An online scammer recently tried to dupe the daughter of a Pearl
Software employee. The scammer was double-crossed, revealing his true
country of origin, source IP and ISP. The FBI is now involved.
For many small businesses, the lure of selling end-of-the-year
inventory on eBay or Craigslist is tempting. The problem is that these
sites can be littered with scammers looking for unprotected sellers that
are not highly cautious during the holiday season. What follows are a
few of the biggest scams that can cost businesses serious money and
A scam that often occurs during the holidays is
fake buyers who will complete the purchasing process through PayPal for
items from a small business. Once the honest seller sends the item, the
scamming buyer files a dispute or chargeback with PayPal saying that he
or she never received the merchandise. This is dangerous because, in
most instances, PayPal will side with the buyer if the seller has failed
to take precautions.
Account Hijacking is a problem that proliferates on
eBay during the holidays. During the holiday rush, it can be easy to be
lured to a seemingly great deal, allowing your password to fall into
the hands of a scammer. Scammers will use your password to access your
account in order to sell non-existent items to unsuspecting buyers. A
business is left less the price of its purchase, which will never
A common Craigslist scam is when a business places
an ad to sell some end-of-the-year merchandise and is contacted by a
scammer who is interested. The scammer then sends a phony check for more
than the item’s listed price. The scammer then contacts the business
with some explanation, such as he or she accidentally wrote the check
for the wrong amount, and asks for a check that covers the balance over
the item amount. This is usually done over a slow buildup of trust and
clever obfuscation. Unaware
that the buyer’s check is a fake, the seller deposits the phony check
and sends the amount above the balance before the buyer’s check clears.
In the end, the business is out the amount that it sent the phony buyer.
Small businesses run the risk of being scammed any
time of year, but it becomes a bigger risk during the holidays. While
avoiding using eBay and Craigslist for selling end-of-the-year
merchandise can help protect your business during a season of heightened
scamming, what about the rest of the year?
Take precautions such as using the eBay/PayPal Security Key,
and be sure to follow all of their security measures. One of them is to
never reply to or click on links in e-mails purportedly from eBay even
when you are expecting them. Instead, log into “My eBay” to check
correspondence and make any replies.
By regularly logging into eBay to check your
account, you can see any activity that you did not authorize, which is
the sign that the account has been hijacked. If it looks as though this
is the case, immediately contact the eBay Security Center.
Never allow your browser to automatically enter
your eBay or PayPal passwords, and above all, utilize robust web
filters, antivirus and antispyware tools to help prevent infection by
password-capturing Trojans and DNS hijacking. If employees have computer
access, consider employee monitoring software to avoid data breaches of sensitive credit card information in your database.
Only send items to Confirmed PayPal addresses, and
document each step of the sale by taking pictures of items prepared for
shipping along with tracking numbers. Always keep the emails saying that
the item was delivered, and follow-up with buyers after delivery of the
items. If possible, try to get them to state in the email that the
product was received and that they are satisfied. You can do this by
asking your buyers to rate your transaction.
It can be difficult for small businesses to
safeguard against Internet scammers when they are only focused on
selling merchandise. By developing a proper buyer/seller protocol as
well as implementing sophisticated tools to inhibit data breaches,
businesses can benefit from selling online while minimizing the risks.