Sure enough, we have an example of a scammer going phishing on Play(dot)com, the second biggest online retailer in the UK market. Play allows individuals to buy / sell their wares, much like the Amazon marketplace. Here's an example of what I'd see while shopping for Batman DVDs (because really, what else am I going to be wasting my money on?):
Click to Enlarge
Sellers are awarded ratings depending on how awesome they are at selling things - or not. Thanks to MrTom for sending this one over, because what seemed like a bargain videogame purchase resulted in the following email from a seller:
Click to Enlarge
Yes, it's the old "Problem with payment" trick so beloved of scammers on sites such as eBay (with random "verified by.." graphics to sweeten the deal) . What makes this attempt particularly silly is the following ramble regarding security:
"fill in the following secure form by clicking reply you should then be able to fill in the form. This is just for verfication and a security check please note we do not see any of your personal details as its encrypted through our server and part of data protection"
There is, of course, no "secure form" - all the victim is doing is sending a regular email to a @live.co.uk account. It's worth bearing in mind that a copy of said email could well be stored on the servers it passes through, which isn't really the best thing in the World when you just sent your card details to the Wallet Inspector.
The scammers here are rather lazy, too - hyperlinking their images from other sources and causing a little brand damage in the process. You should NEVER send a seller your card details in this manner, especially if they're claiming there are problems and asking for card details via email. Play(dot)com is setup so that you'd never have to do this - any other reputable merchant would be doing the same thing.
Unfortunately these kind of scams cause a chilling effect for new sellers and makes it more difficult to get started selling Batman DVDs - and while you'll get your money back from the initial transaction made through the Play(dot)com system, you may find it's a little more tricky to get results after firing the "Take my money, and take it now" emergency flare in the general direction of an Email scammer.
Christopher Boyd
No comments:
Post a Comment