Whether you’re looking to purchase a TV or a car, rent an apartment or find a Russian mail order bride, you’re going to be scammed. This is an unfortunate fact of living life on the Internet. So, right up front, you have to know how to minimize the risks, how to protect yourself. Here’s some advice:
1. You never know who your communicating with. Hence the old saying “No one knows you’re a dog on the Internet” [See the original cartoon in the Privacy page of this site.] The woman you think you’re talking to may be a man, even a kid (or a cop, for that matter). He or she may or may not be located where they claim to be writing from, nor may they have the education, funds or whatever else they claim to have. Until you verify these factors, be suspicious. If you can, use only reputable and tested web sites. These days, there are lots of browser plug-ins that provide safer surfing. Use them.
2. Most photos posted on websites are professional, such as models or catalog cuts. Don’t fall for these stock photos. Same for photos that are grainy, with insufficient resolution to see any real detail, whether it be of people, cars, apartments or anything else. Insist on a photo with verification before proceeding further (see #6 below).
3. Scammers as a whole are very lazy. They use e-mail “extractor” programs, also social networking programs like FaceBook and MySpace to grab your e-mail address, then copy form letters using the addresses, perhaps using a batch program to “personalize” small sections of the mail (“...don’t worry, Joe, we’re trustworthy...”).
4. Most scammers nowadays use proxy servers. Also forged IP addresses. It’s easy enough to trace these addresses to see if they’re real.
5. Time to Google: Check to see how many other e-mails the scammer has sent. Google the first part of the e-mail or the site address and see how many other sites you find that match yours. Keep the list for future reference, for example, if you reach a deal and insist that the recipient take all further ads off of the Internet. Same for the return e-mail addresses. You may even find the e-mail address on a “scammers list”. Also, do a keyword search: Google not only people’s names, phone numbers and addresses, if available, but also chunks of the text of the ad. Being essentially lazy, scammers lift parts of real and fake ads and repeat them in their own ads. The Nigerian scammers used the name of the same couple of attorneys at the top of their letters.
6. If this is a social connection, ask for specific information (full name, address, telephone number) offering the same in exchange (of course try to use a valid P.O. box and a burn cell phone to be absolutely secure at your end). Ask specific questions that would require a specific answer (most scammers won’t answer unless you tell them you’re going to send money - they don’t want an endless dialogue with no return). If you arrange a phone call and are told that they don’t have the money for a phone, it’s probably a scam. For example, virtually every female on the face of the earth has a cell phone, especially ones that seem to have the money for those professional Russian model photos you are looking at! Talking about photos, ask your e-mailer to send you a photo with a specific object (red rose, green hat), article of clothing, outfit color or newspaper for verification. [You don’t have to be quite as obvious as those proof-of-life photos in the movies (e.g. Russell Crowe, Proof of Life, Warner Bros, 2000) where they hold up today’s newspaper!]
7. Specifically concerning Russian mail-order brides: If a Russian girl tells you that she will get a visa to the U.S., instead of inviting you to Russia, she is lying to you. She’s probably a scammer here in the U.S. Why? In order to get a visa, you must first visit the woman in Russia, then get engaged during your visit (with photo verification), after which you must fly back to the U.S. to apply for a K-1 (a/k/a “fiancee”) visa, which will allow the Russian girl to stay in the U.S. for up to 3 months, by which time you must get married. After that she can get a green card and, 3 years after that, apply for U.S. citizenship. It isn’t easy.
8. Specifically concerning prize scams: I would hope that you would never supply bank account information, credit card numbers, driver’s license numbers, passport numbers, social security numbers or personal information like mother’s maiden name or your birth date over the Internet. You don’t know who you’re talking to and, besides, it’s not even a secure Internet connection (https://). Moreover, there are no lottery winners who are ever notified by e-mail. And if the return address is through a Yahoo, G-mail, Hotmail or other bulk e-mail account, it’s probably a scam. Legitimate companies can afford the $100 a year for a real domain account. Never fall for payment in advance for anything, or for a scam which requires you to travel to collect the prize.
9. Specifically concerning classified ad scams: If someone wants to write you a check in excess of the qualified amount, or have you cash their check and then send the “excess” back to them, it’s probably a scam. If they ask you to send a money order, be aware that money orders are completely untraceable and also irretrievable in the event you discover you’ve been scammed. Be assured that their check won’t clear for a couple of weeks (they make sure it’ll take a while to get through the system), but your check, including the excess, will be long gone. Also, when someone is sending you payment, don’t fall for the “I don’t have a checking account” excuse. Even if they don’t have a bank account, they can always get a money order. Other tip-offs: Poor language skills, discussing personal matters that have nothing to do with the transaction (sick relatives, for example), references to trust, faith and God, never being able to meet in person (say you’re purchasing a car), sudden changes in the return e-mail name (first it’s John Silverton, then mysteriously Bill Goldwater), and the like.
10. Specifically concerning fake tech support scams: These are the unsolicited telephone calls supposedly coming from your ISP or Microsoft or some other company. They’re not selling you anything. Why, they’re giving you “free” advice. They’re protecting the universe from cybercrime. Next thing you know, they’re showing you “errors” on your computer and they’re into parts of your operating system you never saw before, using remote access to your computer, all for a minimal charge to your credit card. Maybe even for a download for some “diagnostic” software. Sure. You’re now infected. Don’t fall for this scam, even if their address or phone appear legitimate (it can always be a redirect). End the call. If they claim to be from Microsoft, Symantec or your ISP, call them back. Even better, look up the company’s number and call that. Treat them as if they just knocked uninvited at your door and invited themselves into your house “for your own protection.”
11. Specifically concerning vacation rental scams. These are becoming increasingly popular, and not just on Craigslist. Once again, if it appears to be too good to be true, it probably is (see No. 12, below). That $75 a night suite in London is probably a scam. Also, not only prepayment, but refusal to accept credit cards or Paypal is a sure tip-off. If the only method of prepayment is that the funds be wired to the rental owner’s bank account, this should also be a warning. Also, any requirement that the entire sum, often including the security deposit, be paid up front, is a good indication of a scam. Another popular Craigslist renter scam: You put an ad in the paper to rent your place. You get an e-mail response from someone out of the country (England, perhaps) agreeing to rent your place, check to follow. They’re on their way to the U.S. (to go to school, for a new job, whatever) and can’t be reached. You receive the check but its not local (in fact it’s from out of the country) and then deposit it. A couple of days later, you receive another e-mail canceling the reservation. (The job fell through, the school changed its mind, whatever.) They feel so bad, you can keep $500 of it, send the rest back by wire, they’ll pay the charges. Of course, their check hasn’t cleared yet (since it’s out of the country) and it never will. But your wire will be good and you’re out $500!
12. Scammers appeal to everybody’s sense of greed. As they say, everybody has a price. As they also say, if it sounds or looks too good to be true, it probably is. If the payoff is too high or too easy, if the photo looks too fabulous, if the cost of something is far below its value, don’t fall for the inevitable explanations (hardship, illness, etc.), just stay away from it.
13. Chain letters: Just because they’re e-mail and not snail mail doesn’t mean that they’re not dangerous. Those e-mails that get you to send them on to ten more people, because you’ll be rewarded with riches or good luck are still chain letters. But the purpose of these letters is really to create good luck and income for the scammers and spammers. Passing on the chain letter uses “trackers” or “keystroke loggers” that report back to the scammer those cookies and e-mail addresses of the people you forwarded that e-mail to in order to create a list of addresses which can then used for spam advertising or propagating additional malware on those other computers. Similarly, don’t fall for the e-mails that pluck on your heart strings or play on your political sensibilities to get you to forward so-called “petitions”. E-mails are never an acceptable form of petition to Congress, local governments or virtually anyone else. To be valid, petitions must have actual signatures and full identification. Scammers are simply accumulating your on-line information.
14. Although not specifically a scam, stay away from any e-mails which carry the subject line like “You’ve gotta see this” or “A card for you,” even if it’s from someone you have received e-mail from before. Also, in the same genre, “here you have it,” “just for you,” and “here it is.” Similarly, avoid e-mails from people you don’t know that refer to a timely subject (Obama’s election, Winter Olympics, Health Care bill when they were in the news, to mention a few), because the attached video clips or other attachments are most likely malware. If the subject line is uncharacteristic for that person, their address book may have been “spoofed” by malware, which is then sending infected e-mails to everyone in the address book, usually without the sender’s knowledge. Also, don’t believe e-mails stating that your account has been suspended or someone has attempted to access it, then requesting verification information (by e-mail) or asking you to click on a file to obtain instructions for correction. These are links to malware, which will then be installed on your system, causing predictable damage.
15. Always pay with credit cards. As discussed above, most scammers won’t accept PayPal or take credit cards, instead insisting that funds be wired to their bank account. Beware of this. NEVER wire funds via Western Union, Moneygram or any other wire service, either. Also, MoneyPak and Bitcoins can’t be retrieved once the transaction is made. It’s a sure tip-off that its a scam.
16. Scam Reviews: It’s sad, but you can’t necessarily trust many of the reviews that you see on sites like Yelp, Google Places, Citysearch, TripAdvisor and the like, because unscrupulous businesses have hired paid writers to post false reviews of their businesses. Several large companies, including Microsoft and Google, have studied this phenomenon and found a few telltale patterns: Fake reviewers aren’t usually long time members of a site, their reviews occur shortly after a product or service launches and their reviews may differ sharply from others on the same site. These spammers likely post multiple reviews for one product or various products made by a single brand. According to a Cornell University study, spammers also have several common tics: Spam reviewers tend to spend more time talking about themselves (i.e. why they took a trip or stayed somewhere) rather than the actual product (e.g. the floor space, decor or food). The study claims that for some reason the use of the word “husband” is indicative of deception. Most of the review sites have algorithms which are quite successful in filtering out phony reviews, but they still sometimes get through. I find that I review all of the reviews for a common “thread” and follow that.
17. Scams based on current events: As discussed on the Security page, current events strongly influence scammers’ tactics. Whether it’s an election, the Olympics, the Super Bowl or some other well known event, there will always be a scam to go along with it, e-mails hoping you’ll click out of interest. You’ll want to see pics of your favorite sports team, or faux pas of your opposing candidate. Don’t bite. Even if it’s from someone you may know, because their mailbox may have been hacked.
18. Fear Scams: Some popular scams are based on fear, not greed. Those scams that tell you you have a speeding ticket (just click “here” for a video), or a tax refund (just click “here” for a copy of the check), or a FedEx or UPS package (just click “here” for the shipping order) and the like appeal to people’s natural desire not to miss something that they believe is due them or they should know about. Never mind that you didn’t order any packages, know you aren’t possibly due a tax refund and haven’t been speeding, you jump on the “possibility” that you’ve done something illegal or that someone is looking to give you something. Police and federal law enforcement officials will not e-mail you with this type of information, so don’t fall for it. Lawyers won’t e-mail you to tell you that you won the lottery or have an inheritance. As for deliveries, call back the carrier on their own telephone number and have them check the information from there.
19. Scams that play on people’s hardships: This is the worst. These scammers have no conscience. True scams: People (yes, including foster parents) who steal the identities of those they are charged to care for to obtain credit. People who prey on elderly, like the “grandparents scam” where they impersonate their grandchildren, requesting money because they’ve been mugged, arrested or in a car accident and need money wired immediately. Foreclosure scanners who charge consumers direct fees to manage their mortgage, but then pocket the payments without paying the mortgage. Spanish speaking scammers who impersonate FBI, DoD or immigration officials to extract payments from illegals to stay in this country, after researching their children. Gangs of people who pick up the homeless, pay them a small amount to take out cell phone contracts and get subsidized contract, then resell the phones on the black market. So-called “debt relief” firms that charge a big up front fee, ask the debtors to pay them monthly fees directly, then keep the money without paying the debt. Believe it or not, some scammers pose as military, calling families of service members asking for payments to process early leave requests from war torn countries. Or, just as bad, returning service members coming home to find that their credit has been ruined by scammers. Contrary to some other types of scammers, these people do their research - they find out the names and personal information about grandchildren, illegal children or service personnel before starting their scam.
20. Selling on Craigslist: Some time ago, I prepared notes for a client that was selling some chairs on Craigslist. The notes are still good advice. Click HERE to see.
21. Generally: Should I even have to mention these obvious no-nos? Don’t respond to an e-mail that asks you to run a program, even from some you know. Or one which says you’ll have bad luck if you don’t forward it to 25 more people. Or one which claims that a friend (or not) is trapped in another company and needs money to rescue them. Or needs money because his brother, the King, has mistakenly frozen his assets in Nigeria. Or, generally, offers to provide you with a large amount of money if you’ll just give them your bank account details for processing, or a guarantee or the like. Or ask for your password. Or ask you to look at some web link just because they say so. Or e-mail you from a different address they’re been using for a long time. Or e-mail you that they are immediately changing their address or phone or mailing address, without any verification. Or virtually anything about changing anything to another country. You get the picture, right?
THESE are just the basics. There are a few more tips at the ‘Skip Responses” section of the Craigslist page. For even more information, surf the Internet. There is a rather comprehensive site which covers all types of scams, named Consumer Fraud Reporting, which discusses the specifics of each type of scam, which is quite impressive. Also, click HERE for the useful tips and links on the Craigslist site. Finally, check sites such as scamwarners.com, scam.com, 419legal.org to see if people have reported similar scams. Also Scanorama and fraudaid have good information. You should be aware that these scams are so prevalent that there is actually an organization named “IC3” (the Internet Crime Complaint Center, see Associations), a partnership between the FBI, the National White Collar Crime Center, and the Bureau of Justice Assistance created specifically to investigate such crimes.