Wednesday 25 August 2010

Anatomy of a Paypal Scam

Over the course of the last few days I have been the target of a paypal scam. This was one involving a car I have for sale online. The gist of the scam is detailed here.

The first part that threw me was the perpetrator was claiming to be on a oil rig, having no phone access but working Internet access.

"thanks for mailing back,i am a petroleum engineer and i am on rig right now.i am buying this as a birthday gift for my dad,i've been trying to reach you but i discovered that our  phone is currently scrambled due to the bad weather please bear with me .I can only pay through paypal at the moment as i dont have access to my bank account online,but i have it attached to my paypal account and this is why i insisted on using paypal,i will like you to send me your paypal email so i can deposited the money."

I gather this was a ploy so that I could only contact him via the Internet and not speak to him in person. The mobile number he gave just rang out with no voicemail.

The next step was that the car had to go to Darwin which is a long way from where I am and that he couldn't pay for the pickup agent from his location.

He offered extra money above the price of the car to cover this if I could just wire the extra money to his pickup agent in the UK (never mind the issue of using a pickup agent in the UK to move a car in Australia).

The clincher came the next morning when a fake paypal email came saying money had been transferred into my account (it hadn't) but to release the total value I had to prove that I had sent the money to the pickup agent.

The email looked fake. Checking the headers (View Original in gmail) gives:

Received: by 10.216.15.8 with SMTP id e8mr41876wee.59.1282688603259; Tue, 24
 Aug 2010 15:23:23 -0700 (PDT)
Sender: mark.markspencer.spencer8@gmail.com
Received: by 10.216.170.140 with HTTP; Tue, 24 Aug 2010 15:23:23 -0700 (PDT)
Date: Wed, 25 Aug 2010 00:23:23 +0200
X-Google-Sender-Auth: ovZN1dj6pw_bFlMm7Z5wEsKi3LQ
Message-ID: 
Subject: ****Regarding Your Payment****
From: "service@paypal.com" 
 
 
If you have dealt with Paypal before you know that notifications for instant payments 
come from the person doing the payment, not from Paypal. I did a search for Mark Spencer 
and variations on that name appear with many scams. If they were smart it would be an 
alias but lets not presume too much here.
 
During my long conversation with the scammer (yes he wanted to chat too) it was 
evident that he didnt understand english that well and didn't get that he'd been
sprung. me: I should tell you I work in IT. This sounds too much like a scam to be anything but.
Jayceon: but?
 
I send the original email on to the advertising agency who confirmed it was definately a scam. I also 
forwarded the fake paypal emails to paypal so that they can investigate. I don't expect anything
to come from this but it was an interesting experience nonetheless.
  
I have a full chat log plus all the original emails if anyone is interested. 










Posted by



at



























Labels:


















2 comments:













Anonymous
said...






I've just had exactly the same scam attemt from

mark.markspencer.spencer8@gmail.com

and melissaclara73@gmail.com 

he/she tried to use pay pal and western union to get $950 out of me before they paid me for the car I have for sale on carsales.com.au








23 February 2011 at 08:41:00 GMT+11

















Ryan Ruckley
said...






Sad to say but it's to be expected in this day and age. All to easy to be anonymous on the Internet and try your story with little risk.








23 February 2011 at 09:18:00 GMT+11















Post a Comment













        

      









Subscribe to:
Post Comments (Atom)