Read on to find out what are the dead giveaways you’re dealing with a scammer and how to avoid it.
The fraud tactic I’m going to talk about is now being used on a massive scale in Poland, but I’m pretty sure that scammers all over the world use similar methods. Heck, such techniques are probably in use since the dawn of civilization and trade.
What’s the scoop?
Scammers have been recently targeting Polish users of OLX (or OnLine eXchange), a very popular online marketplace operating in 45 countries. It’s one of the most popular platforms of its type in Poland.
No wonder it attracts so many fraudsters.
While scams are nothing new to OLX, and there’s quite a bunch of guides on how to avoid falling prey to these, so far such attempts were aimed at buyers (I’ll probably write more on that in the future).
This time, however, sellers are the target.
How does this scam work?
This is how it usually goes: the scammer, posing as a potential buyer, contacts the seller, usually through WhatsApp, saying they’re interested in making a purchase. Why they choose WhatsApp? Simply because this is world’s largest private messenger (with more than 2 billions active users). Besides, WhatsApp collects a lot of metadata, more than iMessage, Signal or Telegram, but, truth be told, still less than Facebook, Messenger, Google, Instagram, Snapchat or TikTok.
Going back to our scammer. That’s the first giveaway: the “buyer” is not using official channels moderated by OLX’s employees.
Another one is that this person often makes spelling errors and grammatical mistakes, suggesting a foreigner. I gotta admit, though, that many OLX users, despite being my fellow countrymen, are also at odds with linguistic rules.
But the biggest red flag is the buyer proposing paying using an unconventional method. In this case it often is a “direct card deposit.” Scammers usually have fake screenshots or proof of similar transactions at the ready, claiming it’s a common practice. They send a link to a fake OLX website that feature a “Receive funds” or a similarly labeled button, and the seller is asked to provide credit card details.
We’re usually careful and only enter such data through secure pages, but scammers use all kinds of techniques to make us lower our guard. They can tell you that they have other offers to choose from, for example, so it’s in your best interest if you accept the deal. In many cases they’ll tell you they’ve already made the payment. All you need is to accept the funds. And that’s a yet another red flag: why would you need to do that?
The last step is the scammer telling you that the transaction must be verified. And the verification involved your card getting charged so that it can be “validated,” and the money should be returned to you within 5 to 10 minutes.
Know your enemy
Other scammers can use fake bank pages to steal login data or even trick the seller into installing malware on their phone so that scammers can take control over the mobile banking app.
In countries where accepting transactions through QR codes is popular, crooks send fake codes in hopes of getting sellers’ money.
So, if you are either buying or selling stuff online:
1. Be on the lookout if someone contacts you via unusual channels or offers you payment through weird methods.
2. Be extra careful if they put any sort of pressure on you — if you are excited or stressed, you’re more likely to make mistakes.
3. Do not provide any personal details unless you are 100% sure it’s absolutely necessary.
4. Always thoroughly check the pages you’re supposed to make the payment on. Make sure the connection is secure and the certificates are in order. If in doubt, check the address once again.
If you have even the slightest suspicion that there’s something wrong with your transaction, contact your bank immediately. Scammers will work fast to withdraw the funds they stole from you, and it’s much better to cancel your debit/credit card than lose everything.
Fraud in gaming
Gaming’s already been immensely popular, but 2020 made all sorts of stats go overboard. Too bad scammers were like:
This means you need to be on the lookout for sketchy schemes even when playing your favorite game, especially if it’s an online one and features in-game currencies and purchases.
There’s a couple things you can do to stay safe:
1. Make in-game purchases only through websites you know are legit.
2. If a seller requests your login or banking data, NEVER reply.
3. The above also means not sharing your logins with anybody, even your friends.
4. If you see an email asking you to reconfirm your password, ignore it.
5. Use strong passwords and back them up with two-factor authentication if possible. The latter will make your account harder to hack.
6. Stay away from third-party apps and cheats that supposedly “help” you in various mobile games. These are most probably malware that’ll cause you a lot of headache.
Scary? Not really. Just follow these simple rules and you should be perfectly safe. If in doubt, contact customer support of your favorite game.
Sadly, the chances of recovering money lost to scammers are rather slim. This is why we need to be super aware of potential dangers and techniques used by fraudsters, and browse the Internet in a safe and conscious way.
In other words: we have to stay educated and educate others, especially those who are especially prone to online threats.
Check out our other guides on how to avoid all sorts of scams or trouble related to your personal data:
By Dariusz Kruć, Security Support Specialist at G2A.COMBack