Username: rflagg - Classifieds Buyer Scam

[Meso 38]

The following scam has been reported:

Quote

On 1-Feb-2014 someone submitted their contact information in response to your ad in the Dropzone.com Classifieds. Please reply to this email to contact the person directly.

Username => rflagg

Name => Flagg Ray

FromEmail => rayflagg24@yahoo.com

City =>

Country =>

Comments => I am interested in buying your Airtec CYPRESS 2 – TANDEM – 2pin and would like to receive additional information about it, such as present condition, last asking price and pics if available, i will like to pay with PayPal. Here's my email-(rayflagg24@yahoo.com)

Regards.
Flagg Ray.

Click here to read more about these kind of scams.

Remember:

• DO NOT do business with anyone who offers to send you payment for a higher amount than your selling price with the understanding that you'll send back the balance.


• Be suspicious of anyone claiming to be acting on behalf of a "client" or another "customer".


• Be suspicious of anyone claiming to be from Nigeria or West Africa


• If you agree to accept a check payment, then do not send anything, gear or "change" before the check cleared. And be careful, if you manage to clear a fraudulent check then you may be liable for the damages if the bank finds out later. Make sure your bank authenticates the check.


• If it sounds to good to be true, then it probably is.

This username has been disabled.

[fl.flyguy 0]

He told me he worked on an oil platform and unable to access his bank account but able to create a PayPal account (LOL!). He was buying the gear as a surprise gift for his brother. He would send a special carrier to pick the gear up... (huh?).
Wish I would have kept the e-mail now that I know it was a scam.

[BKS60 0]

Email is on the post above but it won't help. This jackass sends the same crap to everyone who lists anything and changes his email address more than most change socks.

"You don't get many warnings in this sport before you get damaged"

[Birdguy 0]

Glad I decided to check his name, as I just recieved an e-mail from him! He claims the same things! I thought Paypal was a secure way to recieve payments for items?

Cheer's

[jsfirefighter88 0]

Paypal is secure. What they will do is receive your email and send you a FAKE email saying paypal has funded your account. CHECK YOUR PAYPAL at paypal.com do NOT click the link! I was trying to sell a car and someone fed me the whole they will pay for shipping and need my email. I gave them my email and thats what he sent. I thought it was fishy to begin with and was mainly just jerking him around. Be aware hope this helps!

[ianyapxw 0]

I'm new to this site and online purchases as well, so thanks for the explanation.

What exactly does the link do? Isn't the objective to cheat your money, not to get a virus to your computer?

[Meso 38]

Clicking links can be very dangerous, there's a number of ways that users can gather all your details through links. It would be fairly easy for them to clone a site like Paypal, and instead of where you enter your details into logging you in - it would then use PHP to write what you entered into a separate file. So you'd essentially be giving them your login details. That's just one of the ways in which they are able to use links to steal.

PS: Always be sure to check https and security certificates on sites where you're dealing with money. If the site isn't secure with a valid certificate, don't risk it.

[ianyapxw 0]

Thanks for the advice! (:

What's the deal with https, do you need special authorization to use https on your website, such that scammers can't use it themselves?

Also, who defines what a 'valid certificate' is?

[Meso 38]

My knowledge of HTTPS isn't the best, but as I understand it. HTTPS is basically a secure communication framework that ensures that packets are sent between the two individuals. It's possible to do "Man in the Middle" attacks where you can intercept a communication between two parties, receiving the packets of data intended for party A sent by party B, while making party A believe it was actually sent direction from party B.

Certificates are applied for, and who provides them will also provide how secure they are. Verisign for example is a well established issuer of certificates and if you are verified with Verisign a user will see a trustworthy and recognized name has confirmed you are who you say you are.

With that said, I don't think one has to worry too much about getting lured into man in the middle attacks and stuff by these scammers.

Primary your main concern will be making sure "paypal's" URLs provided by the scammer, should that happen - are actually paypal.com

[ianyapxw 0]

Thanks a lot for the explanation (:

[Birdguy 0]

Thank's for the Insite!
Cheer's