Profile of an eBay Scammer

prostoalex writes "FastCompany is running an article about Jay Nelson, whose primary income source for about 5 years included selling goods on eBay. Considering that he chose to skip the delivery, the profit margins were at an all time high. Under the names of biggerthanu, harddrives4sale, diamondsoft, yoshiinc and susancutey Nelson would collect five-digit PayPal payments from the buyers on eBay and Yahoo Auctions."

Re:Theft or no...

[theNote]

You obviously didn't bother to read the article.

It goes in depth on how he rated himself with multiple screen names and used various other techniques like buying inexpensive items from others with fake mailing addresses.

I love the image of the postal inspectors carrying guns. Reminds me of the accounting division of the FBI that walks into the accountants office strapped with a piece.

Re:eBay is a joke

When I worked for an, um, "major online auction house" there was no call center, so there wouldn't be anyone to take your calls there at all. The resources just didn't exist in the company.

Everything was done by email and like most "customer service" and "technical support" these days, they have to send you canned responses several times before you'll get special attention paid to your case. Employees were rated on the number of email responses they sent every hour, not on the level of service they provided, so unless someone's problem is desperately easy (and thus quick) or someone is very angry, you won't get a personalized answer because it can affect paychecks for them to take the time to discuss things in detail with you.

Of interest: all contacts claiming to be official notice from customers' attorneys or official contacts from law enforcement personnel had to be instantly escalated and treated individually. Do with that tidbit what you will...

Hardly the only eBay scam out there...

[wahmuk]

I just got an email last night, of the type where it appears to be from eBay (it's not) and it's asking for you to verify some information. The URL in the body appears to be a valid eBay address. And although the email appears to be plain text, it's actually HTML and the "valid eBay address" actually takes you to a non-eBay and non-secure IP address where you're presented with a poorly-worded form asking for name, address, passwords, PayPal username, password, credit card numbers, etc...

All other links on the page go to the valid eBay "help" and "contacts" pages. It looks really official, except for the non-professional grammar.

I wonder how many people fall for this type of scam every day?

It wasn't even sent to the special email address that I use exclusively for my eBay account (my first clue, woohoo!).

And yes, I've already reported it to eBay...

Wot sez we demonstrate the SlashDot Effect(TM) for the thieving bastard?

Here ya go:
http://cgi1.ebay.com/aw-cgi/ebayISAPI.dll?UPdate

Re:Hardly the only eBay scam out there...

[Permission+Denied]

This paragraph is crap for the lameness filter (apparently, you have to insert crap at the beginning, not end, of your post if you want to post a program listing or command-line session). Skip to the next paragraph. This paragraph is crap for the lameness filter (apparently, you have to insert crap at the beginning, not end, of your post if you want to post a program listing or command-line session). Skip to the next paragraph. This paragraph is crap for the lameness filter (apparently, you have to insert crap at the beginning, not end, of your post if you want to post a program listing or command-line session). Skip to the next paragraph. This paragraph is crap for the lameness filter (apparently, you have to insert crap at the beginning, not end, of your post if you want to post a program listing or command-line session). Skip to the next paragraph.

You generally have to provide a real phone number or something identifiable to get a recognized SSL cert, so this is always worth a try:

kalashnikov% openssl s_client -showcerts -connect sorc3r3r.org:443
CONNECTED(00000003)
depth=0 /C=US/ST=CA/L=Mt Shasta/O=Finest Planet/OU=Service/CN=www.finestplanet.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=US/ST=CA/L=Mt Shasta/O=Finest Planet/OU=Service/CN=www.finestplanet.com
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=US/ST=CA/L=Mt Shasta/O=Finest Planet/OU=Service/CN=www.finestplanet.com
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:/C=US/ST=CA/L=Mt Shasta/O=Finest Planet/OU=Service/CN=www.finestplanet.com
i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
-----BEGIN CERTIFICATE-----
[snipped for lameness filter]
-----END CERTIFICATE-----
---
Server certificate
subject=/C=US/ST=CA/L=Mt Shasta/O=Finest Planet/OU=Service/CN=www.finestplanet.com
issuer= /C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
No client certificate CA names sent
---
SSL handshake has read 1317 bytes and written 320 bytes
---
New, TLSv1/SSLv3, Cipher is EDH-RSA-DES-CBC3-SHA
Server public key is 1024 bit
SSL-Session:
Protocol : TLSv1
Cipher : EDH-RSA-DES-CBC3-SHA
Session-ID: AE5A02407FE137D27EDEA6C315B87DC83C4E9D137D3C09E2DB 1D3A7B3698CF4C
Session-ID-ctx:
Master-Key: C0701DD1BA02110163248E2CD8B9016099002A0FD597317BB3 A3C83C872F1A2250A9CC1736C6B1846EAFDDD534285867
&n bsp; Key-Arg : None
Start Time: 1061096037
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
HEAD / HTTP/1.0

HTTP/1.1 302 Found
Date: Sun, 17 Aug 2003 04:52:03 GMT
Server: Apache/1.3.20 Sun Cobalt (Unix) mod_ssl/2.8.4 OpenSSL/0.9.6b PHP/4.0.6 mod_auth_pam_external/0.1 FrontPage/4.0.4.3 mod_perl/1.25
Location: https://www.finestplanet.com/
Connection: close
Content-Type: text/html; charset=iso-8859-1

closed
kalashnikov%

You got this:

lake% host 216.98.146.249 249.146.98.216.IN-ADDR.ARPA domain name pointer 4t146249.aspadmin.net

See this:

kalashnikov% host www.finestplanet.com www.finestplanet.com has address 216.98.146.249

This is the same Cobalt machine you noted (perhaps a web farm). Looks like a mom-and-pop dialup ISP. Most likely some innocent third-party seeing as how this looks like a legit business. If it's not legit, you could contact Equifax to get real contact information. They have a number of contact numbers and email addresses on their page, so someone should contact them and point them to this thread because they'll be seeing lots of strange stuff in their logs.

My opinion: this guy registered an IP pointing to this machine. This IP is irrelevant

Re:Theft or no...

[Jhon]

One of the interesting things I found about the article was the listing of some of his "usernames". I checked my ebay transactions a while back and found I had one with one of his accounts. I had received a broken proxim wireless modem. I mean broken -- it rattled, the case was cracked etc.

I looked at his feedback and checked on some of his older positive feedback transactions and found that the pay-pal link was identical to the one I had purchased from. I sent a mail to THAT user saying basically "You are [BLANK] I know this because the paypal links on both user's auctions point to the same account. How about you either refund my money or send me a working item and I let this go".

He said he was the BROTHER... blah. I think the idea of getting reported scared him enough that he sent out a WORKING modem.

Moral of the story: If it's an item that's going to cost you more than what you can comfortably lose, check the old feedback for anything suspicious -- like identical paypal links, a lot of 1 or 0 feedback bidders (shills), and even how LONG the account has existed. One month? Two? A few years? The longer an account has been around with a decent amount of feedback are USUALLY good indicators.

everyone bitching about how ebay/paypal/etc sucks

[jbellis]

is apparently missing the single biggest change ebay made to prevent people like this guy from building up positive feedback:

they separated buying feedback from selling feedback. now to get +50 selling, you actually have to sell 50 items, not just buy a bunch of paperbacks and give a false address.

of course you can still get positive feedback selling cheap items but it'll take you a few days now instead of a few hours.

could ebay do more? probably. but at least they're not missing the obvious.

Ebay Scammers

[draed]

I got scammed out of $1,500 on ebay a couple months ago... I researched a bit on what my options where and filed complaints to paypal and ebay. Paypal found the seller guilty and was able to get me back a total of *50* dollars out of the $1,500.

It's amazing how difficult it is to get anything done about online fraud.

Anyways, in doing research, here is a very helpful site I found : http://members.ebay.com/aboutme/!turk

and don't ever order from these companies :
http://www.factory101.com/
http://www.my1stop2gaming.com/
http://www.masonavenue.com/

Re:ebay is full of scammers, $5 at a time

[Punk+Walrus]

Yeah! I have been fished for that on eBay, but never bit. For me it was always something to do with rare rock memorabilia and stuff (why? dunno...). I read about some guy who does this to get the maximum amount of money he can for multiple items. Here's how it goes:

1. Say you have 10 "rare posters" of Bob Dylan (or at least claim you do) at some concert in the 1970s. Put one for auction.
2. Top bid a few minutes before end is $100. Record all bids, get e-mails for all bids.
3. Have a buddy sniper bid on it for $1200, auction ends.
4. Wait one week. You know the most someone will pay for the posters by their high bids. Send e-mail to all bids, stating the top bidder backed out, and how mad you are, because you're a regular working Joe, etc, etc... To the first guy say, "I'll sell it to you for $90, $10 lower than your high bid, because I know this is outside eBay and all..." Hope he bites. The second highest bidder, do the same thing, with $10 off his bid, and so on down the line.
5. Now you can send them the posters, send them misrepresented crap, or send them nothing. The official eBay policy won't cover what goes on outside their realm.
6. You and your sniper buddy leave positive feedback for each other. Repeat.

Nice scam, mostly illegal, but again, if you nickel and dime a ton of people who are too embarrassed, too lazy, or just won't bother to complain, you'll get rich slowly (or not, I have no idea if this works for a long-term plan). This especially works for low-end items where you guess your clientele are not too bright or have enough resources or perseverance to complain, like emo/punk clothing, "Spring Break" videos, "How to Get Di$$$$counted $$$$oftware!" promotions, and so on.

I have heard, though, to never piss off Beanie Baby collectors... they can be mean and tenacious.

Re:Capitalism v. Free Market

[whorfin]

http://www.m-w.com says that the term goes back to 1877, but the first appearance in print of the word capitalism was in the novel The Newcomes, by William Makepeace Thackeray, 1854.

I thought the Communist Manifesto may have preceeded that, so I quickly scanned it, and there are several references to Capital, and Capitalists, but no "Capitalism"

This site backs that up, showing what appears to be entries from the OED (which is a paid site, so no linky) for it and a few more 'isms'

BTW, here is an interesting article on Capitalism. I doubt that it will change the minds of any true believers, but I'd encourage all to read it.

Wait a minute, who am I kidding? This is /.