Online scammers are resourceful people who take advantage of people’s gullibility and lack of knowledge about Internet dynamics, but once in a while they happen to stumble upon users who will know who they are dealing with and are willing to play along and lead them on a merry chase.
Trend Micro researcher David Sancho is one of those. Admittedly, it’s his job to do so, but it is nevertheless very nice to see an intended victim waste the spammers’ time.
He caught the fraudster’s attention by putting up an advertisement on Facebook Marketplace, in which he professes his intention of selling his car. A few hours pass, and he is contacted by a woman named Caroline McMillan. She asks for further details, agrees on the price without even seeing the car and says she will be paying through PayPal.
Immediately, Sancho gets suspicious – why would anyone buy a car without seeing it first? And paying through PayPal? He does a quick online search, finds accounts of similar scams that convince him that he’s talking to a scammer, and decides to have some fun and discover all he can about it.
He sends his PayPal address for the payment to be effectuated, and right away the scammer tips her (or his?) hand: she can’t pay because she has to wire money to the collection agency to have the car picked up and says they don’t accept credit cards, and asks Sancho help by transferring 750 euros via Western Union.
He, of course, refuses to part with any money until he gets the originally asked sum on his PayPal account, and he says so to the fraudster, who agrees to make the payment immediately.
Shortly after, Sancho gets two emails: one is purportedly from PayPal, and the other from an A. Williams, of “the PayPal Team”. “Williams” says that the funds are in Sancho’s account, and that they are waiting from his Western Union transaction confirmation in order to free up the money sent to him by “Caroline”. Both emails are so poorly written that it’s obvious they aren’t legitimate.
The researcher says to the scammer: “I haven’t received the money in my account yet. I’ll notify you when I do.” She replies by reiterating that he must sent the money through Western Union. “Kindly read the mail sent to you very well,” she says, obviously referring to the fake PayPal email.
But Sancho has had enough. Knowing that he found out as much as he could in the circumstances, he decides to finish his correspondence with one last message containing a bit.ly link to a website that details this particular kind of scam. Shortly after, he checks the statistics for the link: a single hit from Nigeria, the world-famous haven for online scammers.