scam

META Stock Slides as Investors Question Payout for Huge AI Spend

Scott BuchananLeave a comment

How’s this for a “battleground” stock:

Meta stock has dropped about 13% when its latest quarterly earnings were released, then continued to slide until today’s market exuberance over a potential end to the government shutdown. What is the problem?

Meta has invested enormous sums in AI development already, and committed to invest even more in the future. It is currently plowing some 65% (!!) of its cash flow into AI, with no near-term prospects of making big profits there. CEO Mark Zuckerberg has a history of spending big on the Next Big Thing, which eventually fizzles. Meta’s earnings have historically been so high that he can throw away a few billion here and there and nobody cared. But now (up to $800 billion capex spend through 2028) we are talking real money.

Up till now Big Tech has been able to finance their investments entirely out of cash flow, but (like its peers), Meta started issuing debt to pay for some of the AI spend. Leverage is a two-edged sword – – if you can borrow a ton of money (up to $30 billion here) at say 5%, and invest it in something that returns 10%, that is glorious. Rah, capitalism! But if the payout is not there, you are hosed.

Another ugly issue lurking in the shadows is Meta’s dependence on scam ads for some 10% of its ad revenues. Reuters released a horrifying report last week detailing how Meta deliberately slow-walks or ignores legitimate complaints about false advertising and even more nefarious mis-uses of Facebook. Chilling specific anecdotes abound, but they seem to be part of a pattern of Meta choosing to not aggressively curtail known fraud, because doing so would cut into their revenue. They focus their enforcement efforts in regions where their hands are likely to be slapped hardest by regulators, while continuing to let advertisers defraud users wherever they can get away with it:

…Meta has internally acknowledged that regulatory fines for scam ads are certain, and anticipates penalties of up to $1 billion, according to one internal document.

But those fines would be much smaller than Meta’s revenue from scam ads, a separate document from November 2024 states. Every six months, Meta earns $3.5 billion from just the portion of scam ads that “present higher legal risk,” the document says, such as those falsely claiming to represent a consumer brand or public figure or demonstrating other signs of deceit. That figure almost certainly exceeds “the cost of any regulatory settlement involving scam ads.”

Rather than voluntarily agreeing to do more to vet advertisers, the same document states, the company’s leadership decided to act only in response to impending regulatory action.

Thus, the seamy underside of capitalism. And this:

…The company only bans advertisers if its automated systems predict the marketers are at least 95% certain to be committing fraud, the documents show. If the company is less certain – but still believes the advertiser is a likely scammer – Meta charges higher ad rates as a penalty, according to the documents. 

So…if Meta is 94% (but not 95%) sure that an ad is a fraud, they will still let it run, but just charge more for it.  Sweet. Guess that sort of thinking is why Zuck is worth $250 million, and I’m not.

But never fear, Meta’s P/E is the lowest of the Mag 7 group, so maybe it is a buy after all:

Source

As usual, nothing here should be considered advice to buy or sell any security.

“Final Notice” Traffic Ticket Smishing Scam

Scott BuchananLeave a comment

Yesterday I got a scary-sounding text message, claiming that I have an outstanding traffic ticket in a certain state, and threatening me with the following if I did not pay within two days:

We will take the following actions:

1. Report to the DMV Breach Database

2. Suspend your vehicle registration starting June 2

3. Suspension of driving privileges for 30 days…

4. You may be sued and your credit score will suffer

Please pay immediately before execution to avoid license suspension and further legal disputes.

Oh, my!

A link (which I did NOT click on) was provided for “payment”.

I also got an almost (not quite) identical text a few days earlier. I was almost sure these were scams, but it was comforting to confirm that by going to the web and reading that, yes, these sorts of texts are the flavor of the month in remote rip-offs; as a rule, states do not send out threatening texts with payment links in them.

These texts are examples of “smishing”, which is phishing (to collect identity or bank/credit card information) via SMS text messaging. It must be a lucrative practice. According to spam blocker Robokiller, Americans received 19.2 billion spam robo texts in May 2025. That’s nearly 63 spam texts for every person in the U.S.

Beside these traffic ticket scams, I often get texts asking me to click to track delivery of some package, or to prevent the misuse of my credit card, etc. I have been spared text messages from the Nigerian prince who needs my help to claim his rightful inheritance; I did get an email from him some years back.

The FTC keeps a database called Sentinel on fraud complaints made to the FTC and to law enforcement agencies. People reported losing a total of $12 billion to fraud in 2024, an increase of $2 billion over the previous year. That is a LOT of money (and a commentary on how wealthy Americans are, if that much can get skimmed off with little net impact on society). The biggest single category for dollar loss was investment; the number of victims was smaller than for other categories, but the loss per victim ($9,200) was quite high. Other areas with high median losses per capita were Business and Job Opportunities ($2,250) and Mortgage Foreclosure Relief and Debt Management ($1,500).

Imposter scams like the texts I have gotten (sender pretending to be from state DMV, post office, bank, credit card company, etc.) were by far the largest category by number reported (845,806 in 2024). Of those imposter reports, 22% involved actual losses ($800 median loss), totaling a hefty $2,952 million. That is a juicy enough haul to keep those robo frauds coming.

How to not get scammed: Be suspicious of every email or text, especially ones that prey on emotions like fear or greed or curiosity and try to engage you to payments or for prying information out of you. If it purports to come from some known entity like Bank of America or your state DMV, contact said entity directly to check it out. If you don’t click on anything (or reply in any way to the text, like responding with Y or N), it can’t hurt you.

I’m not sure how much they can do, considering the bad guys tend to hijack legit phone numbers for their dirty work, but you can mark these texts as spam to help your phone carrier improve their spam detection algorithm. Also, reporting scam texts to the U.S. Federal Trade Commission and/or the FBI’s Internet Crime Complaint Center can help build their data set, and perhaps lead to law enforcement actions.

Later add: According to EZPass, here is how to report text scams:

You can report smishing messages to your cell carrier by following this FCC guidance.  This service is provided by most cell carriers.

  1. Hold down the spam TXT/SMS message with your finger
  2. Select the “Forward” option
  3. Enter 7726 as the recipient and press “Send”

Additionally, to report the message to the FBI, visit the FBI’s Internet Crime Complaint Center (ic3.gov) and select ‘File a Complaint’ to do so.  When completing the complaint, include the phone number where the smishing text originated, and the website link listed within the text.

Recovering My Frozen Assets at BlockFi 2. Scams and More Scams

Scott Buchanan3 Comments

As I noted last month, the crypto lending firm BlockFi has started to send back to its customers some of their funds which had been frozen for over a year, since the demise of Sam Bankman-Fried’s FTX exchange led to BlockFi likewise vanishing into the mists of Chapter 11.  As BlockFi emerges from bankruptcy, they are reimbursing customers in two tiers. Those who had crypto sitting in their “wallet” on the platform (not lent out and not earning interest), got back 100%. In my case, nearly all my assets on BlockFi were on the lending platform, earning juicy interest. For that class of assets, only a partial recovery is expected. Also, BlockFi will only send to you the crypto (e.g. Bitcoin or USDC) you owned as the crypto coin itself, not as the liquidated dollar value.

Therefore, you must establish an outside crypto wallet, and give them the external wallet address, so they can transfer the coin over a blockchain. This prospect of a connection between BlockFi (or its bankruptcy agent, Kroll) and your crypto wallet has brought out the scammers in force: if they can trick you into connecting them to your wallet, they can suck it dry in a flash.

The first thing I noticed back in early March was the proliferation of web sites that looked legit, but weren’t. When I browsed for “BlockFi withdrawal” or “BlockFi recovery,” up came a number of sites that had “BlockFi” or “Kroll” somewhere in their names, as clickbait. I don’t see any of these sites now, a month later. I assume that either those sites have been taken down as the thieves move onto the next heist, or the search engines have blotted them out.

Bogus phishing emails have also been sent out. Most insidious was an expertly-crafted email that I and other BlockFi customers received. Here is a screen shot of the now-infamous message:

As folks have pointed out, this looks pretty good. It has got the official company logo, and no misspellings. The return address on the email was BlockFi Holdings at www.everbridge.com. Unless you were vigilant, this address did not immediately raise suspicions like a random Gmail address or .ru address might.

Plus, this email was targeted to BlockFi customers, and came right when we were expecting further emails to tell us what steps to take to recovery our funds. How did the thieves have our email addresses? One speculation centers around the “Mother of All Breaches” (MOAB) when the Mailer Lite database was hacked in January. But we know that Kroll’s database was breached last year, where the lost data includes BlockFi customers’ names, email addresses, and amounts held at BlockFi, so that seems a more direct source.

Anyway, lots of BlockFi customers clicked on the link in this email. The thieves were pretty clever. First, they had you scrawl your signature on the screen. So now they have that archived, in order to do further ID theft mischief. And then, they had you connect their app to your wallet, as a trusted dApp. Over on Reddit (here and here), you can read the howls of pain from folks who got their wallets cleaned out. They are not alone – -as of late March, this scam had netted something like $5 million in digital assets.

An eerie thing about crypto is that the holdings at any address on the blockchain are public knowledge, even though you don’t know who the owner of that address is. So crypto sleuth Plumferno was able to display at least one of the BlockFi scammer’s wallets in the process of accumulating stolen assets:

This wallet (0x6C0e83422cD73fFD3A5EC4506638F6A0A8e22b38) currently holds well over $1million in Eth + various tokens combined, and as you can see, this scam is still very active – new victims are showing up in the transaction list quite regularly. Current holdings on Debank:

I am embarrassed to admit that I got taken in by this email. I tried clicking on the links, but fortunately my wallet was empty and my anti-malware resisted having me connect to the phishing site, so I did not lose any coin.  Some takeaways are:

( 1 ) Always be suspicious of emails; especially scrutinize the return address, to make sure it really is from a source you trust. Watch for almost-legit email addresses.

( 2 ) If at all possible, avoid clicking on links in emails; try to go to the actual company website and click links from there.

( 3 ) See ( 1 )

See here for the bittersweet ending to this saga (I did get some money back, but only 27% of my original funds at BlockFi).