For the love of God, will people please stop sending money to complete strangers via Western Union, and complaining that their money has mysteriously disappeared?!?!

I had the unfortunate experience of dealing with the following gentleman at work yesterday. This man, let’s call him “Phil”, was looking to buy a car on carsales.com.au, which is a popular Australian car auction website.

Having found an almost-new Ford Falcon sedan with low mileage for just $12,500, Phil thought that was a bargain.  IT’S ALMOST TOO GOOD TO BE TRUE, thought Phil to himself. He made some email enquiries, and the seller said that he had to travel overseas with the military, and that he was reluctant to sell the car for such a low price, but that he needed a quick sale and didn’t expect to be back anytime soon.

The seller told Phil that he would remove the car from carsales.com.au, and list the vehicle on eBay with a “buy it now” link.  The seller then sent Phil an email with a URL, to something which looked a bit like this:

http://www.ebay.com.au.car-sales-server.someotherdodgydomainname.co.cn/

Phil clicked on this link which took him to what he thought looked like an eBay listing for the car, with a “buy it now” link.

But Phil was concerned about buying the car ’sight unseen’.  So he did two things:

1. He rang VicRoads, and they referred him to a VicRoads website, to check the legitimacy of cars being offered for sale.  He entered in the registration details, and the make / model / colour / VIN matched the vehicle being offered for sale; and
2. He asked the seller if he was covered by eBay’s “Buyer Protection” scheme.

The seller said yes, of course, and sent him another link to an address which looked a bit like this:

http://www.ebay.buyerprotection.biz/

At this site Phil submitted a form with the eBay Item number, and received a cheerful email reply confirming that the transaction was legitimate, and that Phil would indeed be covered by eBay’s comprehensive “Buyer Protection” programme.

Phil and his money were easily parted. He journeyed down to the local Post Office forthwith, and used Western Union (as requested by the seller) to wire $12,500 to a man by the name of JOHN SMITH.

For some unknown reason, the car never arrived. Phil used a freight-tracking website which the seller provided, but then that shut down, then the emails stopped, and the eBay link which Phil had in his emails stopped working too.

When Phil reported this to eBay, they told him it was a common scam and that Phil’s transaction ID did not exist.

When Phil reported the incident to the police, they told him that the car registration and make / model / colour / VIN were all legitimate, and that the scammers had simply copied these details (and the digital photographs) from a legitimate car advertisement.  They also told Phil that there was little, if any, chance of recovering his money.

How to avoid eBay scams

This list is by no means exhaustive. But some or any of these tips might have stopped Phil becoming the victim of an eBay scam:

1. Learn how to read URLs and internet addresses.  It’s not hard.  If in doubt, ask that tech-savvy person in your family for help.
2. Never, ever use Western Union to transfer money.  eBay says that Western Union is regularly used by online scammers: “They typically ask buyers to make payments using Western Union or a similar money transfer service because they are hard to trace.” Pay using direct deposit or PayPal so that some level of accountability exists.
3. Use a current web browser that offers protection from phishing scams.
4. Always type URLs directly into your web browser, e.g. “ebay.com.au”.  DON’T click on links in emails. DON’T click on images in emails.
5. Don’t buy expensive stuff if you haven’t seen it in Real Life!!  Always inspect real estate, motor cars, white goods and expensive items prior to bidding. The opportunity of a lifetime comes along every day.

And remember, if it seems too good to be true, it probably is.

419 · awkward moments · buyer protection · eBay · email · fraud · PayPal · scam · Western Union

I had a realization this week. I think I might be a “CLI snob”.

Every day I triage email; I key-ahead to delete voicemail without listening; and I multi-select text messages and hit “delete” without reading them.

Now this brutal yet effective time-management technique has started to influence the way I handle incoming phone calls. No Caller ID? No answer. Sorry.

Working in the I.T. industry fifteen years ago, the on-call techo from my department would start a mail client called “cc:Mail” twice daily, and connect to a Netware mail server. We’d check, optimistically (and naively optimistically in hindsight), to see if anyone had sent us any mail.

Nowadays, we’re bombarded with electronic messaging in every form, every minute of the day; especially I.T. people, who often receive automated alerts from monitoring systems and server scripts. And we’re expected to be available 24 x 7!

So this is what ends-up happening, and I’m sure I’m not the Lone Ranger here. I receive roughly 100 to 200 email messages daily, to my home and work accounts. I ‘triage’ these as they arrive, moving them into folders or just deleting them without reading. Some readers might find this to be normal practice, others might be appalled. If it took me just 30 seconds to open and read each of these messages I’d be spending an hour, maybe an hour and a half, each day just opening and reading emails. Not actually actioning them or doing anything productive, just opening and reading.

To manage time effectively you need to identify what’s relevant to you fast, and everything else can go on the back-burner.

If I’m in a meeting, and I have three missed calls from colleagues, and then three “missed call” text messages from voicemail, I’m not actually going to read any of those texts, or dial-in to voicemail and listen to people saying “Hi, ahhhh… looks like you’re busy… okay then, catchya later.” Delete, delete, delete. It’s what type-ahead was made for. I’m better-off ringing them back, or walking through the cube farm and saying, “Hey, sorry I missed your call, what’s up?”

Lately I’ve been ignoring calls from “private” numbers. Not because I don’t love antagonizing telemarketers, but rather, I’ve got a finite amount of time to get work done, and the telephone is a big distraction. At least if I know who’s calling, I can make an assessment as to the relevance of that call before I answer it.

If I “bounce” a call to voicemail, it’s for a good reason: not necessarily because the call is unwelcome, but that the interruption is unwelcome.

Similarly, if I call someone and I get “bounced” to voicemail (and yes, I do send my number on outgoing calls,) then I know the person at the other end is probably in the same position.

Someone called me a “CLI snob” the other day, because I bounced a private number to voicemail. Maybe I am, but for good reason. Time equals money. Show me some courtesy by identifying yourself in outgoing calls, and I’ll reciprocate by answering or returning the call when I can, and when I’m in a position to give you my undivided attention.

The telephone, like email, Twitter, voicemail, faxmail, text messages and everything else, is a communication tool for my convenience. It shouldn’t be a tool for someone else’s convenience to the detriment of my productivity. If it is, what’s the point in having it?

Oh, the private number caller didn’t leave a message either, by the way. I wondered, for a brief second, who it  might have been.

But only just for a second.

ANI · Caller ID · CLI · email · faxmail · productivity · SMS · text message · time management · Twitter · voicemail

On Tech Talk Radio this week we spoke about the current onslaught of “Commonwealth Bank” hoax emails, requesting or “phishing” for account details or personal information.

Source: Commonwealth Bank

Normally I wouldn”t give these schemes the time of day, but the size of this current campaign bombarding our mail servers is enormous.

The ‘real’ Commonwealth Bank site says:

“The Commonwealth Bank does not send emails requesting you to confirm, update or disclose your confidential banking information.”

Well that sounds pretty simple, doesn’t it?

The problem is that unscrupulous spammers are riding the wave of the Commonwealth’s success, registering similar or deceptive domain names and sending hundreds of thousands of spam messages, in an effort to elicit a response from unwary Commonwealth customers.

Messages purporting to be from the following domains have all tried relaying through my mail server in the last 24 hours:

commbiz.commbank.com.au
commonwealths.com
commbank.au.com
bankofthecommonwealth.com
thecommonwealth.org
commbnk.com
commbank.net.au

…and the list goes on.

Fortunately SpamAssassin seems to be knocking them all on the head, by my server at least.

But not all mail servers run real-time anti-spam software, and lots of servers are delivering these messages.

Technology journalist Angus Kidman, writing for APC Magazine, says that the sheer variety of messages means that many anti-spam services are finding it impossible to identify all the problem emails, even if their text sounds familiar and seems easy to detect; also that according to email security vendor MessageLabs (a division of Symantec), in the first week of the campaign more than 22 different core messages were being sent out en masse, with more than 11 variants.

Read the APC article here.

So what can you do to combat the problem?

• Make sure you’re running anti-spam software, and a good email software (like Mozilla Thunderbird, NOT like Microsoft Outlook Express) that detects and quarantines spam;
• DON’T CLICK ON or RESPOND TO spam emails – doing so just verifies to the spammer that your email address is legitimate and active, and invites a thousand-fold increase in spam to your email address;
• Never disclose personal information or credit card details online, unless you’re 100% confident about the security of the website you’re visiting.  Always double-check SSL certificates and the website address in your web browser’s title bar.

If in doubt, don’t click!

apc · apc magazine · commonwealth · commonwealth bank · commonwealth bank spam · email · email scam · hoax email · junk · phishing · spam · Tech Talk Radio · thunderbird · TTR