Fraud Field Note: the small charge you don't recognize is not a mistake

People see a tiny charge they cannot place, a dollar here, a few cents there, and they wait. Maybe it is a billing error. Maybe it will sort itself out. That patience is exactly what the other side is counting on.

A small charge is not a glitch. It is a scout.

Before anyone runs up a stolen card, they test it. A cheap online purchase, a small donation, something that will not trip a limit or trigger a call. If it clears, the card is good and the real charges follow, usually fast, usually while you are still deciding whether the first one was worth worrying about. The people who lose the least treat the two dollar mystery like the warning it is and kill the card that day. The ones who lose the most gave it a week to see what would happen.

If you cannot name a charge, you do not owe it the benefit of the doubt. Small and strange is how the big one announces itself.

Have you ever caught a fraud early off one odd little charge, and what tipped you off?

reddit.com
u/WestCoast_Pete — 1 day ago

Fraud Field Note: the second call is the one that empties what's left

Most people believe the worst is over once the money is gone. The account is drained, the lesson is learned, and they brace for the fact that it is never coming back. Then the phone rings again, and someone very kind explains they can help recover the funds.

I have watched this take people for more than the original scam did.

The recovery pitch works because it finds someone already hurting and offers the one thing they want most. Sometimes it is a "fraud recovery agency" or a "government victims fund." Sometimes it is the same crew that hit them the first time, circling back under a new name, because a proven victim is worth more than a cold number. There is always a fee to release the money, or a tax, or a verification deposit. The same shape as the first con, aimed at someone already trained to comply.

Nobody legitimate charges you up front to return money that was stolen from you. If the offer arrives right after the loss, it is not a rescue. It is the second wave.

For anyone who works these or has been through one: how long after the first hit did the recovery offer show up?

reddit.com
u/WestCoast_Pete — 2 days ago

Fraud Field Note: the last thing a scammer steals is your willingness to tell anyone

Most people think the scam ends when the money leaves. In the cases I work, that is where the most effective part begins. The money is gone, and then the silence sets in.

Shame does what no threat could. The victim does not call the bank, because saying it out loud makes it real. They do not warn their sister, who is about to get the same call, because admitting it feels worse than the loss itself. They do not report it, so the number that hit them keeps hitting other people unflagged. The scammer never has to lift a finger for any of this. He just counts on the fact that we punish ourselves harder than he ever would. The silence is not an accident. It is the part of the scheme that keeps protecting him long after the money is spent.

For anyone in this work, or anyone who has been there: what finally got someone to break the silence and tell a real person what happened?

reddit.com
u/WestCoast_Pete — 3 days ago

Fraud Field Note: the scammer was the only person who called her every day

We like to explain elder fraud with the word confusion. She got mixed up. She forgot. It is a comfortable word because it means this could only happen to someone who had already slipped. Most of the cases I have sat with do not look like that at all.

They look like loneliness. The man called every day. He asked how she slept. He remembered the name of her dog. For a lot of older people who lost a spouse and whose kids are busy three states away, that attention is not a warning sign, it is the best part of the week. By the time money enters the picture he is not a stranger anymore, he is the one person who shows up. You cannot fix that with a fraud flyer, because the flyer is asking her to give up the only company she has.

For anyone who has worked an elder case or watched one in their own family: was it ever really about memory, or was it about who else was calling?

reddit.com
u/WestCoast_Pete — 4 days ago

Fraud Field Note: the cleanest money laundering I work never moves a dollar

When people picture money laundering, they picture movement. Cash in a suitcase. A wire to some island. A shell company in a place you can’t pronounce. The case type taking over my world right now does the opposite. The money never goes anywhere.
The cartel’s dollars stay in Los Angeles. The buyer’s money stays in China. Nothing crosses a border. The ledger just balances.
Here is how that works. A cartel is sitting on U.S. cash it can’t get home to Mexico. At the same time, a wealthy family in China wants far more money out than the roughly fifty thousand a year Beijing lets them legally move. A broker sits in the middle. He buys the cartel’s stranded dollars at a discount and pays the cartel clean value back in Mexico, then sells those same dollars to the Chinese buyer, who pays for them in clean money inside China. Two opposite problems cancel each other out. The dollars change hands through a bank account or a storefront register and stay exactly where they started.
We were all trained to follow the money. But you can’t follow a dollar that never travels. You have to follow the people standing where it stopped.
For anyone in banking, compliance, or law enforcement who has actually worked one of these: what was the tell? What finally made the account or the business stop adding up?

reddit.com
u/WestCoast_Pete — 10 days ago

Fraud Field Note: ransomware crews are now messaging employees directly and offering them a cut to let them in

Most business owners still picture ransomware as someone breaking in from the outside. A growing share of it starts with someone being invited in.

Last year a crew messaged a BBC reporter on Signal and offered him fifteen percent of a future ransom to help them get into the network. When he hesitated, they raised it to twenty-five percent. When he still would not play along, they ran a flood of login prompts at his accounts instead. He reported it and got cut off from internal systems as a precaution.

That is the part most companies have not priced in. These crews are not only phishing you and scanning your perimeter. They are also direct messaging your staff on LinkedIn, Telegram, and Signal, offering a percentage in exchange for a VPN login or remote access. It is not new either. Back in 2020 a man flew into Nevada and spent weeks befriending a factory employee, trying to pay him to plant malware on the inside. The employee reported it, which is the only reason it did not work.

The uncomfortable version of insider risk is not just the disgruntled employee. It is a funded group actively recruiting your people with real money, and counting on the fact that nobody told them what that pitch looks like.

For those of you on the security side: are these recruitment messages reaching your staff yet, and how are you teaching people to flag them instead of quietly deleting them?

reddit.com
u/WestCoast_Pete — 10 days ago

Fraud Field Note: ransomware crews are now messaging employees directly and offering them a cut to let them in

Most business owners still picture ransomware as someone breaking in from the outside. A growing share of it starts with someone being invited in.

Last year a crew messaged a BBC reporter on Signal and offered him fifteen percent of a future ransom to help them get into the network. When he hesitated, they raised it to twenty-five percent. When he still would not play along, they ran a flood of login prompts at his accounts instead. He reported it and got cut off from internal systems as a precaution.

That is the part most companies have not priced in. These crews are not only phishing you and scanning your perimeter. They are also direct messaging your staff on LinkedIn, Telegram, and Signal, offering a percentage in exchange for a VPN login or remote access. It is not new either. Back in 2020 a man flew into Nevada and spent weeks befriending a factory employee, trying to pay him to plant malware on the inside. The employee reported it, which is the only reason it did not work.

The uncomfortable version of insider risk is not just the disgruntled employee. It is a funded group actively recruiting your people with real money, and counting on the fact that nobody told them what that pitch looks like.

For those of you on the security side: are these recruitment messages reaching your staff yet, and how are you teaching people to flag them instead of quietly deleting them?

reddit.com
u/WestCoast_Pete — 10 days ago
▲ 8 r/osinttools+1 crossposts

News aggregators put you in a bubble and pick a side. I built the opposite: search everything, see the connections, read the primary sources yourself

The problem that bugged me enough to build this:

Most news apps run on an engagement algorithm. They learn what keeps you scrolling, then feed you more of it, usually from one or two outlets, often slanted toward whatever narrative keeps you clicking. You end up in a bubble, reading one version of events, and you don't even know what you're not seeing. Some aggregators are openly biased: they only surface the stories that fit their angle.

I wanted the opposite. A tool that just tells me what's happening, lets me look things up myself, and doesn't put a thumb on the scale.

So I built The Nexus.

No engagement algorithm choosing your news for you. It pulls from 200+ outlets across the spectrum and ranks stories by corroboration (how many independent outlets are reporting the same thing), not by what will keep you hooked. You search across everything yourself instead of being fed.

The part I'm most proud of: it connects the news to the receipts. Behind the headlines, Nexus pulls in the actual public records, 48 government data feeds: federal court dockets, SEC filings, sanctions lists, campaign finance, lobbying disclosures, enforcement actions, and more. And it builds an entity graph, so you can see how people, companies, and places connect across both the coverage and the records.

Two concrete examples:

  • Look up a company and you'll see every outlet covering it, plus its court cases, SEC filings, sanctions exposure, federal contracts, and donations, all in one view.
  • "Precinct" compares reported crime (what the news covers) against measured crime (the city's actual incident data) and just shows you where the two diverge. It doesn't tell you what to conclude. It shows you the gap and lets you decide.

That's the whole philosophy: show, don't tell. Give people the full picture and the primary sources, and trust them to think for themselves.

Status: Live on the web now (free to explore, no signup needed to look around). The iOS app is in Apple review, coming soon. Built solo, with a lot of AI pair-programming (happy to talk about that).

What I'd genuinely love feedback on:

  • Does "show me everything plus the receipts, don't algorithm me" actually resonate, or do people secretly want the algorithm?
  • Is the cross-source / connections view useful, or overwhelming?
  • What would make you come back and actually use it?

Link: thenexus.news

Happy to answer anything about the build, the data pipeline, or the philosophy.

u/WestCoast_Pete — 7 days ago

r/fraudfieldnotes — short, practical field notes on the scams actually hitting people right now

I started r/fraudfieldnotes as a place for plain-language field notes on fraud and scams, written from the perspective of someone who has spent years working these cases rather than just reading about them.

The format is simple. Each post is a short "field note" on a scam pattern that's active right now: how it works, who it targets, the part that makes people fall for it, and what actually stops it. No fear-mongering, no product pitches. Then it opens up, because the people in the comments have usually seen angles I haven't.

A recent example, on the scams that spike every summer:

  • Vacation rental scams — a great listing, a deposit sent, and the property turns out fake, duplicated, or never for rent.
  • Travel and event scams — fake airline deals, discount packages, concert and theme-park tickets, aimed at people already in planning mode and feeling rushed.
  • Contractor fraud — roofing, landscaping, pool, storm-recovery work, with a big upfront payment and then the contractor disappears.

The thread running through all of them isn't technology. It's urgency. Most victims aren't tricked because they're not smart. They're deciding while excited about a trip, stressed about a repair, or scared of missing out.

Who it's for: investigators, fraud and security folks, small business owners, and honestly anyone who wants to catch this stuff earlier or help family members who get targeted.

If that sounds useful, come join r/fraudfieldnotes. And to get something out of you in return: what's the scam you're seeing cause the most damage right now?

reddit.com
u/WestCoast_Pete — 29 days ago
▲ 1 r/FraudFieldNotes+1 crossposts

Fraud Field Note: What Summer Scam Are You Seeing Right Now?

After years investigating fraud cases, I’ve noticed that scammers tend to follow the calendar.

Tax season brings government impersonation scams. The holidays bring shopping scams and fake package deliveries.

Summer has its own patterns.

The three scams I expect to see repeatedly over the next few months are:

Vacation Rental Scams
Victims find a great property online, send a deposit, and later discover the listing was fake, duplicated, or never available for rent.

Travel and Event Scams
Fake airline deals, discounted vacation packages, concert tickets, and theme park passes are common because people are already planning trips and often feel pressure to act quickly.

Contractor Fraud
Summer is prime season for home repairs, landscaping, pool work, roofing, and storm recovery. Scammers know homeowners are looking for help and often request large upfront payments before disappearing.

The common thread isn’t technology.

It’s urgency.

Most victims aren’t tricked because they lack intelligence. They’re making decisions while excited about a vacation, worried about repairs, or afraid of missing an opportunity.

For those who work investigations, own a business, or have encountered fraud personally:

What summer-related scam have you seen cause the most damage?

reddit.com
u/WestCoast_Pete — 29 days ago
▲ 2 r/Scams

[US] Why do people fall for scams they already recognize?

I’ve spent years interviewing fraud victims, and one thing keeps showing up that I don’t think gets talked about enough:

A lot of people do recognize the scam.

They feel something is off. They almost stop. They almost call someone. They almost verify it.

Then fear, urgency, embarrassment, exhaustion, sunk cost, or trust wins the argument in their head, and the money still leaves the account.

That has changed how I think about scam prevention. “Teach people to spot scams” is only part of it. The real failure point is often the 30 seconds after they spot it.

I wrote about it in my blog.

Curious what others think: should scam prevention focus less on recognition and more on building automatic pause points, second-person verification, cooling-off periods, and trusted-contact systems?

reddit.com
u/WestCoast_Pete — 30 days ago