It was an average, unexciting Thursday night in the Duncan house—until my daughter almost got scammed online, that is. She decided that she didn’t like or use her iPad 2 enough, so she listed it on Craigslist, hoping for a quick sale. Within a short time, she got a few equally uninteresting questions about the iPad’s condition or whether she was willing to trade for something else. Standard stuff. Then she got a bite…
Like many of you, we are gearing up for a heavy online shopping period. We discussed it last night on the #DadsRT chat, actually. There was quite a sidebar about how awesome Amazon Prime is (for a few of us) and how several of us didn’t care for holiday shopping in public anymore. At any rate, if you scour the net looking for the “best deal”, you are bound to find some unsavory or down-right shady deals mixed in. That’s basically what happened with my daughter.
The exchange started out fairly normal. The person in the email wanted to know how he could pay and that he was out of state. She told him PayPal would be fine, upon my advice. He replied stating that he would initiate the process. This didn’t sit well with her, so she said no, she would send him the invoice. Within about a half-hour, she received a genuine looking email from PayPal stating that there were pending funds on her account, where to end the iPad, and that she needed to send proof of shipment (a picture of the receipt) in a reply email before payment would be released to her.
None of this sounded or felt right. We’ve done quite a bit of buying and selling using PayPal and my wife did not remember ever having to send proof of shipment before. That’s when we noticed the reply email and started putting the pieces of the puzzle together.
Keep in mind this entire scenario took less than an hour from start to finish. These people are QUICK and DIRTY.
Signs of online scams and Phishing
We’ll start with the email exchange.
Hindsight being 20/20, this should have been the first warning sign. Shame on us for not recognizing it immediately. My daughter asked for $350 for the iPad in the Craigslist ad. Nothing was mentioned about shipping costs. He immediately offered her $400 and only said to send the iPad via express mail.
For one, she listed high and the iPad is not the newest version. Why would someone offer that much more to hurry up and close the deal? Obviously something was not on the up and up.
Two, there are several warning signs in one of the email threads:
- Note the generic email address with random numbers in the name (doesn’t look like a birthday, etc…)
- Note the simple grammar errors in the email.
Both of these are typical signs that the emails are coming from somewhere that is not primarily English speaking. Lots of scams come from outside of countries with strict email/online rules.
The fake company email, website, etc., aka – Phishing
Here is a screenshot of the “confirmation email” supposedly from PayPal:
There are several things wrong with this email. Albeit, it does, at first glance, look legit. Nice graphics, one genuine-looking email address, and somewhat official language.
Starting from top to bottom (in red) are some mistakes:
- Personal, named email address from an agent. Not all companies use named emails, it does not carry the “PayPal.com” domain suffix, and it is from another country. In this case, RU (Russia).
- The dollar amount is incorrectly formatted. $400:00?
- More grammar mistakes…
- Hyperlinks throughout that do not tell you where they are going. Every “Shipping” is linked/highlighted.
- This entire paragraph is full of incorrect grammar and it repeats itself.
Just to be sure, I called PayPal and spoke with an agent. He confirmed for me that any emails sent by them are through a system—all emails are addressed as “firstname.lastname@example.org” NOT from an individually named agent. (They don’t even get individually named emails.) In addition, they do not withhold payment while they await shipping confirmation. (With exception to ebay.com, which does something similar, but not quite this way.)
When in doubt, use customer service!
As any doubtful but social savvy person, I tweeted! Of course, emailing or calling customer service numbers when in doubt is a smart option. Better to be safe than sorry.
They obviously take these situations seriously. The link they provided is here: httpss://www.paypal.com/us/webapps/mpp/security/what-is-phishing?bn_r=o
There is a lot of great information from them on this type and many other Phishing and dangerous online scams. I highly recommend checking it out and learning as much as you can.
The bottom line is this—
Take your online safety seriously. Be cautious of things that don’t quite look or feel right, and know that there are people out there ready and willing to take you for as much of your hard-earned money as they can. Especially now during a typically high-spending time of year, these scammers are out in force. Don’t let them ruin your holiday or bank account!
I sincerely hope our potentially bad experience can help save you from making a similar mistake. If you have your own story or any other tips, please leave them in the comments. Let’s band together and help each other stay safer from these scams.
Special Thanks go to my daughter, who allowed me to use her information to help you all and giving me an impromptu opportunity to teach her and my youngest daughter a great lesson about this very real threat.
Note: This is not a sponsored post for PayPal, however, they did provide Phishing information for us to use on this article. Thanks, guys!