After Medium, Scammers Target Substack, But They Cannot Succeed Thanks to Their Securer Platform.
Beware accounts asking for your WhatsApp number or Telegram address in Substack Notes private chats.
Risks of Social Engineering: Medium non-members can read this important story for free using my friend link, as it is a big problem on Medium.
Over the last 12 months, my account on Medium was cloned countless times, causing me stress, upsetting my readers, and even causing financial loss to some of them. I wrote several stories about it and will link them at the end as a reference.
In this short and important post, I want to warn writers and readers about scammers targeting Substack. These scammers use Substack’s social media tool, Notes. I am glad they cannot clone Substack writers or readers, as Substack has a much better security system than Medium, although it is as open and diverse as Medium. I have been using Substack since 2019 and have never had a cloning issue.
However, over the last few months, I have reduced my time on Medium and spent more time on Substack, as I explained in a story titled Why My Wise Mentors Advised Me 80% Substack, 15% NewsBreak, 5% Medium for My Writing Effort. Some cybersecurity problems have started popping up on Substack, too, so I want to create awareness.
What is the problem with Substack?
Hundreds of my subscribers started communicating with me through Substack Notes in private messages, which I enjoy immensely. Naturally, some scammers subscribed as well.
These scammers are smart, polite, and diplomatic initially. They praise my work and say nice things when starting a conversation. After a day or so, they asked if I would mind sharing my WhatsApp number for easier communication or in case we lose connection on Notes.
As soon as I hear the word “WhatsApp,” it raises my suspicion.
But I don’t block or say anything wrong to them. I test the waters by saying, “I’m sorry, I don’t use WhatsApp. We can chat here; this is a secure platform.”
They would then ask what I use to chat with my family. I would respond, “Just my phone when I need to call them.” They would persist, asking for my phone number. When I mentioned that I don’t have overseas calls enabled, they would suggest adding me to their Telegram. This is yet another red flag for me.
They continued to weave their web of questions, subtly probing into my personal life. Where do I live? Am I married? What’s my wife’s name? How many kids do I have, and what are their names? What religion do I follow? Where was I born? The names of the cities I’ve lived in, my favorite pets, my first teacher, my mother’s maiden name — every detail gleaned with gentle persistence, all while maintaining a conversational tone over several days.
Their approach was masterful. For instance, one said, “Can you believe my mother’s maiden name was Jerk? My friends teased me endlessly in school. What was your mother’s maiden name?” Such a seemingly innocent exchange, yet laden with ulterior motives. You get the picture.
Having worked in security departments of large corporate organizations, I am familiar with social engineering, which I will explain in the next section. Plus, I had many instances of these scammers on Medium, so I don’t buy their sweet yet poisonous tongues.
Unfortunately, some of my proteges who recently started on Substack fell into their traps. After giving their WhatsApp numbers, they were added to several cryptocurrency groups, their phones kept ringing, and they were harassed. Fortunately, some contacted me, and I advised them on how to report such situations.
I wrote this short story to inform writers and my readers who have Substack accounts to be cautious. I know Medium’s algorithm will censor this story because I talk about Substack, but if I can save a few people, it will mean a lot to me. I don’t want anyone to be scammed.
Brief Overview of Social Engineering and Phishing Tactics
Social engineering and phishing are malicious tactics that manipulate people into revealing sensitive information or compromising their security.
Social engineering exploits human behavior through psychological manipulation and deceit, often by impersonating trusted entities or creating a sense of urgency. These attacks can occur via various channels, including emails, phone calls, or in-person interactions, and exploit emotions like fear and curiosity.
Phishing, a specific type of social engineering, typically involves deceptive emails, messages, or websites mimicking legitimate sources to trick recipients into clicking malicious links or providing confidential information. The goal is to steal data, gain unauthorized access, or distribute malware.
To mitigate these risks, users and organizations should remain vigilant, employ security awareness training, and use cybersecurity tools to identify and thwart such attempts.
Takeaways
On Substack, it is very easy. You just block the offender in Notes. It will not affect you or your audience.
But if you’re a writer on Medium, please report and block these offenders immediately. If you’re a reader, report and block them, but be careful not to accidentally block the original writer as some of my readers did to me.
Also, avoid replying to email notifications to ensure you are not engaging with a scammer. Authentic Medium writers never leave such overt messages with WhatsApp or Telegram messages. It is against Medium’s rules and policies.
Earlier today, I read a very sad story that broke my heart, written anonymously by someone whose account was cloned. I offered Medium to amplify that story, but I don’t expect them to do so as they even censored my stories about these scam situations. So, I keep my expectations low.
Please check out this poignant story by Dr. Ali Hechmi Raddaoui learn from his experience, and take good care. How I got scammed
You may also check out this story by
Scammed on Medium — The Sorted Tale
I feel like an idiot. Professionals don’t act this waymedium.com
They also attempted to scam one of my loyal readers
so you may contact her to learn about their tricks on Whatsapp. They attempted to scam another loyal reader Shirley Willett, who is in her 90s now but lovely Shirley did not buy their tricks and first contacted me via email and prevented the damage.Many more readers contacted me, thankfully, but unfortunately, some of them got scammed and gave their numbers to scammers thinking they were me.
As a community bound by this platform, we trust Medium to safeguard our interactions and nurture an environment where true and sincere sharing can flourish. It is their responsibility to protect us, ensuring our community remains vibrant and genuine.
Additional Resources from Previous Incidents
Fake Accounts Are Ruining Writers’ Reputations and Trust on the Platform
Scammers Cloned My Main Account Again. Call to Action to Mitigate Risks and Threats to Writers, Readers, and the…medium.com
Scam and Spam Accounts on Medium Are As Bad As Hate Speech and Defamation for Writers
Beware of Spam Accounts on Story Comments That Might Cause Security Problems
My Account Was Cloned 3 Times Lately, So Another Reminder to New Readers to Prevent Harm
Bravo, Digital Scammers: A Masterclass in Deception and Algorithm Exploitation [Part I]
Part II: Bravo, Support Staff, Your Neglect Deserves a Standing Ovation
Here are a few helpful posts by another victim Mike Broadly, DHSc, whose account was also cloned multiple times and figured out some of their recent tactics.
Finally, They Cloned Buster! What Is Next? Tony?
Breaking News: Racism Fighter William Spivey Cloned by Digital Scammers on Medium
WTF: I Was Cloned on Medium, and I’m Intensely Concerned as a Friend of Medium
Another frequently cloned writer is Aiden (Owner of Illumination Gaming) but he writes humorously about it.
Yay, I Was Cloned Again but I Know the Scammer Will Kick the Bucket Soon.
ILLUMINATION editors also sent a warning to our writers.
Community Announcement: Concerns for Growing Spam and Scam Accounts on Medium
I wrote this story as a give-back to the writing community as I owe my success to my mentors. Mentorship and collaboration can enhance our knowledge, make awareness and skill-building easy, and make the journey enjoyable on different platforms. I wrote several stories like this for writers and readers and linked them to a list titled Writing, Content Development & Marketing Strategies.
Thank you for reading my perspectives. I wish you a healthy and happy life.
If you are a new reader, you may check out some of my topics, including the brain, mental health, cognitive function, significant health conditions, longevity, nutrition/food, valuable nutrients, ketogenic lifestyle, self-healing, weight management, writing/reading, including 100+ Insightful Life Lessons from My Circles for the Last 50+ Years.
I publish my health and wellness stories on EUPHORIA and share distilled versions on SUBSTACK. My posts do not include professional or health advice. I only document my reviews, observations, experiences, and perspectives to provide information and create awareness.
If you are a writer, you are welcome to join my publications by sending a request via this link. I support 30K writers who contribute to my publications on this platform. You can contact me via my website. I also have another profile to write and curate tech stories. Friend Links to My Sample Boosted Stories for Non-Members of Medium. You can read this story on Substack for free.
Get an email whenever Dr Mehmet Yildiz publishes. He is a top writer and editor on Medium. dr-mehmet-yildiz.medium.com
Importance and Value of Medium Friendship for Writers and Readers
You are welcome to join the ILLUMINATION Community on Medium and Substack.
I also write about health and technology (my professional expertise areas). If you are interested in these topics, you can subscribe to my newsletters.
Thanks to my editor and writer friends
, , , , , , , , , , , , , , , , , , , , , , , , , , , ,, , , , , , , , editors and many more distributing my posts on Medium and Substack 🙏
 | A guest post by
|
Thanks for writing about this important issues, Dr Yildiz. It also happened to me on Substack Notes and I never give my WhatsApp number to people I don't know. I hated being cloned on Medium multiple times. It gave me nightmares.
This is for real folks! Scammers have been trying to connect with chat, pretending to be sexy ladies wanting to be friends. They even set up supposed newsletters and look like real substackers. But shit always stinks and you can spot them by how they approach you…be wary…
If it seems too good to be true then it’s scammers!!!