Another Scam?

[Quillan]

Recieved the following email.:

"I am interested in renting your room,i reside in uk(london).i actually want to rent the one bedroom apartment for my son who is coming over to  france,for summer .once he secures your place he would then come  .i would like to rent your place for a month and would like to have the last price you are willing to rent your place out for.am looking for a nice and decent place for my son to move into when he gets  to the state and am sure your place would suit my son perfectly,he is an easy going person who is very tolerant and clean and like to make new friends and he respect peoples privacy.i would like to know if the room is still available.i hope to hear from you as soon soon as possible.

Best regards
Paul Kings"

 

Well I think the grammer speaks for it's self. I have asked for a very large deposit and for it to be sent in Travellers cheques or PayPal. Not something I would normally do but thought I would play along. I know whats coming but I fancy a bit of sport. If you don't fancy playing the game just be careful if you get a email something like this it's a scam. They will send you the money then immediatly cancel under some reasonable exuse and ask for the money back. You send them a cheque and theirs bounces a few days later. If you get a cheque then don't answer any emails put the cheque in the bank and wait and see. I prefer to send a email saying we are on holiday and will return their email on return and make it look like an automated responce.

[Miki]

Yep, had that one several times and a few other "plays" on the same theme.

I also don't normally reply to the scams but for one the other day, I simply asked the chap to look out the window, where if looked along a bit, he would see the big tree that I was born up some years before. I then asked him to send cash for the booking, lots of it and then I would send him back the "amount paid over" in luncheon vouchers but sadly, he never took me up on my genuine offer, ah well.....

[mascamps.com]

Haven't had that one but one worrying aspect is that it's getting to be very, very hard to tell the genuine article from the scam these days.

For instance, we've had a number of quite genuine bookings with grammar just as iffy as in your example ie duff grammar doesn't necessarily make a scam.

We've also had that one a few weeks back which looked really genuine 'til paranoid ole me wouldn't give them bank account details to pay the deposit into. Actually, that's the one that's the most worrying I think as it had all the aspects of a "real" booking ie "proper" e-mail address, reasonable grammer, reasonable request, etc. I was still in two minds about it until they didn't reply to my e-mail offering alternative means of payment.

 

Arnold

 

[Miki]

Sorry Arnold but you are still pretty fresh at this business.

Scams are pretty easy to spot and sorry but since your last insistence that Iban was not safe we have done a further 20 plus Interbank transfers without so much as a murmur. On asking our bank manager, he insists most strongly that they cannot possibly pay out to anyone just because they have our bank details, in our case it is for payments in and by the way our Iban details are offered, that he says is strictly illegal in banking terms and is simply not possible, whoops off subject for a while !!.

Not sure why you cannot read through the lines and that this one in particular, stands out a mile as a normal run of the mill scam. Again sorry but if you can't see most scams then neither I or anyone else can explain how we know, you just know, it comes from either expereince or a knowledge of these things. Chris has not been in the gamne that long but he can spot them as easily as anyone.

If in doubt, then never let greed or desperation take the lead, ask questions and put the suspected scammer in no doubt, as to how YOU want to be paid, not how THEY wish to pay. That clears out most of the scammers.

[mascamps.com]

Miki,

I might be new to this business but I've quite a background in IT security and have probably come across more scams than the rest of you put together as a consequence of that. The scams from some years back were a doddle to spot. The more recent ones are getting better and better which is why a lot of people get taken in.

As regards the safety of giving out your IBAN number, I can only repeat that with LESS information than the IBAN contains I was able to withdraw money from people's accounts without authorisation so, despite what your bank told you, it is most definitely possible to do. Bank managers are not experts in this matter and would simply be repeating what their head office has told them to say.

Try asking him a different question: "Suppose someone faxed you a form containing my name, home address, sort code and account number authorising you to set up a standing order. In what percentage of such cases do you check the signature against your records?" In practice, the percentage is very, very close to zero.

As an experiment you could try responding to one of those Nigerian scams that everyone seems to get these days. At the very end of the scam they will normally request your bank account details to make the payment into your account. That's all the information that they are really looking for. OK, there are few people who would get taken in by this one these days (although presumably enough people to make it profitable) but it shows that the bank account details are sufficient to make withdrawals. The only type of account available to "normal people" that blocks withdrawals is a savings account; if you're a large scale enterprise you'll have a collection account which has the same protection (hence the various account details quoted on the websites mentioned in that thread).

 

I do take the point about taking the lead in the questions and specifying the method of payment. However, it is, of course, a lot safer not to even reply to them in the first place. My point is that it's really not that obvious for the new generation scams. Even now when I look at the text of the e-mail from the Antilles scam I see nothing that screams "scam" and the "christian organisation" one of a month or two earlier was only truly obvious when they wanted to send a cheque for 10,000€.

 

Arnold

 

[Miki]

As I said Arnold, you either know or you don't and I am even more surprised now, that you can't spot a scam, as you have seen more of them than all this forum put together !! So it is pretty strange how you don't have a nose" for spotting the even simpler scams that are tried on B&B, Gite owners.

If Iban deals etc are so easy to "fiddle" and account details so easy to find maybe you can tell me why one does not hear much about it or perhaps you can point us in the direction of a place on the net that can explain how the tea leaves do it to Iban Swift transactions please.

I ask my bank manager often(He lives in our commune) about many things in many ways and if he thought something was "iffy" he would tell me, have no fear about that.

I can tell you now, experience (or a nose, as well as growing experience in Quillans case)tells you what is a genuine enquiry and what is not. I suspect that like us, Ian through his experience, knows when an enquiry doesn't "smell" right, most French enquiries follow a similar or near exact pattern of some kind, any variation sticks out and to that extent, so do 99.9% of all enquiries from other countries. If you can't spot them now, ask again in a few years time, if you still can't spot them then, sell up and go back to IT where you say it was a doddle to spot them !!

Here's an obvious one from last week. A chap wants to hire our place for a client for 14 days for an AMERICAN client in B&B. Hands up anyone who has ever had a Yank stay that long in B&B ? Would it be easy to spot, well with experience one instantly knows it is total b*****s and secondly they told us how they would pay, how often does that ever happen from a genuine guest ?

[mascamps.com]

I'm not saying that I can't spot one. What I'm saying is that some of the latest ones are far from easy to distinguish from genuine enquiries. For instance we have within the last two months have had one booking that initially looked entirely like a scam (ie dodgey e-mail address, duff grammar, etc.) yet has turned out to be quite genuine and another that looked quite genuine (the Antilles one) but has turned out to be a scam.

I can tell you right here how to do it with an IBAN. Give me a UK IBAN number for one of your accounts and I can even demonstrate it to you (I'll return the money afterwards). I could do it for a French account too but would have to think a bit more about the forms etc. For a very simple thing here's all you need to do:

1. Extract the sort code and account number from the IBAN (you can look up the format of these on the net but in reality it's usually possible to pretty much read them if you are at all familiar with the structure of the sorting codes). If you give me the Swift code that will even tell me the bank directly without having to look it up.

2. From the sort code, look up the bank and/or branch address (a lot of banks use centralised processing so you don't always need the address of the specific branch); there are a number of places online that let you do this but it's not always necessary eg if a UK sort code starts with 40 then it's HSBC so you could use their HQ address.

3. You and the others on this forum, of course, make your name and address available to people. If you didn't, it would be much more difficult to move on to step 4 as the home address is normally required for the fraud. In some cases it's possible to look up addresses from a phone number and in rare cases you can even do this with an e-mail address (normally this can be done with all the people who use this forum because they're on everyone's webpage).

4a. OK, now I've got your name, address, sort code, account number and address of your bank. For our simple fraud, what I now do is to run up a standing order form to instruct your bank to pay me £10 a month, make some semblance of a signature and either post this to the bank or fax it to them (the fax numbers of the bank branches are fairly easy to look up via bt.com etc.).

4b. For a slightly larger scale fraud, what I do is to run up a fax instruction and fax it to your bank instructing them to transfer £1000 or whatever to my account. This variation has actually happened to one of the people on laymyhat and is causing them all kinds of bother.

Where I think your bank manager is probably correct is that I don't think that the IBAN can be used to make an international withdrawal. However, that's not necessary as it contains the sort code & account number required to make a withdrawal within the same country.

We've not had 2 weeks from an American here but we have had 1 week from a Canadian. We also had one American enquiry for 3 weeks to stay here which was quite genuine. I agree that none of those happen that often (in fact 3 weeks from an American would normally be impossible as they only get 2 weeks holiday time usually) but it does happen. So, is your example definitely in the scam category? In some cases, mainly business reservations, clients do tell us how they will pay because that's how business reservations operate (although in general the method they specify will be one of those that we normally accept anyway).

Before you give off to me about your American scam, I'm sure that you've other things that say "scam" about it. However, both things that you quoted don't necessarily say "scam" to me as I have had Americans staying close to that period and if it was a booking from a travel agent type person then, in my experience, some of them do actually specify how they'll pay (I used to work quite closely with our company travel agent and that's exactly what they did when contacting a small place).

 

Arnold

 

[Quillan]

You know some times I feel like giving up with this forum because every time I try to post something that might be helpful to others it develops in to some form of debate where people seem to try to out do one another as if to prove they are more intelligent or know more about things in France or the world for that matter than any other person here.

 

This posting is just one of a similar type of emails that get sent to B&B’s from time to time and if you have not seen this type of thing before you might fall for it so all I am trying to do is make people aware. After 3 years in this business I would like to think I have a little, ever so humble, knowledge and don’t mind passing useful information on to others, particularly on things I have learnt the hard way. Am I an expert in the subject of Chambres D’Hote? No I don’t think so, nor would I pretend to be but I feel I have a tiny bit more than people who are just starting out.

 

If you want to see other forms of scams you can visit http://www.scamorama.com which will tell you how to deal with ‘the lads from Lagos’, however I would hardly call this type of thing an IT security issue but then at the end of the day what does IT security have to do with this post?

[Miki]

Arnold....“I'm not saying that I can't spot one…..”

I am afraid you were Arnold, you have said several enquiries have had you worried, so you can’t spot them as yet. If you could you obviously would not be worried, simple eh !

A quick check with our bank manager and he says quite clearly, that from offering our Iban to a client would mean his bank would never pay out from it but only accept funds from someone.

Arnold .....“For our simple fraud, what I now do is to run up a standing order form to instruct your bank to pay me £10 a month, make some semblance of a signature and either post this to the bank or fax it to them (the fax numbers of the bank branches are fairly easy to look up via bt.com etc.).”

£10 a month you say so that is one off payment as surely anyone on here with any savvy would spot a standing order immediately but the problem you have is that my bank want me to fill in the mandate for any standing order, not some other person, just myself and/or my wife. We had enough problems convincing them that an ExPat telephone standing order was genuine enough !

Arnold....“4b. For a slightly larger scale fraud, what I do is to run up a fax instruction and fax it to your bank instructing them to transfer £1000 or whatever to my account. This variation has actually happened to one of the people on laymyhat and is causing them all kinds of bother”

This case is somewhat different and not the same and you know it, these folks could have got details from other means entirely and not from an Iban affair and as you state it is a “variation”

Arnold ".... Where I think your bank manager is probably correct is that I don't think that the IBAN can be used to make an international withdrawal. However, that's not necessary as it contains the sort code & account number required to make a withdrawal within the same country.

We've not had 2 weeks from an American here but we have had 1 week from a Canadian. We also had one American enquiry for 3 weeks to stay here which was quite genuine"

I possibly might have guessed that to suit your case an American and genuine at that, asked for 3 weeks in B&B, well welcome to the club of one. I can only hazard an experienced guess that for 99% of us with B&B’s, we are not in the right place to get any American stay in one of our B&B for 3 weeks, they barely stay more than a few days anywhere…if it’s Tuesday it must be Belgium etc…………………

Arnold .....“ I agree that none of those happen that often (in fact 3 weeks from an American would normally be impossible as they only get 2 weeks holiday time usually) but it does happen. So, is your example definitely in the scam category?”

Honestly....One hundred percent…..YES

Arnold..... “In some cases, mainly business reservations, clients do tell us how they will pay because that's how business reservations operate (although in general the method they specify will be one of those that we normally accept anyway). Before you give off to me about your American scam, I'm sure that you've other things that say "scam" about it. However, both things that you quoted don't necessarily say "scam" to me as I have had Americans staying close to that period and if it was a booking from a travel agent type person then, in my experience, some of them do actually specify how they'll pay (I used to work quite closely with our company travel agent and that's exactly what they did when contacting a small place).”

Yes we all know the obvious ones, we want to pay by Visa etc BUT for goodness sake Arnold, look a little further into what someone is saying….I am saying, they say “I will be paying by the Christian society and have been paid too much by my clients so can you rembourse etc etc” Not the ones that ask “Can I pay like thgis and it is a bog standard type of payment……………”

Arnold.....“The basic problem is that it's becoming more and more difficult to tell the fraudsters from the legit clients. When I posted a question about my Antilles "client" on 'thother board,(Meaning LF) a very experienced old hand was sure that it was legit but it now appears that it wasn't. It's that hard to pick up on fraud these days.” From Lay My Hat May 12th

I would be grateful Arnold if you could post facts on open forums and not fantasy, as I was no doubt the “very experienced old hand” in question, in no way did I ever say it was surely legit, so an apology is in order perhaps ?

I think that I am getting rather cynical lately, in that, the more you help some people along the way, the more it can simply be not worth the effort. I suspect I might be (or perhaps not) alone in thinking along those lines but hey !

Experience! not worth a t**s is it......Give me a Chinese whisper anyday along with a bar room knowall and one can rule the world, well France anyway.

[Boiling a frog]

Hello,

I am Engr. Frank Smith from the United Kingdom. i came across your cottage while searching for a very suitable place where me and my family could spend a very quite time together away from the very tidious enviroments of my occupation that keeps me away from my from my wife and my lovely kid.

So, i found a very special interest in your cottage and i believe it is most suitable for my vacation with my family, also at this point in time i would be most grateful if you could provide me with the necssary procedures involve to making reservations for the months of October through November. (Oct. 1st - 1st Nov.) i.e for the period of 4Weeks.

Also, i would like to know your mode of payment as to booking/making a reservation, so as well as your last price if negoiatable and your terms/conditions as well.

Thank you as i await your response to this email and do ensure to send your response to my private email (franksmith007us@yahoo.com), i can be reached at my private line +447040104449.

Regards,
Engr. Frank Smith
Anyone want this booking I am full

[mascamps.com]

Quillan: Sorry... you're right. It's just that I worry when people appear to be assuming that giving out IBANs is perfectly safe. I never even thought about it as being an issue until that Antilles scam arrived with me. Up 'til then I just assumed that everyone here would be taking deposits and payments generally via credit card, paypal/similar or cheque. When I found out after that that people were using IBAN/SWIFT as a relatively common means of accepting payments I felt that I should post the warning.

Miki: Your bank manager is wrong. I have personally used those details to deduct money from the accounts of several thousand people. That's how I know that it's possible to do it.

I quote the standing order only as an example of how simple it can be. Conceptually the fax transfer is similar to the standing order one in that all that's really required is your name, address, sort code and account (from the IBAN) plus "a" signature. I say they're similar because the information entered is pretty much the same.

I'm not making up our American for 3 weeks as you imply. It was a, quite famous, artist who called in enquiring last year hence the longer than normal stay for an American. I don't know how I can prove that to you but honestly it was a real enquiry.

Most of our Americans and Canadians are overnighters as you say. However, we have had one Canadian family here for 6 days, one American family for three and another for two. What I'm getting at is that just because an American (or indeed anyone) asks to stay for a seemingly unusually long period isn't necessarily a reason to consider it a scam.

Apologies once again Miki re paraphrasing you incorrectly. It was just that the implication that there was no downside to handing out IBAN/SWIFT details that was like a red rag to a bull. That time that I did the transfers caused me so much hassle afterwards that it sticks in my memory and has had me very wary of handing out bank details ever since.

>I think that I am getting rather cynical lately, in that, the more you help some people along the way, the more it can simply be not worth the effort. I suspect I might be (or perhaps not) alone in thinking along those lines but hey !

We're singing from the same hymnsheet here.

 

Arnold

 

[Russethouse]

Arnold, I too have received IBAN SWIFT transfers, in fact we do so on a regular basis, this is how our main clients pay us.(not in the hospitality industry at all) If it is so unsafe why is recommended so freely by the banking fraternity for business use ?

[Quillan]

Here is another that came today and if you recieve such a email and yo are a member of any of these banks DO NOT ANSWER THIS EMAIL IT IS A SCAM. If you have any doubts then go to your branch and speak to them direct DO NOT CLICK ON ANY OF THESE LINKS. Sorry about the format I just cut and pasted it but you should get the general idea.

Dear Societe Generale/ BNP Paribas/ CIC Banque/ Banque CCF Member,

This email was sent by your Bank server to verify your e-mail address. You must complete this process by clicking on the link below and entering in the small window your Societe Generale/ BNP Paribas/ CIC Banque/ Banque CCF online access details. This is done for your protection - because some of our members no longer have access to their email addresses and we must verify it. To verify your e-mail address, click on the link below:

If you have Societe Generale account:	http://www.societegenerale.fr/8Hnr53AM18cLCaw1ZvL0l50g9tqvrgg0i
If you have BNP Paribas account:	http://www.bnpparibas.com/T8rVDjilxwTaAweHXJNFWX0eZ97fz83u94vm
If you have CIC Banque account:	http://www.cic.fr/cRgOf4cRy9k449B7eknDQD9W5cRSPvEIphmj34p6z
If you have Banque CCF account:	http://www.ccf.fr/o35gu7aSq6xT3lEKbUUh38yqG6JPS3Fof77v8d23caox

 

[mascamps.com]

Gay,

It is a safe method of transfer for businesses. The problem is that the people using this forum are mainly (perhaps all) using "normal" bank accounts to receive the transfers.

What a business (and I mean a fairly large outfit, not us tiddlers) does is that they have a separate account to receive payments made to them. They create this as a collection account and on such accounts they have (or should have) specifically barred what is commonly referred to as a direct debit and also such things as fax transfers (except to a specifically pre-authorised account (or accounts) ie to their main bank account). This is why you cannot, for example, take your latest council tax bill, type up a fax transfer quoting the council's bank sort code and account number and then expect the money to arrive in your own account.

For us tiddlers the simple way to get the advantages of having the protection that you get with a collection account is to use a savings account because they don't allow the direct debits. From the above, you'll know that it's best not to authorise your bank to do fax transfers. If you use an account like this for receiving payments you should have the same protection that big business has when they receive payments.

I know it sounds crazy but, despite what most banks will tell you, all that's usually required to initiate a fax transfer from your account is your name, address, sort code and account number (or IBAN which, of course, contains your sort code and account number). Yes, you need a signature as well but the banks only check a small percentage of signatures so that's not a great problem.

 

Arnold

 

[Russethouse]

Just to clarify, for those who might need to know who are in hospitality :

So would it be work if members wanting to use IBAN / SWIFT as a way of receiving payment, used a separate account which they kept 'swept' of funds on a regular basis? ( Easy enough to do with internet banking I would think)

[Paolo]

"So would it be work if members wanting to use IBAN / SWIFT as a way of receiving payment, used a separate account which they kept 'swept' of funds on a regular basis? ( Easy enough to do with internet banking I would think)"

That seems to me to be the most prudent thing to do. If you couple that with making it a savings account it should be even safer, from what Arnold says.

I did not believe either that it was possible to withdraw money from people's accounts with just IBAN-type information, but there is a lady posting on the laymyhat forum who had 10,000 euros nicked from her account. Someone called the bank pretending to be her husband to notify them, then sent a fax, and that was that. The bank won't accept responsibility because they say the account-holders withdrew the money, and the case is going to court. It is a major French bank.

Incidentally Quillan, I am not an expert here, but assuming those links you posted are to fake sites, search engines do penalise you for linking to 'bad neighbourhoods', so you might prefer to de-activate them.

Paolo

[mascamps.com]

A separate account is certainly a better move. However, to eliminate the possibility of someone using the details to make a withdrawal it needs to be a savings account. By "savings account" I mean an account which does not offer the ability to set up direct debits or standing orders (some savings accounts let you do that). You shouldn't need to sweep out the contents of this account but it certainly wouldn't do any harm if you did.

For even more safety I would open the savings account in a bank that you don't use for anything else. The reason for this is that some banks link the number of your savings account and current account ie handing out the savings account number could be equivalent of handing out the current account number. I don't think that the current crop of scam originators are sophisticated enough to know that but, particularly if we all move to just quoting savings account numbers, they will surely research such things in due course.

It's, of course, very important to ensure that you never give your bank authorisation to do fax transfers as. Starting afresh with a brand new bank makes it easier to do that as you may well have signed a fax authorisation form to your existing bank years ago and forgotten about it. On a more general point, I suspect that it's best to write to your bank and cancel the authorisation for them to accept fax requests, especially if you can do your transactions online.

Incidently, this is all completely separate from people taking money from your account by hacking into your account online. That's basically not possible unless you pick "obvious" passwords etc. (eg don't use your husbands/wifes/cats/dogs/children's names).

I can fully understand that people find it unbelieveable that just having someone's IBAN is enough to be able to withdraw money from their account. In my experience the front line bank staff have been so indoctrinated to believe that there are some "magical" security measures in place that they just can't conceive of any way that anyone could possibly make a withdrawal that way. Yet, at the trivial level, if you just look at the information on a standard direct debit form the only real security measure is your signature and even that is rarely checked. Well, that's not quite true as the other security measures are that your name & address are on the form but, in the case of B&B/gite owners, we publish our names & addresses.

As Paolo's poster has unfortunately found, this indoctrination makes it something of a nightmare trying to correct any problems that do arise.

 

Arnold

 

[Coco]

[quote]Yep, had that one several times and a few other "plays" on the same theme.I also don't normally reply to the scams but for one the other day, I simply asked the chap to look out the window, where if l...[/quote]

Got that one myself this morning, and as Miki says, I normally don't respond or I just send a one liner saying thank you for your enquiry, I have forwarded your request to the fraud squad.  But today I decided to tell this man that in order to be a good con artist he needs to keep at least one step ahead of those he is trying to defraud but that unfortunately I had be warned quite some time ago that I could expect to receive such a request.  I then, very politely, told him to go and bounce his cheque somewhere else!  Very satisfying, I must say. 

I also copied it to the administrators of the host site that it came via.  Not that they can do much about it, but just to make them aware too.

[mascamps.com]

Just received the original mail that kicked off this thread so I don't feel left out now

I was "lucky" enough to have it come through a site which logs the IP address (209.159.170.202 in this case) of the originator of the message.

Putting this into http://psacake.com/web/eg.asp gives the origin as "PC DIRECTONPC". If you click on NET-209-159-170-0-1 from that you'll get all the info about the originator's internet connection. In this case he's in Lagos.

Bit technical for here, but if you get an IP address (the xxx.xxx.xxx.xxx bit) then you can follow the above paragraph to track them down. It also gives a technical contact e-mail and that's the one to mail to close down the scams.

I've dropped them a line already.

 

Arnold

 

[Coco]

The message I received had the same IP address Arnold but I didn't know how to trace it.  Well done!  We've received another this morning and my husband has literally said about ten minutes ago, "are this lot being generated from Nigeria" Well there you go, he has his proof.

The new one is as follows:

Additional Message/Request:

I am Mark Thomas of Springlife Agency London,i want to book reservation in your hotel for a christian summit that will hold from 1st - 20th of June 2005. Please get back to me if these dates are free and if you can accomodate us. I expect to hear from you soon. Kind Regards, Mark Thomas

Considering that the email address is from someone of a completely different name and he has asked for accommodation for 10 adults, and we clearly state in our ads that we can take a maximum of 4 adults and 4 kids, I think it's pretty obvious this is yet another scam!

[mascamps.com]

I received this one a few months ago:

I am Dr Steve Bluefield of Dx Agency London.I want to book reservation in your Bed and Breakfast for a seminar organised by a christian organisation,that will commence on the 10th and end on the 30th of May 2005.We need 5 double rooms that can sleep 10 guests.
Please get back to me if these dates are free and if you can accomodate us .I expect your urgent response.
Kind Regards,
Dr S. Bluefield

If you follow it up, they eventually say that they will send you a cheque for 10.000€ as full payment of the accommodation and that they want you to send a cheque from the overpayment to a car hire firm.

Incidently, aside from the fact that you're not big enough to accommodate these people, it's not quite so obvious that this is a scam from the first e-mail. We received a genuine booking which looked pretty much identical to this one, the only difference being that when you followed it up they only wanted to pay the actual cost of the accommodation. Usually I'd have expected this one to come from something like steve@christianorganisation.org but, in the case of our genuine booking, it also came from yahoo.com as the company making the booking wanted to conceal who they actually were.

 

Arnold

 

[Alan]

If I have an Ip address which I would like to check I use

http://www.geobytes.com ? It just gives you an idea of the country. We so far have been lucky and have only received one scam, but alarm bells started as soon as I had the enquiry, they used an yahoo .co.uk EMAIL address but i had no Ip

 

[winterbunny]

A lot of scams from Africa, particularly the Nigerian scam, come using yahoo so I'm always cautious.  Most of these posted so far are fairly obviously not koscher inquiries, it's not just the grammer but the style isn't quite right.  I'm tracing some from eastern Europe and Holland as well now.

With incoming emails I can click on details and get the IP address that way and can trace the IP of each and every visitor to my web site through my stat counter, also which directory, if any they have used to visit my site.  Some providers don't have fixed IP's so it's not always a useful exercise.

I report to my provider all scams I have received and to any directories I use that I can trace them coming through, then delete. 

If you do have one you're not sure about and go ahead with a booking, you can acknowledge receipt of any cheques received, bank it straight away and tell them that you will confirm the booking when your bank has finally cleared the cheque.  If they send a cheque for more than you've asked for, be suspicious, personally I send it back and ask for one in the correct amount.  I've learnt that inaction is a good delaying tactic, you don't have to rush and send your own cheque to them, just acknowledge it out of courtesy, sit tight and wait, if they are genuine they'll wait too.

At the end of the day, all you might lose is an odd genuine booking but this is worth it for peace of mind.

Buns

[mascamps.com]

We now know that a number of weeks after banking a cheque you could find that it was duff and therefore you shouldn't give a refund for thousands as a number of these scams ask you to do.

However, what about credit/debit card payments? Supposing that someone overpaid by a few thousand or whatever, are you OK in assuming that you have the money? I imagine that a scam type thing would be (hopefully) relatively obvious in the style etc. but perhaps not and in any case, what if they made a mistake in entering the amount (via paypal) or you did (via your TPE)?

It also struck me that even if they've paid you the money via a bank transfer, it's not entirely sure that it's in your bank because they could, in principle, reverse the transaction (unless you've quoted them a saving account). I'm guessing that a scam on that basis would be much less likely as they'd actually need the money in the first place to do the transfer. Also, there's a fairly short period of time for them to do the reversal (days, not weeks) so a bit of inaction would sort that out.

Easy to get paranoid, isn't it?

 

Arnold

 

[mascamps.com]

Just received another one:

PayPal.co.uk has recently made several important changes to our User Agreement and Privacy Policy. Please read the new User Agreement and Privacy Policy, because they contain important information about your PayPal account, your rights as a PayPal user, and the ways in which PayPal will use your personal information.

After you have reviewed the User Agreement and Privacy Policy below, please choose the "Yes" radio buttons and click Continue.

https://www.paypal.co.uk/cgi-bin/webscr?cmd=_login-run

The thing to watch with these, as with the bank ones Quillan quoted earlier, is that the text of the links looks fine but they actually go to somewhere completely different ie not the real paypal.co.uk site in this case. As with all these things, you should always type in the address yourself.

 

Arnold