I'm sure I can

13 February 202513 February 2025

OSINT : How I find back owners when I found something

This time it happens at Gare de Lyon, a french station, where I found a transportation card owned by someone that we’ll call Anna.

There was a picture on the card, so I start looking around me and said a bit loudly “Anna” to hope that someone will react. But no.

So I look for that person on internet, and found a LinkedIn profile that could match. Not every time easy with common name, but I had a good feeling ! With only her current company, I sent an email to [email protected]/fr, [email protected]/fr and it paid!

I received a minute later an OoO (Out of Office) message, with a mobile phone number.

I send a SMS to that phone number, and it works! I found the real owner of the card.

A bit scared at first on how I found her number, but pleased that I tried to find her and give her back her card.

That story is another one from a long serie, that I started in 2020 when I found an iPhone in the forest. Since, I like to find back owners of lost items. So far, I’m having around an 80% success rate.

I even created an Instagram account for that : https://www.instagram.com/iamhenriphone?igsh=dW5ibWpkcTM0MDZ4

In the end, I’ll be grateful if anyone tried to bring me back something I lost. So I just do it.

Since, I’ve discovered that my practice is called OSINT : Open Source Intelligence. Usage of public data to recreate a profile. And I kind of like doing it. Even if Dimitri find it scary 😅

9 January 20255 February 2025

“Scammed” – Part 2

This post was written on may 2024, but as things evolved, I stopped my investigation.

This scam is called “pig-butchering” and aims to bait you before suggest you to invest more and keep your money. Probably, it’s mixed with laundering technics, but I’m not sure.

I’ve been contacted a dozen times now, but I stopped “testing” the system. As the scam is well known, there is no point in keep investigating. It seems well spread in France now, and the scam may happen sooner than expected.

I kept the draft of my may version point of view below.

Things evolved in a strange way since last month : I was contacted 2 more times for 2 different schemes, and I kept investigating.

The first observation is that these schemes are almost similar but seems to be perfected each time (maybe a pure coincidence)

The system slowly evolve in many points:

The website is improving, from the low quality “Entertainment One”, I got 2 news website : “Proctors Online” and “Kumo” (probably using the identity of real website)
The mechanism also improved : the tasks seems more credible (the theater movie booking was really bad at the beginning). Now, it’s more related to AppStore application, where you’re asked to “optimize” or provide fake evaluations. (In the end, I believe that it’s still 40 bullshits tasks to make you believe that you’re doing something useful)
There is now a training part in the beginning, where the scammer provide you credentials to another account (with a lot of “money” on it) to practice : you can experience the wonderful situation of making a lot of money and assist to a “combined tasks” that triple your revenues. (I’ll explain later the “combined tasks system”)
You can now visualize your “day strike” on a scale, and seing the bonus of “5 days log-in” coming

Bonus for 5 days log-in, 15 days and 30 days.

VIP level

Combined tasks

Not a really new scam
After sharing it with some friends, one of them found this Youtube video : https://www.youtube.com/watch?v=9P8YxsDwX_c

It explains the scam, that seems to have started in India, 1 year ago. Really like the first scenario I encountered (with the Instragram posts). However the recent one are more evolved.
In that video, it explains that people loose a lot of money in these scam (5k$, 26k$,…) and some of them committed suicide after.

When is happening the scam ?
According to the video, it’s after 7-10 days, when you gain “confidence” in the system, and are invited to invest more or to reach a level to get the maximum bonus.

The right moment to exit is precisely before reaching this level.

Why me ?
Is my phone number in a “pigeon” database now ? Being contacted 4 times is beyond coincidence. But I don’t get the point of sharing the number of a guy already being scammed.
Is my phone number in a dataleakage ? More plausible, and could explain the repetition.
Finally, another scenario could be : Same team, 4 differents scams, et trying to get their money back..

7 January 20257 January 2025

New year wishes with GenAI

This year, a bit bored by the tradition, but still wanted to reconnect with people, I tried to industrialise my new year wishes with ChatGPT.

First, I used the WhatsApp version of ChatGPT, for simplicity in the copy-paste of results, as I used WhatsApp also to connect with people.

Easy prompt for friends:

Write a short greeting message to wish Michel a Happy New Year. Add a little humorous side note on this subject: a topic

Also for work colleagues:

Write a short greeting message to wish Michelle a happy new year, traditional but warm.

Of course, I reviewed them before sending, as a good practice, slightly doing some changes.

Should I feel guilty doing that with ChatGPT ?

I know that some people will feel guilt, it’s in the era, but I’m trying to overpass that feeling, as it’s just a tool and I’m really taking the words I send.