I wasn’t scammed just once, but twice!

ESET Ireland talked to Waterford man who was scammed out of nearly €400 online.

“I sound really thick, don’t I? For getting caught twice. But it looked so routine…”

Christy from Waterford started telling us his story of being scammed online. “I use my tablet and phone every day to send and receive emails and use PayPal quite regularly to shop online. I would consider myself fairly streetwise when it comes to the Internet and would be very suspicious of scams. I depend heavily on my online activities such as paying for holidays, making purchases on eBay, buying certain stock for the business etc.”

So what went wrong this time? “This caught me off guard as it all looked so real and you tend to trust the big Names such as PayPal, Amazon, eBay etc. When I received the email in question I just acted quickly so I could restore my account with PayPal and continue as normal. It all looked so routine!” said Christy. ESET Ireland has regularly warned the Irish public of very realistic looking Bank of Ireland, Irish Revenue, DHL phishing scams as well as iTunes, Vodafone, LinkedIn and other major brand names being abused by cybercriminals.

“I received an email from what I thought was PayPal.”

2016-01-12 16.20.43
(click to enlarge)

“When I opened the emails and read the contents I followed the instructions to the log in section. It didn’t raise a red flag as it appeared identical to the PayPal site I am used to using,” continued Christy. “I again followed the instructions and entered my user name and password and this navigated me to the main PayPal home screen, again identical to PayPals own site. I then entered my card details and confirmed my status.”

The scammers are perfecting their methods of operation by building very convincing imitations of original websites. In the case of this PayPal scam, the site looks nearly exactly like the real thing, except for the address line which is not ‘https’ and is obviously different from the actual one.

(click to enlarge)
(click to enlarge)

The procedure for “confirming status” of a scam victim’s account then takes them through a series of questions where they have to enter all their personal and card details, starting with giving away their username and password. A simple test of the validity of a suspected fraud site would be entering a bogus username and password. If it still lets you in, it’s got to be fake.

The scam then proceeds to take you through several “steps” of “verification”, which include entering your address…

(click to enlarge)

…as well as your credit card details. Note that to appear additionally convincing, the fake website claims it’s got security certificates from VeriSign/Symantec.

(click to enlarge)

Then, when you have disclosed all the relevant and abusable personal info to the cybercriminals, they thank you and redirect you back to the genuine website.

(click to enlarge)
(click to enlarge)

“Later on that evening I received a call from my credit card fraud department and they asked me if I had paid a for a holiday with a Cuba travel operator.  It was for the amount of €340. I obviously had not and then he asked me if I had done so last December as well and again I did not,” Christy continued.“It was only then I realised what had happened as I told the guy in the fraud department that I had just updated my PayPal account. He asked me to go through my emails and to scrutinise the senders details.”

“When I did this it was clear that it was a scam.”

“When I looked back on my emails I noticed that I had received a similar email back at the start of December and I followed the instructions and they deducted a small amount,  something like €35 and I didn’t notice it on my credit card. In fact I would not have noticed the latest one either, only for the guy from the fraud squad rang me. I’m sure I would have noticed when my statement came through but that would have taken up to four weeks.”

And the question everyone’s asking, did any of his money get refunded?

“Both payments went through and I’m waiting to see if I get any news back regarding a refund. Fingers crossed.”

“Certainly a lesson learned.”

ESET Ireland recommends Irish computer users to be vigilant when receiving phishing emails, tagging them as spam and deleting them immediately, without replying or clicking any links they contain. If unsure of any content or if in doubt whether the content is legitimate, contact the company in question directly and ask. Also make sure your operating system and antivirus software are updated to the latest, to make possible infections less likely to occur.

7 tips to avoid phishing scams

  1. Know about phishing scams, warn your friends! Just knowing about the types of scams circulating, can help you avoid them.

  2. Your bank, PayPal, Amazon, etc. do not send mails asking you to verify your account!

  3. Do not click links in emails or open attachments if you’re not 100% sure of the source.

  4. If you have any doubts about an email, google some of its contents. Likely a scam warning will appear.

  5. Do not reply to such emails, even when you recognise phishing. Delete and mark them as spam.

  6. Check your bank‘s, PayPal‘s, eBay‘s and other firms’ Security Centres for security information.

  7. Keep your operating system and antivirus software updated, to prevent infections.

 by Urban Schrott, ESET Ireland




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s