> I kind of find it unbelievable that people fall for this stuff

I remember reading a headline that being poor is equivalent to losing about 5 IQ points. Don’t know how true that is, but my intuition tells me that most people financially struggle, spend a lot of extra time worrying about money, and in general act a little more desperate and would be a little more aware/skeptical if their stress + financial situation allowed it.

After a few years working in cybersecurity, I viewed EVERYTHING through the lens of “is someone lying to me?”. Emails, text messages, downloading software from a website/App Store, job offers, investment opportunities, etc.the surface area is limitless. There’s exactly zero chance that even an experienced professional with excellent eyesight, who reads up on the newest scams, who doesn’t have lots of family / social events to care for, etc will never get hacked/scammed.

Even in the cybersecurity industry, almost all companies have abandoned the idea that there will never be a breach, and have moved towards thinking about resiliency, where any breaches that do happen are minimized or closed quickly/automatically.

That’s a lot of words to say: even though I thought I would never get scammed, once I spent more time educating myself about how it happens, it seems obvious to me that scams work a percentage of the time and the scale of attempts is enormous.

Different take:

At the risk of accidentally demonizing the poor, I remember reading a think piece that could be summarized as “morals/ethics are a luxury only the rich can afford.” The gist is that if you can’t afford to quit your job on the spot and not worry about paying rent this month, you will always be victim to your boss’s unethical actions lowering your ethical standards.

As an engineer, I have frequently challenged myself to empathize with the VW emissions scandal engineers, who were pressured to meet unrealistic emissions and deadlines. The managers didn’t have to explicitly tell them to build emissions testing defectors — they came up with that as an engineering solution to the requirements they were given. I ask myself: at what point would you have quit, and hopefully told the authorities?

Also more recent example is the staff of the submarine that went down to the site of the Titanic and imploded. The CEO was apparently an unbelievable bully and took extraordinary risks, but the staff didn’t quit. One of them was a Scottish immigrant who moved his whole family to take the job. He was also worried about being blacklisted from the entire private sector submarine industry. There was a lot of friction to being able to exercise his highest ethical standards.

Thailand is more or less at war with Cambodian war lords, who have tens of thousands of poor English speakers from around the world living in captivity, their passports taken away, running long term scams over the internet. When they have no money and no power to run, is it fair to blame the low level scammers for having fallen for a job scam months or years ago?

The more financial pressure you are under, the more likely you are to tolerate an unethical environment.

Always seemed to me that the correct response to this scam is to recruit everyone you know to go through just the first step of the scam and then quit while they’re ahead. Like taking a casino’s offer of free food and then leaving without gambling.

Just an anecdote but this happens in the west too. I literally woke up today to some spam Telegram "job offer" group that was vibrating my phone like crazy. And all of this in my native language of just a few million speakers. I wish I took some screenshots before trashing it, but the messages were just as you described.

There was a post on HN where someone followed through with a scam like this. It was very weird, the scammer walked the victim through some setup on their computer. They may have actually been selling video views and likes and other social media and advertising engagement fakery ... the process was surprisingly complex and the victim had an account page tracking their activity and payouts.

Even the best of people can fall for scams. It depends on how much you need the money. No one starts off thinking they are going to be scammed. The design ensures people enter this trap slowly. When people are hesitant they are given a taste of success - the 500%. Some people tap out here. Others want to continue to try their luck. But often they are stopped with reverse psychology that there are no low pay jobs and they need to pitch in more money.

It's probably one of the biggest criticism about PIX, the Brazilian method of transferring money: it's too easy. Early on, kidnappers started taking people off the streets and forcing them to transfer all their money, because victims had no choice but to give their password, and there was no limit on the transfer amount.

Perhaps similar to the situation where if you block internet traffic from a region or country ... you really do reduce the amount of malicious traffic and attacks an application sees, significantly. To the point that if you can, it's surprisingly effective.

To me it suggests they don't have the technical- and financial means to detect fraud.

It’s important to note that many of the expat accounts have been closed down due to the laxity of individual bank branches in enforcing their own policies, which were taken advantage of by nefarious actors. Many expats attempt to open bank accounts on tourist visas (which include the recently popular Destination Thailand Visa for digital nomads) without proper identification, and though allowed in the past, is now being restricted. One can argue about the classification of visas and the dissonance between economic goals and immigration policy, but for Thais, this is a long overdue enforcement action especially as it regards to scams targeting an older generation. Yes, it significantly impacts honest expats looking to stay beyond the short-term, but there is a way to doing things in Thailand that requires guests to adapt to their hosts, of which accepting the reality of Thailand’s political situations is an important part.

> will no doubt be flip-flopped on in a few months time

As emergency measures usually are.

They froze tons of accounts without warning, it was not just a matter of setting daily limits

High value transfer is relative to the person making it. For some people, moving $1k-$5k daily is as normal as it is for a college kid moving $10-$50 daily. Then for some people $10k-$50k is the norm.

New customers will be defined as "high-risk" with, a separate classification from "vulnerable" which is for under 15s and over 65s. The limit for these "high-risk" customers is 50000 baht a day, which is surely going to be inconvenient to deal with if you ever need it, e.g. for medical bills.

In Denmark I have a daily on my bank account of 50,000 dkr - about 8,000 usd. If I want to do a money transfer larger than that I have to call my bank and answer a bunch of questions to verify my identity.

Meanwhile, SMS 2FA is still the standard for security in Thailand :(

How do you remotely control an iPhone?

In many cryptocurrencies, you can cancel a transaction before the first confirmation by paying a (relatively) small fee. Your other points defeat the purpose of most crypto, though.

The original Bitcoin paper says:

> Transactions that are computationally impractical to reverse would protect sellers from fraud, and routine escrow mechanisms could easily be implemented to protect buyers.

Emphasis added.

It is conceptually possible to create a crypto "credit card". But given that existing transactions are already slow, expensive, and complicated to integrate - I can't see it being attractive.

There's also the issue of trust. Escrow merchants need to be highly-trusted by both sides. They also need regulation and insurance. Those things are all in short-supply in cryptoland.

Eventually you can only solve this by arresting the criminals

With layer 2, probably centralized, payment networks. Layer 1 is too "low level" for most transactions.

These are exactly the types of things Chia is working on, and at least to some degree, are in production.

With crypto, if you are not using a cold wallet when having a big balance, then the problem exclusively is you.

Vaults are a proposed Bitcoin construct that allow you to have similar features. In order to work, it requires some breaking changes which may or may not ever happen.

> Assistant BOT Governor

Good name for an AI agent orchestration framework.

Also worth thinking about inflation with this one.

The $10,000 figure originated with the 1970 Bank Secrecy Act[1]. Back then, that was a lot of money.

If it had kept up with plain old vanilla government-reported inflation, the number would be closer to $83,000 today[2].

---

[1] https://www.fincen.gov/resources/statutes-and-regulations/ba...

[2] https://www.dollartimes.com/inflation/inflation.php?amount=1...

May 2025, "Vietnam to close 86M bank accounts for lack of biometric data", 20 comments, https://news.ycombinator.com/item?id=45201549

Many tourists from Hong Kong/China/Taiwan were kidnapped from Thailand to work in scam centres in Cambodia, to the point it gave Thailand a bad name and affected their tourism income

> How is it that people were able to create so many mule accounts in the first place? What sort of KYC was going on?

They pay a low-income/no-income person a small fee (possibly monthly) to let them borrow their account. Sadly, people who would fall into this are not hard to find in Thailand.

> What sort of KYC was going on?

There are accounts that are grandfathered in and don’t require KYC but have been able to access online banking, etc. Mine is such, and my bank (BAY) is discontinuing that particular loophole at the end of this month. (I'm in Thailand right now to do this KYC, despite having not come back here for the last 6 years.)

I remember opening a bank account in a green one, while being on a tourist visa. Don't remember how they even established my address or anything beyond basic id. No real followup on source of funds or anything either. Wire comes in, cash goes out, nobody asks questions. It wasn't even before 9/11, it was 2015.

Thailand’s a very good place to get money out of you’re foreign organized crime in general - the fig leaf of “I’m buying an usually expensive condo/villa/yacht” is a good excuse.

We've been having a similar fraud issue here in South Korea as well. These criminals call vulnerable people, impersonate bankers or government officials, and social-engineer them into trasferring money. Some even pretend to have kidnapped your child, play AI-generated voice of a sobbing kid, and demand ransom.

Fraud has always been around, but I think a few recent developments have exacerbated the problem. KYC has been relaxed a lot since Covid, so you can open a whole bunch of accounts with just an image of an ID card. Lots of elderly people now have access to mobile banking, so they don't have to visit a physical branch where a clerk can flag suspicious transfer requests.

Bank accounts in South Korea now start with a daily transfer limit of 1 million won (about $700), even lower than the 50k bhat limit that the Thai government has instituted.

https://news.ycombinator.com/item?id=45240304#45241147

  To represent one million in finance, the abbreviation “MM” is widely used. This notation originates from “mille mille,” meaning “thousand thousands” in Latin, equating to one million. This clarity makes “MM” a preferred choice in financial statements and reports.

It is to avoid confusing with "M", mīlle -- Latin for "thousand". Quite common in financial world still.

It comes from finance - the rest of us just use "M" for million. I believe it's from Roman numerals (MM = thousand * thousand).

Megameters, naturally

Just accounting nerds sniping normal people who try to express numbers, smh.

SI prefixes should always be preferred, as they're more widely understood and have consistency, but finance bros use M for "mille" instead, meaning thousand, when they should use K.

IIRC it’s Roman numerals for thousand thousands

When discussing the headline on HN, can you please quote the headline that you are discussing? Headlines are commonly edited by mods without any history, so it's hard to tell if you're discussing the current headline or something else.

It makes it sound like they're having an argument with the 3M Company to me.

That’s not only closure, that’s global currency control. Every account is now subjected to a transfer limit.

Even if the anti-fraud motif is genuine, that’s a pretty extreme amount of control. Not that it’s in any way strange coming from Thailand. Foreign exchange and capital inflow and outflow are already controlled.

I've read the headline and my first thought was, "they're overdue on tackling fraud", but perhaps it should be clarified.

Yeah, flagged for editorialisation. (EDIT: Unflagged for mentioning fraud. Would also recommend changing the ambiguous 3M to 3mm or 3mn.)

There is no clean distinction between anti-fraud and currency control

It does. /not s

https://accountinginsights.org/how-to-abbreviate-million-in-...

  The abbreviation “M” for million can lead to confusion in finance. Historically, “M” derives from the Latin word “mille,” meaning “thousand.” As such, it has traditionally been used in some accounting or construction contexts to denote a thousand. For example, $5M could historically represent $5,000, creating ambiguity.

  To represent one million in finance, the abbreviation “MM” is widely used. This notation originates from “mille mille,” meaning “thousand thousands” in Latin, equating to one million. This clarity makes “MM” a preferred choice in financial statements and reports. 

  Other abbreviations for million, such as “mn” or “mln,” are also encountered.. The Financial Times, for example, adopted “mn” for millions to improve accessibility for text-to-speech software. While these alternatives exist, “MM” remains a prevalent and widely understood abbreviation for million in American finance.

Because there are too many standards[0]! If only someone would invent one more standard that everyone could follow...

The Wikipedia on long and short scales[1][2] for the root of the problem.

[0] https://xkcd.com/927/

[1] https://en.wikipedia.org/wiki/Long_and_short_scales

[2] https://grammarhow.com/m-vs-mm-million/

The article does say 3 Million, so the editing happened at HN's end.

The article is about Thailand, you got the countries confused. But thanks for sharing, didn't know.

The article is about Thailand, not Indonesia.