Uncovering a Phishing Email Scam Network

Posted by Norma Stratton on

Uncovering a Scam Network

It’s unfortunate, but virtually anyone who has a phone or computer has encountered a scam at some point. Sometimes they are extremely obvious and easy to avoid. Other times, they appear legitimate and catch even wary victims off guard.

When encountering a suspected fraud, victims will usually turn to their credit card company or other payment processor to seek a refund, but there are times when they are not successful, as with the PayPal-UPS scam. But what is this scam and how does it work?

The PayPal-UPS Scam

This scam is relatively simple to execute, but not always simple for the victim to contest.

The scam involves the victim finding an item online which they wish to purchase. The site is likely quite convincing, or at least enough so to put the victim’s mind at ease. They go ahead and place their order but are required to use PayPal. This might raise a flag for them, but the item is offered at a good price, and they feel secure enough to proceed.

Because the scam seller is using a new or otherwise suspicious account, PayPal will not immediately credit their account, putting a hold on the money until the seller can prove that they have shipped the item. At this point, the scammer will submit a UPS tracking number to PayPal, satisfying them that it is a legitimate transaction and that the item is in transit. This tracking number is one that has already been used in a legitimate, unrelated transaction.

The victim also receives the tracking number and waits for their item to arrive, assuming it will take a few days. Unfortunately, by the time they question why the package has not yet arrived, the scammer has taken their money and run.

This scam may have been in use since June 2019. Since that time, it has likely affected thousands of victims. How the scammers gain access to “used” tracking numbers is unknown. While tracking numbers are sold on black hat forums, trackers are somehow able to find numbers that accurately match the victim’s city.

When asked to comment on the scam, UPS Director of Media Relations Glenn Zaccara stated that “This situation has been correctly labelled as a “scam” and a result of fraudulent behaviour by bad actors. UPS has resources dedicated to preventing, identifying, and stopping fraudulent activity. We do not disclose those methods to maintain their effectiveness.”

An alternate version of this scam sees the seller ship a box or envelope to the buyer’s address, thus obtaining a legitimate tracking number. Upon arrival, however, the buyer finds that the package is empty.

PayPal’s Response to the Scam

Unfortunately for the victims in these cases, PayPal tends to side with the seller, even when evidence points to the transaction being fraudulent. Why? Because PayPal typically accepts the tracking number as sufficient proof of a valid sale, which allows the seller to successfully win a dispute. This is because PayPal’s Seller Protection program protects the seller when they can provide “digital or physical proof that the item was sent by the seller, and... delivered by the delivery company.” The “used” tracking number fits this vague description, as it is proof of shipment and delivery—albeit to the wrong address on incongruent dates.

With current world events leading consumers to perform much more of their purchasing online, greater caution than ever is required, as scammers are taking advantage of this new opportunity. As always, when a deal appears too good to be true, it’s worth questioning, even when the seller appears to be legitimate. The phrase caveat emptor—let the buyer beware—is as valid today as ever.

Every business should assume they have either been attacked, are being attacked, or will be attacked. Fast detection and swift response are the small business owner’s only defense.

You can access my Free Ebook=> “WHAT’S AT STAKE FOR YOUR BUSINESS?” 

If you suspect you may have a data breach. It is essential to get it check out immediately.

Thank you for letting us share this information with you.

We hope this information is helpful we want to make this as easy as possible for you, eliminate the learning curve, and inform you all about the dangers your company may face when exposed to cybersecurity.

We love hearing your feedback and on your cyber concerns

Dan Stratton | Chief Technology Advisor
Safe Harbour Canada | Safeharbor USA | “Smooth Sailing"

W: https://www.shi.co 

E: dan@shi.co

If you have an imitate concern about Cyber Security or would like to chat. Please don’t hesitate to give me a call a 6042955355 or email me at  info@safe-harbour.ca