Fraudsters seem to prefer small and valuable products, such as: watches, jewelry, laptops, ink cartridges, digital cameras, and camcorders. These items are usually commodities that are easily sellable and have a broad range of appeal. However, fraud in hosted marketplaces such as Ebay covers a broad range of products from cellular phones to desktop computers. The craft has continually evolved in sophistication. In some instances, a picture of the product is sent in place of the actual product. Other times, products are outright never sent after the bill is charged to credit card accounts. Victims are left to deal with credit card companies for chargebacks.
Some Fraudsters market intangibles such as software downloads or documentation. Pricing on such items is low in order to encourage a purchase perceived by the consumer as low risk (in accordance with low cost.) Software download scams are frequently targeted at high-population buying communities such as online gaming worlds. Wow stat hack is an example of one such scam.
Identity theft schemes
Stolen credit cards
Most Internet fraud is done through the use of stolen credit card information which is obtained in many ways, the simplest being copying information from retailers, either online or offline. There have been many cases of crackers obtaining huge quantities of credit card information from companies’ databases. There have been cases of employees of companies that deal with millions of customers in which they were selling the credit card information to criminals.
Despite the claims of the credit card industry and various merchants, using credit cards for online purchases can be insecure and carry a certain risk. Even so called “secure transactions” are not fully secure, since the information needs to be decrypted to plain text in order to process it. This is one of the points where credit card information is typically stolen.
Get wire transfer info
Some fraudsters approach merchants asking them for large quotes. After they quickly accept the merchant’s quote, they ask for wire transfer information to send payment. Immediately, they use online check issuing systems as Qchex that require nothing but a working email, to produce checks that they use to pay other merchants or simply send associates to cash them.
The most straightforward type of purchase scam is a buyer in another country approaching many merchants through spamming them and directly asking them if they can ship to them using credit cards to pay.
An example of such email is as follows:
From: XXXXXX XXXXXX [XXXXXXX@hotmail.com] Sent: Saturday, October 01, 2005 11:35 AM Subject: International order enquiry
Goodday Sales, This is XXXXXX XXXXXXX and I will like to place an order for some products in your store, But before I proceed with listing my requirements, I will like to know if you accept credit card and can ship internationally to Lagos, Nigeria. Could you get back to me with your website so as to forward you the list of my requirements as soon as possible. Regards, XXXXXX XXXXXX, XXXXXXXX Inc. 9999 XXXXX street, Mushin, Lagos 23401, Nigeria Telephone: 234-1-99999999, Fax: 234-1-9999999, Email: XXXXXXXXX@hotmail.com
Most likely, a few weeks or months after the merchant ships and charges the Nigerian credit card, he/she will be hit with a chargeback from the credit card processor and lose all the money.
Counterfeit Postal Money Orders
According to the FBI and postal inspectors, there has been a significant surge in the use of Counterfeit Postal Money Orders since October 2004. More than 3,700 counterfeit postal money orders (CPMOs) were intercepted by authorities from October to December of 2004, and according to the USPS, the “quality” of the counterfeits is so good that ordinary consumers can easily be fooled.
On March 9, 2005, the FDIC issued an alert  stating that it had learned that counterfeit U.S. Postal Money Orders had been presented for payment at financial institutions.
On April 26, 2005, Tom Zeller Jr. wrote an article in The New York Times regarding a surge in the quantity and quality of the forging of U.S. Postal Money Orders, and its use to commit online fraud. The article shows a picture of a man that had been corresponding with a woman in Nigeria through a dating site, and received several fake postal money orders after the woman asked him to buy a computer and mail it to her.
Who has received Counterfeit Postal Money Orders (CPMOs):
Small Internet retailers.
Individuals that have been contacted through email or chat rooms by fraudsters posing as prospective social interests or business partners, and convinced to help the fraudsters unknowingly.
Mostly from Nigeria
The penalty for making or using counterfeit postal money orders is up to ten years in jail and a US$25,000 fine.
Online automotive fraud
There are two basic schemes in online automotive fraud:
A fraudster posts a vehicle for sale on an online site, generally for luxury or sports cars advertised for thousands less than market value. The details of the vehicle, including photos and description, are typically lifted from sites such as eBay Motors and re-posted elsewhere. An interested buyer, hopeful for a bargain, emails the seller, who responds saying the car is still available but is located overseas. He then instructs the buyer to send a deposit via wire transfer to initiate the “shipping” process. The unwitting buyer wires the funds, and doesn’t discover until days or weeks later that they were scammed.
A fraudster feigns interest in an actual vehicle for sale on the Internet. The “buyer” explains that a client of his is interested in the car, but due to an earlier sale that fell through has a certified check for thousands more than the asking price and requests the seller to send the balance via wire transfer. If the seller agrees to the transaction, the buyer sends the certified check via express courier (typically from Nigeria). The seller takes the check to their bank, which makes the funds available immediately. Thinking the bank has cleared the check, the seller follows through on the transaction by wiring the balance to the buyer. Days later, the check bounces and the seller realizes they have been scammed. But the money has long since been picked up and is not recoverable.
In another type of fraud, a fraudster contacts the seller of an automobile, asking for the vehicle identification number, putatively to check the accident record of the vehicle. However, the supposed buyer actually uses the VIN to make fake papers for a stolen car that is then sold.
Cash the check system
In some cases, fraudsters approach merchants and ask for large orders: $50,000 to $200,000, and agree to pay via wire transfer in advance. After brief negotiation, the buyers gives an excuse about the impossibility of sending a bank wire transfer. The buyer then offers to send a check, stating that the merchant can wait for the check to clear before shipping any goods. The check received, however, is a counterfeit of a check from a medium to large U.S. company. If asked, the buyer will claim that the check is money owed from the large company. The merchant deposits the check and it clears, so the goods are sent. Only later, when the larger company notices the check, will the merchant’s account be debited.
In some cases, the fraudsters agree to the wire but ask the merchant for their bank’s address. The fraudsters send the counterfeited check directly to the merchant’s bank with a note asking to deposit it to the merchant’s account. Unsuspecting bank officers deposit the check, and then the fraudster contacts the merchant stating that they made a direct deposit into the merchant’s account.
Re-shipping scams trick individuals or small businesses into shipping goods to countries with weak legal systems. The goods are generally paid for with stolen or fake credit cards.
In the Nigerian version, the fraudsters have armies of people actively recruiting single women from western countries through chat & matchmaking sites. At some point, the criminal promises to marry the lady and come to their home country in the near future. Using some excuse the criminal asks permission of his “future wife” to ship some goods he is going to buy before he comes. As soon as the woman accepts the fraudster uses several credit cards to buy at different Internet sites simultaneously. In many cases the correct billing address of the cardholder is used, but the shipping address is the home of the unsuspecting “future wife”. Around the time when the packages arrive, the criminal invents an excuse for not coming and tells his “bride” that he urgently needs to pick up most or all the packages. Since the woman has not spent any money, she sees nothing wrong and agrees. Soon after, she receives a package delivery company package with pre-printed labels that she has agreed to apply to the boxes that she already has at home. The next day, all boxes are picked up by the package delivery company and shipped to the criminal’s real address (in Nigeria or elsewhere). After that day the unsuspecting victim stops receiving communications from the “future husband” because her usefulness is over. To make matters worse, in most cases the criminals were able to create accounts with the package deliverer, based on the woman’s name and address. So, a week or two later, the woman receives a huge freight bill from the shipping company which she is supposed to pay because the goods were shipped from her home. Unwittingly, the woman became the criminal re-shipper and helped him with his criminal actions.
East European version
This is a variant of the Nigerian Version, in which criminals recruit people through classified advertising. The criminals present themselves as a growing European company trying to establish a presence in the U.S. and agree to pay whatever the job applicant is looking to make, and more. The fraudsters explain to the unsuspecting victim that they will buy certain goods in the U.S. which need to be re-shipped to a final destination in Europe. When everything is agreed they start shipping goods to the re-shipper’s house. The rest is similar to the Nigerian Version. Sometimes, when the criminals send the labels to be applied to the boxes, they also include a fake cheque, as payment for the re-shipper’s services. By the time the cheque bounces unpaid, the boxes have been picked up already and all communication between fraudster and re-shipper has stopped.
This is a variant of the East European Version, in which criminals recruit people through spam. The criminals present themselves as a growing Chinese company trying to establish a presence in the U.S. or Europe and agree to pay an agent whatever the unsuspecting victim is looking to make, and more. Here is an example of a recruiting email:
Dear Sir/Madam, I am Mr. XXX XXX, managing XXXXXXXXXXX Corp. We are a company who deal on mechanical equipment, hardware and minerals, electrical products, Medical & Chemicals, light industrial products and office equipment, and export into the Canada/America and Europe. We are searching for representatives who can help us establish a medium of getting to our costumers in the Canada/America and Europe as well as making payments through you to us. Please if you are interested in transacting business with us we will be glad. Please contact us for more information. Subject to your satisfaction you will be given the opportunity to negotiate your mode of which we will pay for your services as our representative in Canada/America and Europe. Please if you are interested forward to us your phone number/fax and your full contact addresses. Thanks in advance. Mr. XXX XXX. Managing Director”
Call tag scam
The Merchant Risk Council reported that the “call tag” scam re-emerged over the 2005 holidays and several large merchants suffered losses. Under the scheme, criminals use stolen credit card information to purchase goods online for shipment to the legitimate cardholder. When the item is shipped and the criminal receives tracking information via email, he/she calls the cardholder and falsely identifies himself as the merchant that shipped the goods, saying that the product was mistakenly shipped and asking permission to pick it up upon receipt. The criminal then arranges the pickup issuing a “call tag” with a shipping company different from the one the original merchant used. The cardholder normally doesn’t notice that there is a second shipping company picking up the product, which in turn has no knowledge it is participating in a fraud scheme. The cardholder then notices a charge in his card and generates a chargeback to the unsuspecting merchant.
Business opportunity/”Work-at-Home” schemes
Fraudulent schemes often use the Internet to advertise purported business opportunities that will allow individuals to earn thousands of dollars a month in “work-at-home” ventures. These schemes typically require the individuals to pay anywhere from $35 to several hundred dollars or more, but fail to deliver the materials or information that would be needed to make the work-at-home opportunity a potentially viable business.
Often, after paying a registration fee, the applicant will be sent advice on how to place ads similar to the one that recruited him in order to recruit others, which is effectively a pyramid scheme.
Other types of work at home scams include home assembly kits. The applicant pays a fee for the kit, but after assembling and returning the item, it’s rejected as sub-standard, meaning the applicant is out of pocket for the materials. Similar scams include home-working directories, medical billing, data entry (data entry scam) at home or reading books for money.
The latest scam to hit the headlines is the multi-million dollar Clickfraud which occurs when advertising network affiliates force paid views or clicks to ads on their own websites via spyware, the affiliate is then paid a commission on the cost-per-click that was artificially generated. Affiliate programs such as Google’s Adsense capability pay high commissions that drive the generation of bogus clicks. With paid clicks costing as much as US$100[verification needed] and an online advertising industry worth more than US$10 billion, this form of Internet fraud is on the increase.
International modem dialing
Many consumers connect to the Internet using a modem calling a local telephone number. Some web sites, normally containing adult content, use international dialing to trick consumers into paying to view content on their web site. Often these sites purport to be free and advertise that no credit card is needed. They then prompt the user to download a “viewer” or “dialer” to allow them to view the content. Once the program is downloaded it disconnects the computer from the Internet and proceeds to dial an international long distance or premium rate number, charging anything up to US$7-8 per minute. An international block is recommended to prevent this, but in the U.S. and Canada, calls to the Caribbean (except Haiti) can be dialed with a “1” and a three-digit area code, so such numbers, as well as “10-10 dial-round” phone company prefixes, can circumvent an international block.
Another type of Click Fraud
This type of fraud involves a supposed internet marketing specialist presenting a prospective client with detailed graphs and charts that indicate that his web site receives (x) thousands of hits per month, emphasizing that if you pay for his services you will succeed in getting a number clicks converted to customers or clients.
When you receive no request for more information and no clients, the fraudster responds that it must be something you web site is not doing right.
Main article: Phishing
“Phishing” is the act of attempting to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business with a real need for such information in a seemingly official electronic notification or message (most often an email, or an instant message). It is a form of social engineering attack.
The term was coined in the mid 1990s by crackers attempting to steal AOL accounts. An attacker would pose as an AOL staff member and send an instant message to a potential victim. The message would ask the victim to reveal his or her password, for instance to “verify your account” or to “confirm billing information”. Once the victim gave over the password, the attacker could access the victim’s account and use it for criminal purposes, such as spamming.
Phishing has been widely used by fraudsters using spam messages masquerading as large banks (Citibank, Bank of America) or PayPal. These fraudsters can copy the code and graphics from legitimate websites and use them on their own sites to create a legitimate-looking scam web pages. They can also link to the graphics on the legitimate sites to use on their own scam site. These pages are so well done that most people cannot tell that they have navigated to a scam site. Fraudsters will also put the text of a link to a legitimate site in an e-mail but use the source code to links to own fake site. This can be revealed by using the “view source” feature in the e-mail application to look at the destination of the link or putting the cursor over the link and looking at the code in the status bar of the browser. Although many people don’t fall for it, the small percentage of people that do fall for it, multiplied by the sheer numbers of spam messages sent, presents the fraudster with a substantial incentive to keep doing it.
Anti-phishing technologies are now available.
Pharming is the exploitation of a vulnerability in the DNS server software that allows a hacker to acquire the domain name for a site, and to redirect that website’s traffic to another web site. DNS servers are the machines responsible for resolving internet names into their real addresses – the “signposts” of the internet.
If the web site receiving the traffic is a fake web site, such as a copy of a bank’s website, it can be used to “phish” or steal a computer user’s passwords, PIN or account number. Note that this is only possible when the original site was not SSL protected, or when the user is ignoring warnings about invalid server certificates.
For example, in January 2005, the domain name for a large New York ISP, Panix, was hijacked to a site in Australia. In 2004 a German teenager hijacked the eBay.de domain name.
Secure e-mail provider Hushmail was also caught by this attack on 24th of April 2005 when the attacker rang up the domain registrar and gained enough information to redirect users to a defaced webpage.
In some cases Internet Fraud schemes originate in the US and European countries, but a significant proportion seems to come from Africa, particularly Nigeria and Ghana, and sometimes from Egypt. Some originate in Eastern Europe, China. For some reason, many fraudulent orders seem to originate from Belgium, from Amsterdam in the Netherlands, from Norway, and from Malmö in Sweden.