Saturday, April 15, 2006

25 Ways to Avoid Auction Fraud From a Seller's Perspective

Auction sites grow more popular all the time. Because of their popularity, they seem to attract all kinds of undesirable individuals, who are intent on making a profit at other's expense.

Here is a story I found on that was originally written by a "seller" himself (J. Foley of After reading his 25 tips, I realized this was valuable information for anyone considering doing business on auction sites on how to avoid fraud.

Here are his 25 tips:

1. Stock photos and descriptions, Because they don't have the item they are "selling", some fraudsters use a stock photograph of the item. And they will probably use the manufacturer's product description too. So, stock photos and no original description might be a sign. Search for other auctions by the same seller, and see if they are brazen enough to advertise the same item more than once.

2. A price too good to be true often isn't true, A fraudster wants your money quickly, so you may find they offer to close their auction early with you as the "winner" having bid a price which you know to be somewhat of a bargain. Why would anyone close their auction early if the price hadn't reached market levels? I'll give you one guess.

3. High value or high volume, newly registered sellers, Although the vast majority of new sellers are genuine and honest, be cautious of buying from people selling high value items in bulk, very early on in their eBay career. This pattern isn't quite normal. Think back to your own first sales. You would have been tentative, and probably have tried single, low value items initially. So, a new seller fitting this profile may be someone who has perhaps been previously suspended and has registered another ID.

4. 1 day listings, Although 1 day listing are used by genuine sellers who have more than one item or who want a quick sale, unfortunately this duration is attractive to fraudsters too. They sometimes use a 1 day auction duration to gain a quick sale before their actions can be reported and acted upon. So, be extra wary on auctions with 1 day listing.

5. Invitations to trade off-eBay, This is a classic ploy of fraudsters. Having made some kind of contact with you, or you with them, they will invite you to purchase or to sell off eBay i.e. without using eBay's auction services. The attraction here to the fraudster is that they can drive the transaction along the lines they prefer, whether that be escrow, PayPal etc. Another reason why trading off eBay is not a good idea is that you have to keep your own formal records of the transaction, and you forfeit any cover from eBay buyer protection and PayPal buyer protection. Plus, and this might be a minor point, but you will not be able to leave feedback to let others know your experience with this seller/buyer.

6. Payment methods with no recourse, Fraudsters prefer to chose payment methods in which the buyer has no protection, like wire transfers where the buyer has no way of tracing where the money is going. Western Union Money Transfers and BidPay are favourites and should be totally avoided. Postal orders are similar although they are a popular payment method among the genuine sellers as they require no clearance time. Bank transfers and cheques can only provide the possibility of your bank investigating the details of the account the money was transferred into. For the best protection use Paypal and fund with a Credit Card. Note there are limits on eBay and PayPal protection, and you should make yourself aware of what these are.

7. Unusual sales pattern, If your seller's feedback indicates that they normally deal in collectables, DVDs or other specific items, be suspicious that they are suddenly listing laptops, plasma TVs or other high value items. The change may indicate that this seller's account has been hijacked.

8. Bad english gives you a pointer, Some fraudsters operate from abroad but pretend to be in UK or USA. As they aren't particularly adept at the english language they might use a translation tool like Babelfish to create their emails to you. So, watch out for emails that are not good english. In itself, it doesn't prove anything, there are plenty of genuine eBay sellers for whom english is not their first language. But it might add to further evidence you have.

9. Location Location Location, In the case of lazy fraudsters you might find their locations don't match up. By that I mean the auction says the goods are in the UK, but the seller's ID details show their location to be, say, Ukraine. This is not a good sign. Often in these cases if you contact these sellers you will receive an excuse as to why the item is not in the UK, and therefore can't be collected in person. In short, if an auction says the item is in the UK and the seller says that it is not, I would avoid the auction. And don't forget to cross check with their PayPal account, and see in which country this resides.

10. Ask questions, Always, always ask your seller a question. Any question. Their response, if you receive one, will help you judge how genuine the seller is. Beware auctions that carry a message asking you to contact the seller via a given email address as opposed to via the 'Ask seller a question' link. This could be an account hijacker trying to prevent buyers from 'Asking the seller a question'. They want to stop this from happening because such questions could be routed to the real account owner.

11. "eBay can vouch for me" email, A warning about a relatively new tactic used by fraudsters. If you are proving hard to land as a buyer/seller, they may claim they can get eBay to email you proof of their validity so that you can trust them. eBay, of course, will NEVER do this. The email sent out, however authentic looking, is fake and is designed to get you to part with your money or your goods. This applies equally to Square Trade and PayPal. They will never email you certifying the genuineness of anyone.

12.A PayPal warning, There are fraudsters who use stolen PayPal accounts to accept payments. To lower the possibility of this, check your seller's location as shown in eBay, and then see if it is one of PayPal's permitted countries by clicking here: If PayPal don't offer their service in the country that the seller resides, be very wary.

13. Passwords, Never have the same password on your eBay and PayPal accounts. Or indeed on any other financial or personal site. Change your passwords every 30-60 days on both eBay and PayPal.

14. Pointers in feedback, Try to read the positive feedback as well as the negative. Read the way your seller responds to negative feedback as this will often give you an idea of how the seller will react if something goes badly wrong. If the seller is offering high value goods, be wary if their feedback has been built up quickly from low value purchases. Also, if the overall rating is good, but there are a disproportionate number of negatives in recent days/weeks, this might indicate the account has been taken over. Finally, be aware that feedback is not the guarantee it once was. Feedback can easily be manufactured. Also, if the user ID has been hijacked, you'll be reading the feedback of the original account owner, not the person with whom you're currently dealing!

15. Credit Card payment, For high value items, or for amounts of money you can't afford to lose, make sure you pay by credit card which has online fraud protection. This will give you some recourse if the seller is fraudulent. In this context, paying via PayPal is not the same. PayPal does have a buyer protection scheme, but there are criteria which the eBay auction has to satisfy in order to qualify. Even if the transaction qualifies, PayPal's standard protection currently has a maximum value of $1,000. Note that payment by debit card provides zero protection.

16. Address and Telephone check, Use the Ask the seller a question link, and request they email you with their address and telephone number. Any reputable seller will give you their address and telephone number. When you get the number, call it, and see if you get through to the genuine seller.

17. Keystroke capturing virus, This is a computer virus which you inadvertently download onto your PC. It's task is to capture the keystrokes you make, and to send them to the virus placer. The fraudster then uses pattern recognition software to identify and extract personal information, like username, password, credit card numbers etc. To avoid this happening to you, it is wise to have good, up-to-date virus, firewall and spyware checking software on your PC.

18. Shill bidding, Shill bidding is where people work in cahoots to inflate the bidding on an item. A seller has a "partner" who makes bids on the seller's items with a view to bumping up the bid price. They have no intention of buying the item. Fortunately, shill bidders and their associated seller can be stupid. The shill bidder will usually makes bids on other items from the same seller. Here's how to check to see if shill bidding is a feature of a particular seller. First, look at the seller's closed auctions over the last 30 days. If most of the closed auctions have no bids, it is unlikely the seller has shill bidders working with them. If all of the closed auctions have bids, take a look at the bid history. See if the same bidder appears in the list of bidders, usually with aggressive bidding and normally at the start of the auction. If so, you may have uncovered a shill operation, so avoid that seller's auctions.

19. Keep your transaction information, Keep your own record of the transaction when you're buying. Don't just rely on eBay. You want a record of the seller's identification, the item description, emails sent and received, plus the time, date and price of your bid.

20. "I noticed your bid...." , Never deal with anyone who contacts you after seeing your bid on another auction. They will say something like, "I saw you bidding on that digital camera. I have the same model available for sale. I don't have time to list it on eBay. It has more accessories than the one you lost out on. You can have it for xyz." If you bite, they'll probably take you down the fake escrow route. Also, if you entertain this proposition, you're operating outside of eBay and therefore have no auction protection whatsoever.

21. Changed eBay ID, Never deal with anyone who has a changed ID icon next to their name. This icon menas they've changed their ID in the last 30 days. Few legitimate people change their eBay ID. When was the last time you changed yours? There's a 1% chance that an ID change is genuine, but 99% that it is fraudulent. Why take the risk?

22. Changed email address mid-stream, If a seller or buyer changes their email address on you in the middle of a transaction, stop dealing with them. It is likely their previous email account was closed down due to some irregularity - such as a previous victim reported them. If you think about it, why would any genuine buyer or seller change their email address whilst corresponding on a transaction they wish to conclude expeditiously?

23. Complications, Never get involved in any transaction where the seller/buyer tries to introduce a third person into the financial arrangements. They might ask you to pay xyz, who will then pay the seller, and you will receive a discount or commission for your co-operation. Such proposals are always fraudulent. They prey on greed. Don't be tempted.

24. Time is of the essence, This is a scam which is has more potential for success than traditional phishing attacks, as it is time sensitive. The fraudster searches for high value auctions that have just ended. The bid history for an auction contains hyperlinks to each bidder. The fraudster checks to see if the winning bidder is selling any items of their own. If so, they go to that auction and embed a request for payment from the first auction within a question for seller. This works because winning bidders are expecting request for payment shortly after an auction ends. A variation of this is to offer a bidder a "second chance". This time the "Ask the seller a question" email pretends that the real winner has backed out, and offers the item at a lower price. The buyer, believing the story, is lured into paying to whom they believe is a genuine seller. Many eBayers have heard of the second chance system, but have no experience of it. This unfamiliarity coupled with the fact that a few weeks might have passed, makes this an effective method for fraudsters. The moral of this story is never get involved in any transaction which arrives in your inbox via the Ask the Seller a Question feature.

25. eBay IDs, Never us your email address as your eBay ID, or part of your eBay ID. Fraudsters have software which monitors internet traffic looking for information such as this. If your eBay ID and email address are the same, it is simple for a fraudster to plausibly communicate with other eBay members in your name.

Perhaps an experienced seller, such as Mr. Foley and his expertise in the auction world can help those, who are new and unfamiliar to the dangers lurking on auction sites.

I written many posts on auction fraud. Here is my most recent one with links to some others:

Phishy E-Mails from eBay/PayPal are at a Record High

Does Teamwork Make Sense in the Age of Compliance

The Age of Compliance is rapidly coming into vogue. Inspired by the need to deal with terrorist organizations and an ever increasing rise in financial crimes, governments and private organizations are tightening down their procedures.

Traditionally, the business approach to controlling exposure has been segmented into different areas. In most organizations this would include the finance, legal, corporate security and IT departments.

But let's face it, compliance/security costs money and the entities that ensure this don't bring in money to the bottom line. They do prevent losses to the bottom line, but when they do their jobs, exposure is prevented and there is nothing tangible that can be measured.

DataMonitor (Norkom Technologies) recently did some interesting research, which might reflect a means to be more effective and reduce the cost of compliance.

"Traditionally financial service providers have viewed...Financial crime and compliance as separate disciplines, explained Paul Kerley, CEO of Norkom Technologies, continuing:

"But within an increasingly tight-margined industry there is a strong desire to pursue a single investment stream to both reduce criminal losses and drive down the cost of compliance. This is now achievable since single technology platforms are now emerging that can detect crime, investigate it and compile the management information required to fulfill the regulator's requirements."

Teamwork is a powerful tool and with the rapidly changing face of the business world this makes perfect sense. In fact, anyone involved in compliance knows the exposure increases daily and that the bad guys (terrorists and criminals) use the ever changing face of technology to further their sordid goals.

Organized criminals and terrorists are also combining "job disciplines" and many experts suspect that they recruit experts from the financial, IT and legal sectors. In the case of the Eastern European Groups, they also employ former security and intelligence experts.

Terrorists are doing the same thing.

Phil Williams, Professor of International Security Studies, University of Pittsburgh highlighted this in a paper a few years ago when he wrote:

"Many governments, businesses, and individuals around the world are just beginning to learn how to make best use of the latest information technologies. But organized criminal enterprises have already discovered these technologies as new opportunities for exploitation and illegal profits."

In his paper, Professor Williams also wrote:

"Criminal organizations and drug traffickers have increasingly hired financial specialists to conduct their money laundering transactions. This adds an extra layer of insulation while utilizing legal and financial experts knowledgeable about financial transactions and the availability of safe havens in offshore financial jurisdictions."

"Similarly, organized crime does not need to develop technical expertise about the Internet. It can hire those in the hacking community who do have the expertise, ensuring through a mixture of rewards and threats that they carry out their assigned tasks effectively and efficiently."

So far as the Terrorists, their use of technology and financial expertise is well documented.

Recently, the FBI and other law enforcement organizations have recognized the need for greater teamwork between experts from the law enforcement and business worlds.

Based on the signs of the times, consolidation of resources within companies not only will cut costs, but it will probably also make their efforts more effective. In fact, it makes perfect sense, at least to me.

For an article about this by, click on the title of this post.

Thursday, April 13, 2006

BBB Worker Takes Job Processing Fraudulent eBay Transactions

A Better Business Bureau worker was recently involved in eBay fraud by taking a part-time (work-at-home job) processing account receivables for criminals from Eastern Europe. According to her, she even checked them out before accepting the job and found nothing that would suggest a scam.

The job was to process payments (primarily from eBay transactions) and wire the money to her employers.

These scams, known as check-cashing schemes solicit people to process fraudulent financial instruments and wire the money to a far-away locale. Their employers normally prefer the use of Western Union, or Money Gram, which offer little to no protection once the money is sent.

News clip from in Denver, here.

There is also another version of the work-at-home scam, which entails receiving the stolen merchandise and then reshipping it.

In work-at-home (check cashing) schemes, the worker is normally instructed to set up an account (using their information and good credit) to process the financial instruments. Quite often, they are held financially responsible after the financial instruments are discovered fraudulent and they have wired the money.

No matter what the scam entails, the fraudsters always prefer "unprotected" methods of wiring money. I would highly recommend NEVER wiring money to someone you don't know, or haven't done a lot of business with for a LONG TIME.

To add to the confusion many auction fraud victims buy merchandise from seemingly highly rated sellers when their account is taken over. Account takeovers are normally accomplished via phishing, where a legitimate account holder is duped into giving up their account information.

Phishy e-mails from eBay and PayPal are circulating the internet at a record rate.

Interesting that the BBB worker was savvy enough to do a little "due diligence" on the scam company, which revealed nothing. When I looked at their site, I found two articles that describe activity very similiar to this.

Work-at-Home Schemes

Work-At-Home-Schemes Now Peddled On-Line

I wasn't able to find an article on the BBB regarding "check cashing schemes," but in reality this scam is nothing more than a "mutation" of the "work at home" scheme.

I'd offer to write it for them, but after writing this post, I doubt they will solicit my services.

It's becoming quite common for organized gangs to set up fraudulent businesses as a front for the various scams out there. They are often complete with office space, telephones and even web sites.

I guess the moral of the story is that when a business has no verifiable track record a prudent person should dig a little deeper? I stole that one from my friend Paul, who writes prying1.

Let's face it, processing proceeds from auctions using your own account and wiring the money to Eastern Europe seems a little risky. At least to me, it does.

Sunday, April 09, 2006

Phishy E-Mails from eBay/PayPal are at a Record High

Phishy e-mails claiming to be from eBay and PayPal seem to be coming into my inbox and bulk mail at record rates. My spam filter used to catch most of them, but now many of them are making their way past it.

Normally, the intent of these e-mails is to steal personal and financial information. Quite often, the information is also used to "take over" legitimate sites and sell bogus, or nonexistent merchandise.

Please note that fraud on auctions isn't exclusive to eBay and PayPal. In fact, the auction business is booming and many new auction sites are being launched. I have no doubt the "Phishermen" will target all of them. Phishing is becoming extremely organized and highly profitable for criminals and they intentionally target whatever is popular, or sells.

I sometimes wonder if they don't hire "marketing experts?"

Here is something, I read this morning from Ina Steiner at Auction Bytes:

PayPal Director of Corporate Communications Amanda Pires said spoofing is an issue PayPal takes very seriously. She could not reveal exact details about what PayPal was doing to fight phishing, but claimed the company is leading the industry with innovative technology and resources dedicated to fighting spoof. "PayPal and eBay employ a dedicated team that focuses just on the spoof issue. Additionally, every second of every day and on every single transaction, PayPal applies its advanced proprietary fraud detection techniques and tools to detect fraudulent activity."

According to Rich Miller, an analyst with Netcraft Ltd., a company that provides security services related to phishing (, eBay and PayPal are two of the most frequently targeted companies for phishing schemes. Miller said the best way for such companies to communicate with users is through dedicated message areas users access after they log-in to the company's site. He said the next best advice for users to avoid becoming victims of phishing schemes is to refrain from clicking on links in emails that lead to log-in pages.

Miller said phishing emails create a sense of urgency. In the early days, typos were often a sign of a phishing email, he said, but phishers have cleaned up their spelling over the years. "Phishers will test social engineering tricks," he said. "If it works, they put the additional effort into refining it. They will spend time to make it look legitimate. The people doing it are professionals."

Full story, here.

The best way to defeat the Phishermen is through awareness and by the aware reporting attempts they spot.

The Phishing Incident Reporting and Termination Squad (PIRT) is one place the "aware" can report these scams. The Anti-Phishing Working Group is another place to report "phishy e-mails" and is also a great place to become more aware.

There is also a lot of other fraudulent schemes on auction sites besides "phishing." Unfortunately, in order to be safe doing business on them, becoming aware of all of them is probably a wise idea. Here are some previous posts, I've done relevant to the other schemes:

eBay Fraud from a Personal Standpoint

Counterfeit Travelers Express (MoneyGram) Money Orders Showing Up ...

eBay Fraud Buster

Hard Drives for Nigeria

XBox Latest Lure in Auction Scams