It should be no surprise that auction site eBay is a target of fraudsters.
With an arsenal of virtual credit cards, identity theft and social engineering, fraudsters with the will and persistence have long battled the security teams working to protect eBay's millions of buyers and sellers.
But where other forms of online fraud have been dominated by Russian criminals, it is fraudsters operating from Romania that have caused the biggest headaches for the online auction mega site.
The Russians, said eBay Asia Pacific fraud investigations manager David Napper, considered eBay too small a target; they were busy emptying the big banks of the world.
The Romanians, however, along with criminals in Nigeria, had targeted eBay through ingeniously simple mechanisms to pinch dollars from Australian customers.
Speaking at SC Magazine's Security on the Move conference in Sydney, Napper identified four cross-border scams that had affected eBay, and noted it was "extremely dangerous for us to think that these scammers were not intelligent."
Copy and paste
To conduct this simple fraud, Nigerian scammers would copy an image of an item for sale on a web site and pasted it into a fake cut-price eBay sales listing.
The scammers would wait for a buyer and request that they email them ‘off list’ since eBay would quickly identify and remove the fraudulent sales item.
“They know we have predictive modelling,” Napper said. “They know we will find and capture that listing.”
The fraudster would justify the item closure by claiming that they were unfairly banned because they had failed to update account information. They then attempt to steal the buyer's personal details and bank information sent over email.
In a twist to the scam, fraudsters would host cut-rate goods like cars on marketplace sites and suggest that buyers conduct the transaction over eBay, assuring skeptical victims that they would be protected by eBay's $20,000 buyer insurance.
“Then they send out a spoofed eBay message with eBay's fake logo ... they even included [eBay’s] official live chat help link" which redirected to a phoney chat service hosted by the scammers.
Another more sophisticated eBay scam involved a redirect link that would trick victims into buying cheap items for large sums of money.
In one example, Romanian scammers had sent an Australian victim a link purporting to show a Winnebago for sale.
But when the victim had purchased the Winnebago, they had instead unknowingly bought a leather jacket from eBay Germany.
A Queensland Police cyber crime officer sent the link to Napper who revealed the surreptitious trickery behind the link.
“A police officer in the QLD Police computer crime squad called up [to investigate] the campervan,” Napper said. “They said ‘here’s the item number’; they followed the redirect and saw a campervan, but I saw nothing but a leather jacket listed by a German.”
But because the transactions were made off eBay, the auction giant could not make available to police what Napper says were sophisticated forensic tools.
“This is advanced fraud,” Napper said
This Nigerian scam begun with a legitimate sale. Fraudsters would buy products from eBay before sending the victim seller a fraudulent email purporting to be from a government import authority.
The email would claim the buyer failed to declare the imported product and demand a tariff or fine that could exceed $2000.
“An email supposedly comes from the Nigerian customs saying that the item carries a tariff and because it wasn’t forwarded with the necessary paperwork there is a fine payable via an instant payment method,” Napper said.
“People do fall for it.”
Fraudsters have also crafted variants that purported to come from Nigerian police that claimed digital items such as cameras were shipped with storage drives loaded with inappropriate content.
Napper said elderly and regional Australians were particular vulnerable to the latter scam because they were particularly trusting.
He cited two cases where a Swan Hill resident was fleeced and another of a woman in Perth who received a fraudulent email from the WA Government’s Scam Watch initiative to which she reported the scam earlier.
“She got an email three days later supposedly from Scam Watch saying that police have caught the Nigerian scammer and need $1000 to lock him up,” Napper said.
This old scam was formerly used by phone scammers and has been re-appropriated for sites like eBay.
Attackers used a compromised credit card to make transactions that required a refund, which once approved would be returned to another bank account.
In older iterations of the scam still in use, fraudsters would book a hotel room on a stolen credit card then request a partial refund to a different card.
“It’s the same on eBay. Someone bids for a $2000 computer, and sends $4000. They use a counterfeit or lost cheque, and tell the victim it was sent to the wrong person before asking for the $2000 refund,” Napper said.
Napper, a former NSW Police officer of 12 years with heritage in investigations and forensics, said the decision to chase down fraudsters was based on set criteria.
This included the cost and likelihood of successful prosecution, along with jurisdictional issues including whether victims must testify in person in certain courts such as those in Nigeria.
Laws also prevented Australia from cooperating on some levels with foreign prosecutions where the criminal could face the death penalty.