Friday, May 31, 2024

How to sell your TV without losing your shirt (and banking data) | Kaspersky official blog

Popular message boards have long been a haven for scammers — you know, the ones who typically offer too-good-to-be-true deals on popular items? A brand new TV at half price? A near-mint-condition scooter with a 70% discount? A smartphone, still in the box and with receipt but 40% cheaper than retail? Scams, every last one.

There’s nothing complicated here: the scammer-seller asks the victim-buyer to pay for the given product through a special link. The unsuspecting victim-buyer clicks the link, “pays” for the item, and loses their money. This common trick is known as scam 1.0 or the “buyer scam” — and since most online buyers are already aware of it, it’s practically vintage.

Another fraudulent scheme is the “seller scam” or scam 2.0, where scammers pose as buyers to deceive sellers. Let’s break it down, and then discuss how to buy and sell safely on message boards.

How the “seller scam” works

The key difference between this scheme and the classic one is that the scammer pretends to be a buyer — not a seller. Scammers contact sellers with an offer to buy their product, but with a caveat — the transaction must be made as a “secure payment” on a “secure” site that acts as a guarantor. The scammer-buyer claims to have already deposited the funds into the system, and the victim-seller just needs to click a link (of course, a phishing one), enter their bank card details, and hit the “Receive money” button. And voilà! The banking card details are stolen, the account is drained, and the item stays on the shelf.

First seen in Russia, this scam has spread around the world rapidly. We’ve found evidence of it in Austria, Canada, France, Norway and Switzerland to date. We therefore recommend arming yourself with reliable protection before scammers target your country.

Choosing a victim

Most often, scammers target listings that sellers promote through paid advertising. This indicates that the seller is more likely to have a nice fat wallet and is eager to make a quick sale — making them less likely to scrutinize a potential buyer’s legitimacy. This sense of urgency plays right into the scammer’s hands.

Although businesses using message boards also use promoted listings, these are easy to identify by their high-quality photos and detailed descriptions. Therefore, scammers target only individual sellers who often have simpler photos, fewer reviews, and product descriptions that clearly haven’t been written by a professional marketer.

Finally, scammers look for sellers willing to share their phone number and switch the communication to external messengers. Whether the seller is willing to do so is ascertained through communicating with them.

Warm-up and deception

Having chosen a potential victim, scammers follow a fairly simple script: they greet the seller, ask a few questions (“Why are you selling? What condition is the item in?”), and immediately proceed to the deal. The scammer says they’re satisfied with the item, but can’t pick it up in person — it needs to be delivered, which can be arranged after a “secure payment”. They then describe the payment scheme to the victim in detail:

  1. I pay for your item;
  2. You receive a link to receive the money;
  3. You follow the link and enter your account number to get the money;
  4. You’ll be contacted by the order-processing service, which will pack, process, and ship the item to me.

If the seller refuses such a payment method or insists on continuing communication on the official marketplace channel, the scammer simply disappears. There’s no point in wasting time trying to persuade the seller, who’s most likely one of our readers and stays up to date with typical fraudulent tactics.

However, if the victim falls for the trick, follows the phishing link and enters their payment details, the scammers immediately drain their bank account.

How to recognize phishing

In the scam 2.0 scheme, two types of phishing pages are particularly common. The first type replicates the marketplace listing page almost identically — with one small difference. See for yourself: this phishing page looks exactly like the original listing but, instead of the Inserent kontaktieren (“Contact the seller”) button, the scammer’s button says Receive 150 CHF (CHF = Swiss francs).

The original listing for a monitor (left) and the phishing page with the scam button on a fake site (right)

The original listing for a monitor (left) and the phishing page with the scam button on a fake site (right)

Upon clicking the link, the seller sees their listing on what they believe to be the legitimate marketplace site (although the website address differs from the original if they look closely). They click the “Receive money” button, and land on another phishing page with a form to enter their bank card details.

In the second type of phishing page, the scammers don’t bother replicating the victim’s listing and instead send them directly to a fake copy of a secure payment service like Twin.

Phishing pages for conducting a "secure payment"

Phishing pages for conducting a “secure payment”

As you can see from these screenshots, the potential victim needs to enter not only their bank card number but also the CVC code, cardholder’s name, expiration date, as well as their email address and personal phone number. In the first case, they’re even asked to disclose their account balance. With all this data, the scammers can effortlessly steal every last penny in the account.

This type of scam has been industrialized: entire groups of cybercriminals are involved, having developed specialized tools for deceiving both buyers and sellers on message boards as effectively as possible. You can read more about the inner workings of this illegal business in our investigation.

How to trade safely on message boards

To avoid falling victim to scammers when selling or buying goods on marketplaces, follow these rules:

  • Don’t switch to third-party messengers; use the platform’s built-in chat. Scammers often try to move the conversation to WhatsApp or Telegram as quickly as possible to bypass the security measures built into most boards that block link sharing. Little do they know that Kaspersky Premium prevents users from following phishing links in various services and messengers.
  • Trust only official payment resources. Carefully examine the website address and the page itself before entering your bank card details to avoid becoming a phishing If you notice typos in the domain name or errors on the page, be wary and check the domain registration date. If the site is only a week old, it’s most likely a fake.
  • Use a virtual bank card with a set limit. If you’re selling an item, there should be no funds on the card — then there’ll be nothing for scammers to get their hands on. When buying an item, avoid prepayments whenever possible, and only pay upon receiving and inspecting the item.
  • Be cautious about deliveries. Many message boards don’t offer built-in options for shipping goods to other cities, so scammers might try to take advantage of this, urging you to send the item through their “trusted service”.
  • Sell locally or use cash on delivery (COD). The safest transactions take place offline. If you can’t find local buyers, use postal services or similar options that offer COD. This ensures that the buyer won’t receive the item until they’ve paid for it at the pickup point.


from Kaspersky official blog https://ift.tt/sHX5o70
via IFTTT

No comments:

Post a Comment