the details of my criticism depend on the UX of the target attacked by the payload. by my understanding, if the payload only detects and swaps addresses, then our entire discussion is the real scam, donating our sats to the rest of the community.