Feb 4, 2014, 12:18 AM
Post #1 of 11
Username: rflagg - Classifieds Buyer Scam
The following scam has been reported:
On 1-Feb-2014 someone submitted their contact information in response to your ad in the Dropzone.com Classifieds. Please reply to this email to contact the person directly.
Username => rflagg
Name => Flagg Ray
FromEmail => firstname.lastname@example.org
Comments => I am interested in buying your Airtec CYPRESS 2 – TANDEM – 2pin and would like to receive additional information about it, such as present condition, last asking price and pics if available, i will like to pay with PayPal. Here's my email-(email@example.com)
DO NOT do business with anyone who offers to send you payment for a higher amount than your selling price with the understanding that you'll send back the balance.
Be suspicious of anyone claiming to be acting on behalf of a "client" or another "customer".
Be suspicious of anyone claiming to be from Nigeria or West Africa
If you agree to accept a check payment, then do not send anything, gear or "change" before the check cleared. And be careful, if you manage to clear a fraudulent check then you may be liable for the damages if the bank finds out later. Make sure your bank authenticates the check.
If it sounds to good to be true, then it probably is.
He told me he worked on an oil platform and unable to access his bank account but able to create a PayPal account (LOL!). He was buying the gear as a surprise gift for his brother. He would send a special carrier to pick the gear up... (huh?). Wish I would have kept the e-mail now that I know it was a scam.
Paypal is secure. What they will do is receive your email and send you a FAKE email saying paypal has funded your account. CHECK YOUR PAYPAL at paypal.com do NOT click the link! I was trying to sell a car and someone fed me the whole they will pay for shipping and need my email. I gave them my email and thats what he sent. I thought it was fishy to begin with and was mainly just jerking him around. Be aware hope this helps!
Clicking links can be very dangerous, there's a number of ways that users can gather all your details through links. It would be fairly easy for them to clone a site like Paypal, and instead of where you enter your details into logging you in - it would then use PHP to write what you entered into a separate file. So you'd essentially be giving them your login details. That's just one of the ways in which they are able to use links to steal.
PS: Always be sure to check https and security certificates on sites where you're dealing with money. If the site isn't secure with a valid certificate, don't risk it.
(This post was edited by Meso on Feb 6, 2014, 5:59 AM)
My knowledge of HTTPS isn't the best, but as I understand it. HTTPS is basically a secure communication framework that ensures that packets are sent between the two individuals. It's possible to do "Man in the Middle" attacks where you can intercept a communication between two parties, receiving the packets of data intended for party A sent by party B, while making party A believe it was actually sent direction from party B.
Certificates are applied for, and who provides them will also provide how secure they are. Verisign for example is a well established issuer of certificates and if you are verified with Verisign a user will see a trustworthy and recognized name has confirmed you are who you say you are.
With that said, I don't think one has to worry too much about getting lured into man in the middle attacks and stuff by these scammers.
Primary your main concern will be making sure "paypal's" URLs provided by the scammer, should that happen - are actually paypal.com
(This post was edited by Meso on Feb 6, 2014, 6:51 AM)