were bon yesterday.
Have you ever watched Kitboga? Scammers call people back all the time. They keep spreadsheets of their marks like a CRM. It takes time to build trust and victimize someone, and these scammers are very patient.
Scammers will gladly wait on hold for 10 hours a day, for a week, if they think they'll get their Bitcoin.
They have infinite time and patience.
It sounds like the 24 hour advanced flow should be completely removed then to protect these people. Right? It can't be perfect so to follow you, it should not exist.
they wouldn't wait an hour either.