Dumb Online Fraudster Exposed

This week, one of subscribers, which we shall nickname Tim, sent us a rather interesting email about his close shave with falling prey to an online fraud scheme

Tim is based in Singapore, and was engaged in an online transaction through the popular online marketplace, Carousell. His account of what happened next makes for a pretty intriguing story, and is something Tim wants "the general public to be wary" and cognizant about. 

His close encounter with a "cleverly planned" fraud across multiple mediums shows just how far people will go just to rip others off. Thankfully, Tim's quick-wittedness saved him from loosing a beautiful timepiece to a shameless invertebrate who was apparently inept in even crafting an email.

With material evidence courtesy of Tim, we delightfully expose a dumb fraudster's attempt at daylight robbery. The sensitive details of all persons (excluding the fraudster's) have been concealed to protect their identities.

Prologue

 The full chat history between  Tim  and the fraudster by the account name of "american_puppet" spanning 28 May to 29 May. Private details have been blocked out intentionally.  Details provided by  Tim , compilation by Business Of Finance

The full chat history between Tim and the fraudster by the account name of "american_puppet" spanning 28 May to 29 May. Private details have been blocked out intentionally.

Details provided by Tim, compilation by Business Of Finance

Most of us reading this would have probably made an online purchase or sale before. In today's highly globalized world, a good portion of financial transactions occur online between buyers and sellers who have and will never meet each other in person. The advent of technology has only fastened the stranglehold e-commerce has on traditional brick and mortar businesses.

As with all things on Earth, there are downsides to every upside innovation brings. In the case of information technology, inter-connectivity brings with it the esoterica associated with instant gratification - a syndrome which most if not all of modern society has. 

That addictive feel-good sensation of being replied and being able to reply to instant messages, or receiving instant notifications on updates to our social media shenanigans, or the ability to share stuff with our friends with a few key strokes has led to the gravitation of human activity in cyberspace

More and more of our daily lives are now spent online. We make "friends" with people whom we may never meet because we still feel safe behind the anonymity our social avatars gives us. However, we sometimes unknowingly expose ourselves to the uncanny and treacherous nuances which can cause real and material detriment to ourselves and people around us.

Online marketplaces are one of such examples where countless cases of fraud occur each day. In most cases, buyers are the usually the victims of these crimes. It was the opposite in Tim's case as you will read. 

Caveat emptor literally applies here, "let the buyer beware".

A sprawling global app development industry means that there are always new avenues for buyers, sellers, customers, and merchants to casually do business; and for online fraud to occur. 

Most of these online marketplaces are loosely regulated if at all, making it inherently unsafe to transact through online payments. 

Exposé

Based on the information Tim provided us, we will now walk readers through his experience and ultimate realization that all could actually have gone pear shaped.

It started on the 27th May, this past Wednesday, when Tim decided to list one of his watches, a particular chronograph which he previously purchased for more than S$1,000, on the popular online peer-to-peer marketplace called Carousell

Carousell is a Singapore-based startup founded a few years ago; it has user bases across multiple countries including Malaysia, the UK, and America, but its primary market is Singapore and Malaysia. Carousell is primarily available through mobile applications which allows sellers to list items they wish to sell, and allows shoppers to communicate with sellers. 

The application does not support integrated payment systems; buyers and sellers have to transact through a mutually agreeable medium - cash, bank transfer et al. The market place is generally unregulated with both buyers and sellers encouraged to conduct due diligence before transacting.

A day after listing his watch, a prospective buyer going by the user name  "american_puppet" engaged Tim in a private chat through the application. 

Tim provided us with the entire chat history which readers can view throughout this article. Tim told us that his only correspondence with that prospective buyer was exclusively through the application's private chat function.

"american_puppet" contacted Tim slightly after 3am (SGT) on Thursday (28th May). The conversation had a seemingly ordinary beginning with the prospective buyer asking if the timepiece was still on sale. The chat progress on as the prospective buyer asks Tim if he has any other gadgets on sale.

Tim made known to us that he had multiple listings of the same watch, a common tactic used on Carousell for sellers to reach a large audience. 

Similar pictures of the watch were used in each listing, but the prospective buyer was unable to recognize that they were actually of the same watch - a crude giveaway that the buyer does not have an inkling about what 'she' was wanted to purchase.

During the wee hours of Friday morning, the prospective buyer messages Tim, saying that 'she' was interested in buying the watch for 'her' son who was "schooling in malaysia"

'She' makes an unusual request for Tim to ship the watch to 'her' son in MalaysiaTim told us that he did was not yet suspicious at that moment.

Assuming that the prospective buyer was in Singapore, Tim invited 'her' to view the timepiece. He was the told that the prospective buyer was not in Singapore but in America on a vacation. 

'She' claims that America is 'her' homeland. Another giveaway - Americans do not typically speak or type in the manner "american_puppet" did; the dots just do not connect. Tim was still not suspicions at this stage.

Tim implied that he was willing to ship the watch to Malaysia by offering to use a courier service. Things began to change notable after Tim's implied willingness to secure a deal. 

We noticed that the prospective buyer then began to steer the conversation; suggestive behavior like recommending which courier service to use, asking if they could take the chat to a direct messaging service, and acting impatient - telltale signs that the prospective buyer was well organized.

The conversation resumes on Friday afternoon when the prospective buyer pesters Tim to hasten the deal, claiming that 'her' son's birthday was on Saturday and that 'she' needed the watch to be shipped out on Friday. Another red flag for us - using the pressure of time to influence the outcome of a deal.

Tim proceeds to request for a PayPal payment to his account before he can arrange for a shipment to be made. The prospective buyer strongly recommends Tim used Fedex and a particular shipping methods. 'She' even knows the approximate cost of the shipment - another reason to be suspicious. Tim admits that up till then, he has still not smelt a rat.

"american_puppet" then asks Tim for his email address registered under his PayPal accountTim provides 'her' with his email address and then confirms what he will be including in the package that he will ship out once his PayPal account has been credited with the funds.

We note that there were absolutely no price bargaining on the part of the prospective buyer. In our knowledge, users of Carousell usually make concessions and haggle over the initial offers of listed items, especially so for higher prices items such as the watch Tim had listed. This should have raised an eyebrow or two.

At 304pm Friday afternoon"american_puppet" messaged Tim with an image of the alleged PayPal-generated receipt for the online payment of US$560 to Tim's account

Tim notes that the image was in a low resolution and suffered from severe color degradation

"There were reddish and bluish outlines around the black wordings. It was like the image was screen captured many times and then compressed into a format to save space, and then uploaded onto social media and then only sent to me." A pretty incredible description, and definitely not something we would associate with legitimacy.

Shortly after, Tim proceeds to check both his email inbox and monitored his PayPal account for notifications if a payment had been made to his account. In the next couple of hours, he had received no notifications from PayPal that money was credited to his account. Tim ensured us that his PayPal account was verified and he was able to receive payments without restrictions.

Despite repeated interrogations by the buyer, Tim maintained his composure and cross checked with PayPal's support forum and its FAQ section for advice regarding payments. He told us that if a payment was made through a person's PayPal balance or an approved credit card that was linked to a payor's PayPal account, the payee's account would be credited instantly without delays.

Referring to the chat history, and in particular the buyer's reply that it "might take a few hours" for the funds to reach Tim's accountTim told us that he started to become apprehensive about the entire legitimacy of the alleged transaction. 

Note also that the buyer's tone had taken on the impression of fluster, regularly sending Tim messages insisting that he had been notified by PayPal when there was apparently no new messages in his inbox.

The buyer even prompted Tim to check his "mail folders", implying that PayPal's email might have been shuffled into spam or junk boxes - something that almost never happens because all legitimate emails from PayPal bear a unique hidden signature which Google (Gmail) recognizes as secure; secure emails will never automatically be moved to junk or spam boxes.

Tim told us that when the buyer said "why are you behaving this way", he really started to take the "entire thing as a joke", but "never made it obvious" to the buyer. 

Our analysis of the snafu thus far tells us that the buyer was trying hard to put on a genuine show of urgency and confusion, something that backfired almost immediately.

Tim displayed professionalism when he reiterated that he would not send out the package until he received direct confirmation of the payment from PayPal themselves. When he made that hardlined statement, the buyer retorted rudely with "hey" and "paypal notified you". Tim then asked the buyer if 'her' bank had sent 'her' a notification, the reply to which was "yes".

If we were in Tim's shoes, we would have requested to visually see that notification from the bank in question, something that never happened at all; and that would have ended it all for the "american_puppet".

What ensued was nothing short of comical. Readers can see for themselves in the chat history. Tim took a screenshot of his PayPal account, in which no payments had been made. He also went on to point out the blatantly rubbish emails that were in his junk box.

Speaking of emails, those fake receipts were so poorly fabricated that we reckon a first grader could have done better. We have included two of those emails towards the end of this article.

The most ludicrous of all? Those emails were from the address "serivice@paypal.intl". Obviously it was meant to be read as "service" instead of "serivice"; and the fraudster actually believed it stood a chance of fooling others.

Tim also forwarded us screenshots of another email from the same address which was apparently intended for a separate victim by the first name of "Eddie", whom we assume was ready to ship this fraudster a laptop and a pair of jeans in return for a faux 'payment' of some US$1,650

We hope that never happened! Eddie, if you were indeed preyed on and are reading this, do not hesitate to contact us.

Tim told us that in the 15 minutes he realized that the entire episode was a staged attempt at defrauding him, he had forwarded those phishing emails to PayPal, reported the account to the relevant administrators of Carousell and wrote in to the Malaysian Police and furnished them with the address the fraudster provided in those emails.

After which, Tim simply told the "american_puppet" that 'her' strings has been pulled by 'her' own stupidity, and wished him the best of luck in suave fashion. 

Tim told us that he was almost certain that the fraudster was a male masquerading as a female, which helped to "add a motherly touch" to the entire play - a smart device that worked well until it did not. 

Tim notes that the attempt by the buyer was an "ambitious" one and he has never seen anything quite like it. Ultimately, he notes that its failure was the product of "poor execution, too many unnatural signs and over complication". We have to concur.

Sadly, this fraudster will probably never be apprehended and will continue his pillage on other less suspecting victims on such online marketplaces where sellers are overly eager to close a deal, even at the mercy of uncertainty. We urge our readers to remain vigilant and err on the side of conservatism.

Tim tells is that "I'm thankful that I didn't ship the watch out to that idiot," and that he was "happy" overall although he "did miss some market moves on Friday" while he was reeling from the realization of what happened.

For those that wish to pay the fraudster a visit, here is a potential address you might want to visit: "Block A 01-14/15, Cyberjaya, Selangor, Malaysia 63000". May the vigilantes of justice prevail!

If you are part of any news or media outlet and would wish to speak to Tim directly, please contact us.

 A similar email as the above but this was actually meant to be sent to another recipient, whom we assume was another victim of the same fraudster. The victim, first named "Eddy" who is apparently also from Singapore, seemed to have agreed to send the fraudster a laptop and a pair of jeans in exchange for a 'payment' of some US$1,650.  The fraudster uses a slightly different shipping address, perhaps an opposite unit number of the same floor in the block.  In this instance, the fraudster fakes a PayPal transfer to "Eddy's" bank account, a DBS savings account. We can only hope that "Eddy" was not tricked by this cunning but totally rubbish email.   Email screenshot by  Tim , annotations by Business Of Finance

A similar email as the above but this was actually meant to be sent to another recipient, whom we assume was another victim of the same fraudster. The victim, first named "Eddy" who is apparently also from Singapore, seemed to have agreed to send the fraudster a laptop and a pair of jeans in exchange for a 'payment' of some US$1,650.

The fraudster uses a slightly different shipping address, perhaps an opposite unit number of the same floor in the block.

In this instance, the fraudster fakes a PayPal transfer to "Eddy's" bank account, a DBS savings account. We can only hope that "Eddy" was not tricked by this cunning but totally rubbish email. 

Email screenshot by Tim, annotations by Business Of Finance

 The email titled "Notification of an Instant Payment Received from laurie raymond" was found in  Tim's  spam box. The email claims that the fraudster had transferred US$560 to  Tim's  PayPal account but was held on escrow and will only be credited to his account when the "shipment reference/tracking" number is provided. This was an attempt to lure  Tim  into making the shipment in the belief that the funds will be credited to his PayPal account.   We have highlighted several obvious giveaways:  1) Email address is not an authorized PayPal adress  2)  The name "laurie raymond" is not capitalized. No reputable company does is this ubprofessional.  3) The general formatting standard of the email is titanic low. Spelling and sentence structure errors abound.  4) PayPal never places funds in escrow when a direct payment is made.  5) "1999-2014". It is year 2015, the fraudster did not even bother to correct a blatant date error.  Email screenshot by  Tim , annotations by Business Of Finance

The email titled "Notification of an Instant Payment Received from laurie raymond" was found in Tim's spam box. The email claims that the fraudster had transferred US$560 to Tim's PayPal account but was held on escrow and will only be credited to his account when the "shipment reference/tracking" number is provided. This was an attempt to lure Tim into making the shipment in the belief that the funds will be credited to his PayPal account. 

We have highlighted several obvious giveaways:

1) Email address is not an authorized PayPal adress

2)  The name "laurie raymond" is not capitalized. No reputable company does is this ubprofessional.

3) The general formatting standard of the email is titanic low. Spelling and sentence structure errors abound.

4) PayPal never places funds in escrow when a direct payment is made.

5) "1999-2014". It is year 2015, the fraudster did not even bother to correct a blatant date error.

Email screenshot by Tim, annotations by Business Of Finance