Harassment: ASML, false phishing claims

Tue, Dec 23, 2025 ❝How bad social engineering "tests" get (conveniently) misrepresented as phishing for maliciously excused retaliation.❞

Contents

There were these posts being thrown in my face for the past few years, but given the suspicious timing at this moment, it seemed prudent to respond with what seemed like the most likely scenario being referenced.

Premeditated attacks

There are very strong indications that at the moment of starting at ASML, there were several activities set in motion already for this kind of premeditated harassment and abuse.

One involved supposed “bad decision and its consequences” where someone already told me before I started at ASML, that they had – either accidentally or deliberately – smuggled in MongoDB despite opposition of some ASML engineers through their use of GridFS, which is built upon MongoDB. I was told this, and given that I had at least some theoretical knowledge from experiences I read about in blogs, I knew there were some caveats and need-to-knows concerning configuration but in general MongoDB is (at least at the time) known to be a solid solution. For example, MongoDB version 1 was known to only be properly fault-tolerant in multi-instance set-up in its default configuration. A single instance could work too, but required a change in configuration to ensure proper persistence to disk.

I don’t think I mentioned this before, so concisely: MongoDB, being a document-store was quite well-suited. Arguably, some multi-document use-cases required consideration for how to store, but to my knowledge the biggest hurdle was the upgrade-process to version 2. They happened to run into memory issue for extreme cases that were running into limits. (Supposedly a consequence of using mmap(..) in the original storage engine. I wasn’t involved, so only heard some indirect hints of the upgrade process as troubleshooting went on.) There were repeated comments “hinting” at me, including after leaving ASML, though I never was involved in the selection or the decision-making process. Neither when it got introduced originally, before I was at ASML, nor when I discussed MongoDB with a colleague and mentioned it as a possible candidate for the selection process, i.e. worth considering but by no means definitive.

And yet another was the attempt to “bait” me into looking at supposedly sensitive information that was the licensing information that they quite literally threw in my face with a “failed introduction” of licensing. (Later posted in full.)

All of this started out benign and me having no knowledge of what would be going on. And I am apparently way too expecting of good intentions or at least not plain evil intentions of (generally) intelligent people. Why expect good intentions? Well, in a challenging environment with complicated functional domain, etc. you would expect there to be sufficient challenge to NOT make it into an intra-departmental political mess. However, this story is specifically about false claims of me supposedly having “failed” “phishing tests”.

Introduction

So, I had from the start indicated that I had an interest in (software-)security. I had previously found security issues and had at least some knowledge of various security aspects though am well aware that I was not in possession of very detailed cryptography knowledge, even though I had done a course on foundations of cryptography already. (One has to start somewhere, apart from ample reading.)

As mentioned, the licensing-story was one such contribution. Another is about fixing software protections. There were also some past instances. Undoubtedly, these and other discussions got some attention. At one moment, during third team/year, I got involved in discussions on securing network communication with the local dedicated server.

“Failing” the “phishing-test” (social engineering)

It was also around the third year, that there were a number of waiting “visitors” to be let in. There is every indication that this was another set-up, for whatever reason, to “arrange for a convenient excuse” to retaliate. What I am about to describe isn’t “phishing”. It is, however, the only explanation that fits the attack and very likely deliberately “mistaken for” due to its more convenient “opportunity for abuse”.

On several occasions, I opened the door, enquired about their visit and either contacted the right manager or otherwise have them wait or guided them to the right person. Whenever they would need to wait, I would walk away but keep an eye on them and whether the expected contact is on their way until the contact arrived.

At no point, was I told that I had “failed such a test”. Now, to be clear, the pattern of harassment is such, that these most likely weren’t even real tests, merely organized excuses. For years, I have seen these “failing phishing test” messages thrown at me e.g. on social media. Most of the time the pattern is such that several attacks are combined, such that there may be several subjects that draw attention, and are very frequently repeated. And, knowing the pattern of harassments over the last 7 years, these are very very likely targeted. Especially with the horrendous flood of false accusations, lies and other attacks thrown at me for years straight, which would all also serve to acquire more information. Now, the situation would be manageable if these were only occasional drops of messages, but that isn’t the case. There are very real and very serious (false) accusations in there, and these have been accompanied with plenty of insistent harassment both on-line and off-line.

Anyone versed in the cybersecurity-domain knows that leaving someone who doesn’t belong unattended (even though I did not do this) due to their smooth talking inspiring confidence and/or trustwortiness to do so, would be social engineering rather than phishing. However, phishing is the more convenient false accusation w.r.t. attacking someone personally with lasting consequences. Hence, there were these apparent false accusations and people started to spin up conversations with malicious intent.

I am not shy with sharing knowledge, e.g. if I can help someone or if it makes for an interesting conversation. However, the last 7 years went waaaaay further. Specifically, there has been an almost uninterrupted stream of attacks, lies and false accusations, that were used to constantly, persistently interfere with my life. Yes, these can be explained as phishing when I need to contradict and consequently reveal some truth, but it is also a massive harassment and abuse campaign up until that point and a persistent stream of false accusations, especially when considering how other kinds of efforts have been put in play. These range from acting shitty claiming “retaliation” for some false accusations, driving a car in the nearby parking lot and blasting a song with specifically selected lyrics that match with a false accusations, and other such “creative coincidences”, having specific songs scheduled on the radio when it was known I would be driving somewhere, breaking into my car and/or manipulating the car radio, etc.

Furthermore, the effort was such that any and all false accusations were “conveniently” assumed true, so there was a constant rotation of the same numerous attack-topics. Sure, you can retroactively explain it was “haha, we got information from you”, but the reality is that all the time up to that point, was a serious ongoing harassment campaign. And, circumstances are such that there is a vested interest in “conveniently” “not believing the truth” such that harassment and abuse continues despite there being no basis in truth or room left over for misunderstanding. This did not contain itself to the ASML assignment either.

Malicious “deniability”

It is important to note that over the course of months, as I started writing these topic. there were “dismissive counter-messages” claiming that this involved a matter of correlation rather than causation, or I mistakenly connect concerns. This is very much not what is going on. The thing is that on a number of occasions, these people have betrayed themselves by relating concerns that I had no prior knowledge of, and also by very explicitly referencing (minor) events that should not have been public knowledge in any way. There have been clear cases where “misinterpretation” is very unlikely or virtually impossible. There were also cases where physical events, like “coincidentally” running into a person I have never seen since my first internship, that “coincidentally” also happened to be related to such false accusations. Furthermore, the sheer amount of “coincidences” is more than apparent for the same reason. Especially, when some event happens in real-life and there are subsequent attempts to “correct” them with a mention in some fiction, because you cannot retroactively undo the real-life event after it has already happened.

Changelog

This article will receive updates, if necessary.

• 2025-12-23 Initial version.