Criminals are increasingly taking advantage of the spread of legitimate escrow websites that mediate between buyers and sellers to set up fake sites. Scammers generally pose as sellers on authentic auction websites, then direct buyers to a fake escrow service the seller controls. It’s a tale as old as time – the scammer takes the money and never delivers the goods.
A main concern in this scenario is that scammers can be quite convincing even to the informed and fraudulent-aware citizen, but then again that is precisely how they can make money. Great details go into how they come across as a legitimate site, even giving their “targets” a false warning by reminding them to protect themselves from credit card and payment fraud. A typical statement seeking to reassure their victims is that they never request banking details, but it actually makes no difference with escrow fraud.
Top 5 items scammers ‘ship’ to Neverland:
4. Items of special value
Other items ‘transported’ by escrow scammers include bank deposits, medical records and tissue samples.
Before making any payment online and using an escrow service to ‘secure’ the transaction, check WHOIS information for clues about the domain registration, hosting and online activity. Unlike real sites, more than 90 percent of the fake escrow websites are registered for just a year, and use e-mail addresses such as firstname.lastname@example.org to remain anonymous.
Another sign is that real escrow websites use secure server connections (SSLs) to protect customers, so “https://” should appear in the address browser. Fraudulent websites may even ‘borrow’ the logo of SSL verification services such as Verisign, so users should check if the site is listed by the authentication company.
UK global redirecting numbers that start with +4470 may also reveal the presence of a scam. Though the country code may look British, the 70 prefix means the phone call will be redirected to any country but the UK.
Users should also check if the contact address of the website is located in the same country as its phone number.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.