this post was submitted on 18 Mar 2025
75 points (96.3% liked)

Nicoled

339 readers
54 users here now

Hi, I'm Nicole! But you can call me the Fediverse Chick :D

For when you or others get nicoled.

founded 3 weeks ago
MODERATORS
75
submitted 2 weeks ago* (last edited 2 weeks ago) by [email protected] to c/[email protected]
 

I spent some time creating this mind map to sum up everything you'd want to know about the scam messages, as well as the common theories. I will try to keep it updated. If you have anything to add to this or critique, please let me know.

Might take a while to load, it's a very high res image. Here's a link alternative: https://files.catbox.moe/csls12.jpg

This should be obvious, but due to the recent developments I want to have this here as a warning:

Don't send the scammer any money, even as a joke.

all 38 comments
sorted by: hot top controversial new old
[–] [email protected] 2 points 3 days ago (1 children)

I got one with crypto addresses for "donations" for the first time today. That seems to be a new addition, messages from 2, 3, and 5 weeks ago didn't have them.

I have also received some "alternate" versions from pseudo-random usernames (ones not on your chart) from the sh.itjust.works instance. Mostly the same copy as always, but delivered entirely in an image rather than image+text. Thought that was interesting.

[–] [email protected] 2 points 3 days ago* (last edited 3 days ago)

The crypto adresses are back? As far as I'm aware, they were being sent out a week ago, but then stopped again. God damn it. But yeah, I have to add the new usernames

[–] [email protected] 20 points 2 weeks ago (2 children)

i love everything about this.. huge diagram fan..

my only criticism is the lack of mbin... ive been nicoled ~5 times directly on an mbin instance.

only really pertinent because im on a small instance with ~ 180 user accounts. how does she knooooow

[–] [email protected] 14 points 2 weeks ago (1 children)

Can confirm: Also mbin, also been nicoled

[–] [email protected] 3 points 1 week ago

Also Mbin, also had Nicole spam

[–] [email protected] 19 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

I can add a few data points.... https://lemmy.ca/u/fujinamilo was the nicole spammer on lemmy.ca, they used this account to test getting through filters. They logged into it from a VPN, and logged out (destroyed their session) when they were done.

They seem to message in batches of users, notice how both batches went to the same users in the same order at the top here: https://lemmy.ca/pictrs/image/b40f9e02-a162-4e56-8b5e-79b563a786c9.png

They like to spam the same users repeatedly: https://lemmy.ca/pictrs/image/ffd36fbd-2452-4806-960a-6d291b9c6d1a.png

Seeing as they actively joined lemmy.ca and tried to get through my filters after I made a post about them, it's reasonable to say they're watching us and probably having a lot of fun playing with everyone. Have we tried just asking for an AMA?

[–] [email protected] 8 points 2 weeks ago

It's kinda interesting that they seem to be targeting specific users, glad your filters are working.

I really want to know how people are being targeted. I've only received one, have zero idea if it was a specific post or community? I think mine was after a post rather than a comment, but I can't recall.

[–] [email protected] 10 points 2 weeks ago (1 children)

What Mindmap software is that? It looks really cool

[–] [email protected] 6 points 2 weeks ago (2 children)

Not FOSS sadly, but this is FigJam on figma.com.

[–] [email protected] 17 points 2 weeks ago (2 children)

... figma ... FIGMA BALLS

(I can do that, I'm a mod)

[–] [email protected] 7 points 2 weeks ago

I suppose you can.

[–] [email protected] 6 points 2 weeks ago (1 children)

I recently tried Minder as it's kinda beautiful, sorry for being a fosstechbro, nobody was asking (ಥ﹏ಥ)

[–] [email protected] 5 points 2 weeks ago

Looks like an actual nice program. I'm a big FOSS advocate myself, but I still use some other software for convenience's sake.

[–] [email protected] 9 points 2 weeks ago

The first one I received here was about a month ago from "missy29" at lemmings.world. Body of the message still said "Nicole" though, with some very early boilerplate text.

For completeness sake, I've also gotten from a nicole101 and a nicole40.

[–] [email protected] 8 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

If we could get the IP and email addresses from instance admins it could help figure this out.

[–] [email protected] 8 points 2 weeks ago (1 children)

Not all instances require an email. For example we don't.

[–] [email protected] 7 points 2 weeks ago (1 children)

What % of the instances these are coming from are instances that require email also would be a good thing to collect.

[–] [email protected] 6 points 2 weeks ago

Most of the used instances are abandoned without active moderation and even with the email requirement, there isn't a built-in way for lemmy to filter out temp mails. The abused instances are unlikely to have automod running.

[–] [email protected] 6 points 2 weeks ago (2 children)

Is it perhaps someone rolling out a relatively harmless spam across Lemmy to get Lemmy to improve its moderation tools?

[–] [email protected] 15 points 2 weeks ago (1 children)

Possibly, but I think this is off the table since they added crypto addresses

[–] [email protected] 5 points 2 weeks ago

I mean if i was doing this I'd add crypto addresses just for the lols, and wouldn't actually expect any.

[–] [email protected] 12 points 2 weeks ago* (last edited 2 weeks ago)

The picture doesn't seem to be AI, and it's unlikely to be the person from the picture. I highly doubt someone would use an innocent person's face for spam across the fediverse for the sake of improving security.

Especially because the security against spam was always going to be put to the test no matter what.

[–] [email protected] 6 points 2 weeks ago (1 children)
[–] [email protected] 4 points 2 weeks ago

RFC 3339 is superior to ISO 8601

[–] [email protected] 5 points 2 weeks ago

Ok, i've been thinking about this since the first time i received a nicole spam message because of the timing and what i was i doing and saying at that moment on another lemmy account and maybe i'm just paranoid, but you don't go and pull a pig butchering scam on a platform like this or any scam that is so obvious.

What i think is this is a mass surveilance attempt and in this thread https://lemmy.today/post/25826615 someone try to explain what might be happening. The bitcoin scam and everything else are probably a decoys in my opinion.

I could be wrong but this is all too fishy.

[–] [email protected] 4 points 2 weeks ago* (last edited 2 weeks ago)

What tool did you use btw. Looks amazing.

Edit: oh ok, figma.

[–] [email protected] 3 points 2 weeks ago (1 children)

in friendica, her profile shows a work address

[–] [email protected] 6 points 2 weeks ago

If Nicole is the victim of harassment then we probably shouldn't post this.

[–] [email protected] 3 points 2 weeks ago (1 children)

How can I see the language or my account? My instance is PT-BR

[–] [email protected] 4 points 2 weeks ago (1 children)
[–] [email protected] 5 points 2 weeks ago

Thanks. Looks like I have undetermined, English, Spanish and Portuguese.

[–] [email protected] 3 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

The crypto scam may be a copycat. If you sort by new in this community, the latest messages don't have a crypto address in it.

[–] [email protected] 5 points 2 weeks ago

Possibly, but I think there was also proof provided by multiple people that it is real. I think it's not only in the messages, but also on the matrix server.

[–] [email protected] 3 points 2 weeks ago

It would be really cool if Lemmy, or some similar ActivityPub platform, could host brainstorming apps like that.

I remember being part of r/celebritynumbersix and it was basically impossible to maintain any kind of database.

[–] [email protected] 2 points 2 weeks ago (1 children)

@FQQD

i got a message from a Nicole47...
what is ARG?

[–] [email protected] 2 points 2 weeks ago

An ARG is basically a cryptic internet art project, where fans come together and solve it. "Nicoles" messages are VERY unlikely to be connected to one, though. https://en.m.wikipedia.org/wiki/Alternate_reality_game