Category: Online Safety

Posted on

Rough Diamond – A scammer’s story

Here’s a fun little story about some scammy stuff that just happened to me on LinkedIn.

I’m currently looking around for either a new role or just some more work opportunities for next year, so I made a post on LinkedIn to say so. Within moments of making that post I received a number of responses from people, mostly recruiters and HR folk. Most of them just hit Like on my post, but one in particular, a young lady named Diamond Alex, reached out to me. According to her LinkedIn profile, this young recruitment specialist was based in Atlanta Georgia.

She suggested she might have some opportunities for me and asked that I send my resumé. I did so, and she got back to me very quickly after looking at it. She responded by telling me that my resumé could be improved (something I completely agree with) and that it should be ATS compliant (Applicant Tracking System, a standard that makes your resumé work better with most HR databases.) So that all sounded very sensible to me.

She then recommended I enlist the services of a professional resumé writer, who she referred to as “the expert”, and said he would be able to restructure my resumé to make it better. While I agree that getting some expert help might be a good idea in principle, I was immediately wary. I clicked on the link she sent to Fiverr page of “the expert” and she urged me to immediately request they start to work on it. I don’t generally trust this kind of pushy recommendation, so I told her I would prefer someone based in Australia. She assured me that this writer, who she explicitly told me was based in the United States, could do a great job and that they work with clients all over the world. A closer look at this writer’s Fiverr profile showed that their location was not the USA, but Nigeria. I told her this and then she conceded that, yes, he was based in Nigeria, but that didn’t really count because he did some work for her US company.



In this link she sent for this “expert writer”, who despite having a Fiverr account created in August 2024, she insisted had been doing work for her for several years, there were absolutely no reviews of his work. I thought that was odd. She responded by sending a screenshot of a bunch of positive reviews from her phone, although the screenshot did not show the username of the person receiving the reviews and could have been for anyone. I dug around a little more on Yus_B’s profile and did find another page for this same person that had some reviews, although many people mentioned that this “expert writer” had made many typos and grammar mistakes in the work he had allegedly done for them.

This was already more than enough red flags to have me walk away, but I was curious to see how far this would go, and I have a childish desire to just keep wasting scammer’s time, so I kept the conversation going. We swatted back and forth for a bit, with me getting more and more picky about the holes in her story, and her trying to have an answer for everything. For example, I asked why, if she was in Atlanta, was she up at 1:00am? She did not address that. I asked her why, if she was an experienced recruiter, was she connected to only three people on LinkedIn. No response to that point. I then uploaded her quite attractive profile photo to Google reverse image search, only to find that (surprise, surprise!) it’s a stock image being used in many places all over the internet.


It was at this point I suggested to her (him?) that she was not all she appeared to be, to which she responded by quickly deleting her LinkedIn profile before I could report it.

I already have a pretty dim view of most “recruitment specialists” even at the best of times. There’s a lot of HR vultures out there, but you really do need to be careful of the scammers and liars, even on a very HR focused platform like LinkedIn.

Posted on

Getting out of Password Hell

A while ago I realised that my online life was in password hell. I was using literally hundreds of sites and services that required passwords, but they were held together with a confusing mess of old passwords that I’d mostly forgotten, numerous passwords which were being used on more than one site,  passwords that didn’t meet the usual complexity rules usually required across the Internet, and so on. I often found myself having to do a password reset just to access a site, and of course that new password became yet another one I had to remember. Or forget.

I felt things were a little bit out of hand so I finally took a few steps to clean up my digital life.

First, using the same password for everything is an exceptionally stupid idea. Instead, I came up with my own system that helped me create hard-to-guess, but easy-to-remember passwords that I could apply to any site.  Having a clear system for this meant that when I signed up for some new online service I could quickly come up with a password that was memorable while also being unique to that site. It really helps to have a system. I made sure that my system always met the minimum complexity rules usually found online… that is, they contained uppercase, lowercase, numbers and symbols and were at least 8 characters long. If you do nothing else, come up with a system for your passwords! It’s so frustrating when you attempt to log in to a site that you’ve been to previously and can’t remember your password. So come up with a system for yourself, and please don’t just use the same password everywhere!

Secondly, I turned on multistep or 2-Factor authentication  for passwords on every site that offered this option (and there are a lot of them now). This is probably the single biggest thing you can do to improve the security of your online life. If you go online and don’t use 2 factor authentication, you’re not really serious about your online security. It’s that simple. I find it both amusing and frustrating when I hear people questioning the security of online services, and then find out they don’t use 2-Factor passwords. If you don’t use 2-Factor on every site that enables it,  please, don’t ever complain about the dangers of online security.  It just makes you sound silly. It’s not hard to set up, and if you use something like Google Authenticator to manage your second factors, it’s very simple to use.  The minor inconvenience of having to enter the second factor is far outweighed by the added security. Trust me on this. Turn it on. Now.

Finally, I set up a password manager. I chose LastPass,  but there are others. It took a while to get my head around how LastPass works but once I did, it made life so much easier. If you want to try LastPass for yourself you can get it on this link.
https://lastpass.com/f?7253846

If you are in password hell like I was,  take some of these positive steps to sort it out.

Posted on

Make up your Mind

Have you had this conversation with another teacher yet?

Me:  Hey, have you ever thought about starting a class blog?  You can use it publish what happens in your classroom, put up all the cool things your class does, and share it all with the world. What do you think?

Them: Are you crazy? Why would anyone be even remotely interested in reading about what we do? And anyway, no one will ever see it… they probably wouldn’t even be able to find it!

And then, eventually, they do start a class blog. And pretty soon the conversation changes to this…

Me: Hey, you should post up those photos of what your class did last week on your class blog. And what about that video you made with the kids? How about we post that on YouTube?

Them: Are you crazy? You want me to put that stuff with the kids online where everyone can get to it? It’s way too dangerous! I don’t want the whole world seeing it!

So which is it? When we post stuff online are we putting it somewhere where no one will ever find it, or are we putting it somewhere that the whole world can see it?

And which is worse?