So what do you do if you get scammed?

[DannyQ86]

Damn that sucks man, over the years I've learned sometimes it's better to just buy new instead of saving the 50-100 bucks. At least then you don't have to worry about shit like this. Hopefully it all works out for you man.

[fumanchu1]

Quote:

Originally Posted by Webster10

The users name is AlexJamesFrs and I am not sure how he was able to get a hold of my credit card information either. All of the information I provided him was my email, then I entered his email into paypal. His email and my address was all of the information that was exchanged. And I'm positive that this guy is the one committing fraud on my card. He claimed he was in South Carolina, but after looking up the area code of his phone #, he lives in CA right near where the extra automotive shop charge was made.

Sent from my SAMSUNG-SM-G925A using Tapatalk

There is almost no way he can have accessed your paypal/card info unless you gave it to him directly or indirectly. did you by any chance follow a link he had sent you to make the payment? Is the paypal page you paid from legit (maybe received an emailed invoice stating it was paypal but did it actually lead you to paypal.com or another site) Is your password easily guessed (like if you are named john and your password is john123 or something like baseball). I used to work in credit card fraud so I know how this goes.


Several things are possible:
Before I even begin did you recently use your card for anything like automotive services or parts (a lot of times a shop may not have the same banking name as their actual shop name)


(btw is the credit card from your paypal account the same one that got defrauded with the car shop payment)


1. you have non secure passwords that are very commonly used/guessed (baseball, 1234, etc.) or you provided him your information either knowingly or unknowingly (using link he provided to make payment, hinting at your possible password).
2. you provided him the card number directly and also gave him the expiry date and security code on the back(hope you didn't actually do that)
3. Coincidentally you happen to have your card cloned and defrauded at the same time that this happened with the guy (did you shop for anything on Black Friday, store often get hacked on big holidays and credit card numbers are stolen in bulk (Winners/Homesense; Target, WM, etc.)


In any case, I would recommend you contact both paypal and your credit card company they will be able to track how the payment was made(whether was made through internet or in store with the actual card present). If you really think someone may have a lot of your personal information, I also recommend contacting your credit bureau to ensure that no changes to your personal info has been made or any new credit cards fraudulently opened.


here is just one of the many examples of fake email invoices (this one is a terrible one but some look very legit):

[Sarlacc]

Quote:

Originally Posted by fumanchu1

(btw is the credit card from your paypal account the same one that got defrauded with the car shop payment)

The fake PayPal invoice scam you describe so well is very interesting.
There has been several "man in the middle" scams in the news over here in the last few years, but this I haven't heard of before.
Thanks :-)

However, I just logged into my PayPal account and tried to find a way to see the Mastercard details I have in there. I could only see the last 4 digits.
Which is how it should be, it means that even if someone gets hold of my password, they won't be able to get my credit card details.

And I guess it means that's not what happened here, either?

[gtslow]

I think people tend to jump conclusions when dealing with personal sellers on forums. I blame it on Amazon prime where everyone expects everything within 2-3 days.

A few issues I've seen with paypal are:
1. Buyers send business transactions as personal to avoid fees. (no buyer protection)
2. Sellers add paypal fees onto the sale (against paypal terms and service)
3. No one gives the seller a reasonable amount of time to send parts or has expectations set. If I sell something, I go to USPS/UPS asap then provide tracking. After that I'm done.
4. On the flip side to #3, sellers sometimes procrastinate shipping the items. If you don't have time to go to the post office, you shouldn't be selling parts out of state.
5. Because of the above and I value my time, I pretty much won't sell anything on forums that require shipping.

[Cedars]

Oh youre on the third page? Heres another.

http://www.ft86club.com/forums/attac...1&d=1449170506

[fumanchu1]

Quote:

Originally Posted by Sarlacc

The fake PayPal invoice scam you describe so well is very interesting.
There has been several "man in the middle" scams in the news over here in the last few years, but this I haven't heard of before.
Thanks :-)

However, I just logged into my PayPal account and tried to find a way to see the Mastercard details I have in there. I could only see the last 4 digits.
Which is how it should be, it means that even if someone gets hold of my password, they won't be able to get my credit card details.

And I guess it means that's not what happened here, either?

Yes but if it was a fake invoice with a fake link it's possible that the link itself contained a tracker which will decode and store all information sent from that link (in this case that would be the Op's username, password, cc number and all other cc information needed to be sent to merchant by paypal. That would give him all the information he needs to make purchases.


Contacting his credit card company would be best at this time as they will be able to get more info on the transaction such as if it was paid through internet or in person with an actual card present (if it is the latter then OP had his card cloned from a store purchase most likely)

[fumanchu1]

believe me Sarlacc, fraudster (the good ones) are much more fast, smart and creative than most people think (there is a new scam coming up all the time, hell I haven,t worked in credit card fraud for about 1 year and probably a whole lot of new scamming/fraud techniques that I am currently unaware of.

[Sarlacc]

Quote:

Originally Posted by fumanchu1

believe me Sarlacc, fraudster (the good ones) are much more fast, smart and creative than most people think (there is a new scam coming up all the time, hell I haven,t worked in credit card fraud for about 1 year and probably a whole lot of new scamming/fraud techniques that I am currently unaware of.

I know. I've worked with eCommerce and online payment technology since the 1990's.
And you're absolutely right. The people trying to exploit technology are just as smart as those making the technology.

Quote:

Originally Posted by fumanchu1

... username, password, cc number and all other cc information needed to be sent to merchant by paypal. That would give him all the information he needs to make purchases.

Fortunately, that's not quite how it works. PayPal never sends any of that to a merchant.
A "man in the middle" website will steal username, password and anything else it asks for and you chose to submit.
If it's a PayPal scam site, the fraudster will be able to do stuff with your PayPal account, but not with your credit card directly.
The distinction is important here because OP claims his credit card information has been stolen.
So there's either important parts of this story that is missing completely, or something have been misrepresented.
Which is a serious matter since a member has been accused of fraud.

[fumanchu1]

I agree hence why I'm trying to figure out what could have happened.


Also even though paypal do not send the information to the merchant(wasn't sure on that so figured better safe than sorry with the way I addressed it), that information is still linked to the account (and present) and could hypothetically be accessed through a sniffer or skillfull hacking (it may or may not entail accessing paypal's user database which while hard to do without getting caught is not impossible in the least).


My best guess is user got his card compromised through some other means and its coincidentally timed with the other possible fraud. From a fraud standpoint though, if his info was not compromised from his paypal account (sniffer, etc.) then there is no possibility that the two are related, unless the OP's personal info was compromised some other way (have you recently had you credit card company or anyother company call and ask for some of your information; they normally will go with the someone tried to access your account or we need to update certain information). (unfortunately I'm only really considered to possess expertise on the card company side, merchant side I know a lot but obviously not all as I wasn't sure whether paypal even sent the info to the merchant or not)

[Sarlacc]

Occam's Razor.
Something is fishy and it's not super-hackers in the databases.
Don't hang the accused just yet, the testimony does not add up.

[KR-S]

Quote:

Originally Posted by fumanchu1

There is almost no way he can have accessed your paypal/card info unless you gave it to him directly or indirectly. did you by any chance follow a link he had sent you to make the payment? Is the paypal page you paid from legit (maybe received an emailed invoice stating it was paypal but did it actually lead you to paypal.com or another site) Is your password easily guessed (like if you are named john and your password is john123 or something like baseball). I used to work in credit card fraud so I know how this goes.


Several things are possible:
Before I even begin did you recently use your card for anything like automotive services or parts (a lot of times a shop may not have the same banking name as their actual shop name)


(btw is the credit card from your paypal account the same one that got defrauded with the car shop payment)


1. you have non secure passwords that are very commonly used/guessed (baseball, 1234, etc.) or you provided him your information either knowingly or unknowingly (using link he provided to make payment, hinting at your possible password).
2. you provided him the card number directly and also gave him the expiry date and security code on the back(hope you didn't actually do that)
3. Coincidentally you happen to have your card cloned and defrauded at the same time that this happened with the guy (did you shop for anything on Black Friday, store often get hacked on big holidays and credit card numbers are stolen in bulk (Winners/Homesense; Target, WM, etc.)


In any case, I would recommend you contact both paypal and your credit card company they will be able to track how the payment was made(whether was made through internet or in store with the actual card present). If you really think someone may have a lot of your personal information, I also recommend contacting your credit bureau to ensure that no changes to your personal info has been made or any new credit cards fraudulently opened.


here is just one of the many examples of fake email invoices (this one is a terrible one but some look very legit):

This, this, and so much this! E-mails can be made to look very legit and may sometimes bring up a non-existent issue that you may have. Even some go as far as to target a specific individual.

The best practice to go about this is to instead type in the official URL of a website instead of clicking on the link in the e-mail. If you must, however, at least pay attention to the bottom-left corner of the screen to see the true URL.

Phishing scams are a big issue with e-mails, as well as ransomware, which is getting even more dangerous now that crooks are getting wise on how people bypass the ransomware now.

[Tcoat]

Quote:

Originally Posted by Sarlacc

Occam's Razor.
Something is fishy and it's not super-hackers in the databases.
Don't hang the accused just yet, the testimony does not add up.

Let's add another wrinkle. @AlexJamesFRS has zero posts yet Webster is his friend.
He joined Nov 19 and his last activity was Dec 1 at 6:34 pm.


http://www.ft86club.com/forums/member.php?u=128796

@Aenv is also Alex's friend so maybe he also had dealings with Alex?


None of this adds up. If Alex was scamming he isn't very good at it since he supposedly attached his phone number to the transaction and placed him "near" the shop with the credit card charge. Also seems a bit odd that the supposed credit card charge is the exact same amount that OP says he paid for the OFT.
I could be way off base but this whole situation is setting off alarm bells like crazy and so far I have read nothing that stands up to scrutiny.

[fumanchu1]

I agree with you tcoat that's why I never mentioned the person he had dealings with since with the info we have it doesn't make any sense that the seller would have been able to gain access to OP's credit card information. My guess is OP had his information (credit card) compromised through some other means and is just being impatient about his order (especially considering it was Thanksgiving Week last week so the whole US of A was pretty much at a standstill)

[fumanchu1]

@AlexJamesFRS wanna jump in and maybe clarify what happened?

@Webster10 did you get any info about your package yet or any responses from seller?
Did you call your credit card company and figure out how the fraud was done (internet or in person)