Sadly, my daughter got scammed earlier this year. She is a recent college grad from a liberal arts school, and had been working six months doing retail work after graduation.
Looking to make use of her degree, she was excited to get a job offer doing remote work as an office coordinator. She has a dog so working from home was a plus, and $25/hr instead of $16/hr doing retail was a big raise.
She not only lost $3000 from the scam check, she also lost her old job, having given two weeks notice and didn't realize it was a scam until she was gone. The thing that pained her the most was the shame of having been scammed.
Although some red flags were there, her main blind spot was the disbelief that scammers would go to so much effort to (a) set up an entire website for the fake company, (b) were willing to spend hours in the fake interview, and (c) having her do two weeks of "training" courses while they waited for the laptop and other things she bought made it it cross country into their hands.
At least your daughter went through a full interview, which does add a layer of legitimacy.
The most shocking element of OP's story is that he never actually got interviewed by a real person. He filled out a questionaire, received no feedback from it other than "You're hired at 12.5% more than you're asking". This to me is the biggest red flag of all leading up to the actual "ask" to cash the check and send funds.
It seems odd to get a job for $90k /yr without ever meeting someone from the company. Even if that actually wasn't a scam, I would avoid taking a job for a company like that. How good are your co-workers going to be if they are just hired based on a text-based questionaire and a prayer?
>It seems odd to get a job for $90k /yr without ever meeting someone from the company.
Odd but not unheard of. I got a job offer from Boeing sight unseen based on a cover letter and resume. When I asked, they did give me a site visit (though I didn't ultimately take the offer).
I know it may seem odd in a world of leetcode interviews etc. but, if you're hiring a bunch of new grad engineers for one of the aerospace boom cycles, you can save a lot of effort by just hiring a bunch of people out of schools that pass some filter.
Was it cover letter, resume, and certificate of degree from an accredited University? Because that's not sight unseen, just delegated to your department and registrar, which Boeing has deep connections with. They do offer those regularly, but they also have enough trust in that accreditation to serve as a good signal.
why why why would you send money to someone who would ask you to send it back. why can't they just convert that money state themselves? i always wonder how people end up for these scams.
unless its your very close friend or family, don't launder money. i think this is a life lesson we learn in middle school and grow up to think adults are more trustworthy
Because of course it's a scam when you step back and see how all the pieces fit together. But when the victim is in the middle, they're being confused in a lot of ways:
* The scammer keeps the focus on the upsides (job, office supplies) which are good but not unrealistic.
* The scammer is keeping the victim overwhelmed with interviews, paperwork, training, etc. The actual scam part is a small percentage of the victim's focus. This is classic misdirection.
* The scammer gets the victim to commit a lot of time and energy. Loss aversion and social norms stops people calling out slightly suspicious activity immediately.
* The big one is that the scammer drip feeds pieces so that the victim doesn't see the big picture. It's not like the scammer lays out the scheme on day one. They start with the company providing supplies (not suspicious), bureaucratic fumbling meaning the process changes (understandable), the new hire submitting the order themselves (ok), etc. Each step is logical and only slightly peculiar in isolation. Once the victim is comfortable with each step they are fed the next lie.
The last one works because even if people are suspicious of new information, once they've decided something is true they rarely reconsider their position. In this case the scammer got the victim to believe that the job was real, and the scammer was a legitimate HR person before introducing the scam element. If you believe the company is real, why would you imagine the check is fake? If you truly believe the check is real, how does the transfer risk your own money? They build a foundation of trust by layering a lot of little lies.
Companies sometimes do things that don't make much sense. If you are not familiar with what is and what isn't "normal", it can be hard to tell the difference.
For example, when I company I worked for sent me on a business trip, I was supposed to buy the flight ticket using my own money, then bring them then receipt, and then they would pay me the money back. Why couldn't they buy the flight ticket themselves instead? They knew when and where I am traveling; they were the ones deciding that. It would be easier for one HR person to buy 5 tickets at once whenever one of the teams went to a business trip, than for 5 developers to buy the tickets individually and figure out the rules.
This totally felt like a scam (use your own money to buy something we want to buy, and you only have our word that will get the money later back), except it didn't make sense, because it was a large international company employing thousands of people, and I have already worked there for months. And yes, it was perfectly legit. Just needlessly complicated and weird.
So the fact that a company does something weird and needlessly complicated doesn't necessarily make it a scam. It's just likely a scam when they do it before paying you the first salary.
I've seen that though. I was told to book my own travel and get it reimbursed too. Eventually they provided a portal to do bookings through, but it's still my card and reimbursement-after-the-event.
I suspect with a small firm that doesn't necessarily have a dedicated travel "guy" it probably simplifies things letting people book their own flights.
For some people, airline choice is a big deal. For some cities, you might even pick the wrong airport (i. e. if the person has an easier commute to Newark or Laguardia than JFK). Not to mention scheduling (maybe someone wants to travel the "day before" because of risk of too-tight scheduling).
OTOH, maybe it's simpler for "local team all in one city" versus "remote workers being herded to a single event".
At what point were they having you send the money they just sent you back to them, but in a different form? Did your company have you wire to some random bank account? I assume not. These are not the same scenarios at all.
For one thing even if the company never reimbursed you - it wasn’t an outright scam, you did get a flight. The scam scenario you are literally just sending money to a scammer - with the extra flourish of getting a fake check.
What you say about expensing is not unusual and there a number of reasons for it. It does offload the onus of correctly making reservations, putting in KTIN and immigration info on you. And then the big one is that I get all the travel card benefits (points). I even prefer it this way.
The point is not that it's the same though, it's that companies can behave in seemingly weird ways, to an outsider some of these behaviours might even appear scammish or risky (and it probably is risky to by the flight ticket on the guarantee that your employer will pay you back, what if they decide it wasn't an approved trip belatedly).
> it's that companies can behave in seemingly weird ways, to an outsider some of these behaviours might even appear scammish or risky
This is no more inherently scammish than my relationship with my credit card company or any time one agrees to pay later (which is the norm of how businesses with supply chains operate).
The point is there’s no need to use some ill defined concept of weird. Where is the money going and what is the purpose? If someone is giving you an unbacked check and requesting a wire transfer to themselves it’s a scam.
While agreeing to be paid later for an unrelated good or service has some amount of risk it isn’t a scam.
And there are clear benefits to booking your own plane tickets.
I think it was in high school, that I found out about the basic money-back scam, because I innocently tried to buy something in a store with a certified (bank) check for more than the right amount and they wouldn't give me change. Eventually they took it and said I would get a refund from headquarters, but they were extremely suspicious.
This was before the internet was really a thing, too, so the same basic scam has been around for a long long time.
I might have used a certified bank check once in my entire life, maybe to make a down payment on something huge, certainly not during highschool. I have no idea how you think highschoolers are running around casually with bank checks.
>I have no idea how you think highschoolers are running around casually with bank checks.
I don't! They aren't! I wasn't! Nobody does that because they cost (at least then) several dollars.
The point of my anecdote was you use a bank check once and you learn about scams and laundering money, so you don't "run around casually" using them.
Probably there are more high schoolers "running around casually" with credit cards than there were 25-30 years ago, but in any case I didn't have one.
I certainly never again tried to use a check that wasn't for an exact amount.
By the way, some people do or did use personal checks at the grocery store and get cash back - I don't know if you can still do that and I never have tried it, but it used to be a thing.
There's also some mental concept where people already got started or went so far, and subconsciously don't want to believe they've been had, so keep going. I'm sure there's a name for it, I can't be bothered to look up. It's why romance scams are so common, and also why that McDonald's manager undressed that employee, for example. Fascinating, but sad.
> Nix was sentenced in March, 2006 to five years in prison.
> He pleaded guilty to sexual abuse, sexual misconduct, and unlawful imprisonment.
> Donna Summers was fired after the incident.
> She was charged with unlawful imprisonment, and was sentenced to probation after entering an Alford plea — a type of guilty plea in which a person does not admit guilt, but acknowledges the evidence is sufficient for a conviction.
> She broke off her engagement to Nix after viewing the surveillance tapes.
> Summers also sued McDonald's and was awarded $1 million in punitive damages and $100,000 in compensatory damages.
> After two hours of deliberations, Stewart was found not guilty on all charges.
This seems a bit harsh. Nobody really says that about the participants in the Milgram experiment[1], but the psychologist in the ABC article says that this is probably why the caller targeted fast food restaurants
>"Everything is by the book," he explained. "This is how you serve it. This is exactly how you do it. You follow the book — you're OK. I believe he picked fast food restaurants because he knew, once you got them away from that book, once it was something outside the manual or the procedures, they would be lost."
Meanwhile if an actual police officer directs a private citizen to perform this kind of search, it's not only apparently legal but approved by the medical and nursing board.
The real life story is pretty sickening: an ~8 hour ordeal starting with the CDP saying "we think you have drugs" and forcibly sending an 18 year old girl to the hospital for an x-ray, in handcuffs, where she is instead invasively strip searched (with the CDP and hospital staff in audience). Nothing is found so they eventually let her go.
The court basically ruled that:
- The CDP did its job "correctly". They just need to think you did something wrong to detain you and force you to accept medical interventions.
- This was the wrong way to sue: the plaintiff must seek state-law tort action against the doctor for malpractice.
Most disturbing to me is considering just is how many people were party to whole affair, and how easily a routine, but ill-fated encounter with authority can go so wrong.
I can only hope that additional legal remediation brought some kind of justice and relief. Maybe this is yet another example of how contorted US law practice can be.
I think it's because way too many people don't have firm boundaries. They don't recognize unacceptable behavior and so cannot put a stop to it before they are victimized.
Someone tried to scam me once by taking over the Instagram account of a hotel and baiting me with a discount. That by itself is not a problem, it could be a legit offer. Their intentions became obvious when I randomly got a message with a 2 factor code and they asked me for the number.
Criminals must necessarily violate social rules in order to carry out their crimes. A robber on the street must close the distance against the victim in order to get in attack range. In my case, the unacceptable behavior was asking me about information that was not only secret but also useless to anyone but me. Recognizing these violations of social norms and enforcing firm boundaries is necessary to defend against these people. People who don't understand what a 2 factor code is will not recognize that it is unacceptable behavior for another person to ask for one and will see no problem with revealing the secret.
That's what came to my mind, but it's subtly different. Sunk cost is usually seemingly rational thinking about capital invested. Whereas this is rather irrational refusal to see a problem due to potential embarrassment, usually along with some type of investment.
It's more along the lines of you develop tunnel vision. You just look at the next step ahead and you never backup and ask yourself whether the whole thing makes sense. You see it with all kinds of things including solving technical and other problems.
Once you've decided something is true, it's easy to dismiss all sorts of signals that maybe it isn't.
It could also explain the actios of some people who are "caught" going to the hotel room of 40 year old cops pretending to be 14 year olds online, but who only "reveal" their age at the last second.
But no one likes to think about this version of confirmation bias/the bias you were talking about, somehow.
Speaking of McDonald's, what you're describing is the same impulse that makes me accept and consume a hamburger after I've watched numerous employees violating health codes before they hand it to me. Like, this is a major company, and I don't have enough time to question all the details...
I hope you let her know that she shouldn't be ashamed. These people take advantage of the good nature of others. It's also something they work at every day to improve their ability to take advantage of others, fix the mistakes that caused the last con to fail so that the next person will be at an even greater disadvantage. Learn the lesson & move on.
> The thing that pained her the most was the shame of having been scammed.
I've fallen victim to a scammer as well (paid rent to a "landlord" who it turns out didn't actually own the place). It sucks, but I don't think it's something to be ashamed of. Our society is built on trust, and some people exploit that.
It can also go the other way. I was once asked to wire money to a person I had never met in a country I had never been to. They said I needed to pre-pay my holiday rental. It totally felt like a scam, but it turned out to be legit and the apartment was lovely.
I almost got scammed by this as well. But it felt strange to me that there was no actual person I needed to meet to complete the rental agreement. And then when they asked me to wire the money I knew it was a scam.
For everything before the training courses, I was like "Eh, I could see it" but after that, it's pretty clear that it really did feel like a real job. At about that same age, I was pretty desperate for a decent job and I could totally see at least being very, very tempted to fall for it, too. I'd of course like to think I'd never fall for that, but you don't know until it happens to you.
I understand, I had that same belief. My thoughts were that faking checks and money is dangerous and stupidly hard, and since jobs pay you, the idea that it was a scam never came to my mind until way later when I was asked to wire...
I can go on Walmart.com (or many other places) and get a box of checks made for $15 with any name, routing number, and account number I care to provide them.
That said, receiving a personal check from a company of any size should properly set off a lot of alarm bells.
There is no punishment that I would not hand down as a juror for people who exploit the trust of good people and poison society. Very literally, no punishment I would veto as too harsh.
My wife almost got taken by a similar scam very recently, but for a remote content editor position. She was applying for various jobs, but one she didn't apply reached out to her. As she had been looking for a little while, but only finding opportunities that didn't quite fit what she needed in terms of pay, hours and schedule flexibility - when she was offered a position that checked all the boxes she was ecstatic.
I'll spare the full back and forth, but the scam was somewhat similar in the setup. The send you a check, but instead of you wiring it back to them, you use the funds to purchase your remote equipment from THEIR online store. They have specific requirements on what kind of setup you need and claim it's easier for you to buy it from them in a bundle.
I hadn't been paying a lot of attention to the correspondence between her and the "employer", but once she told me that I knew it wasn't legit. Why wouldn't they just send you equipment instead of check to buy it from them? We played along for a little bit longer, mostly because she wanted to believe it was legitimate and her pride was hurt. When they asked her to print a check from an email and then deposit that with her mobile app, she saw the writing on the wall.
She was very, very hurt and felt silly having to go back to friends and family and let them know she wasn't gainfully employed, after all. But thankfully we figured it out before we were out any money.
Content producer/editor here. Had a similar experience but they wanted me to sign up for all this stuff to begin the application process, as well as asked for a LOT of personal info.
They have my drivers license which contains a lot personal information but eh... proably somewhere based in india or something, I dunno.
Freeze your credit reports with all 3 credit reporting companies. Last year someone flew into Seattle from out of state with a driver license with their photo but my info, including an old driver license number. They got a bunch of cell phones and attempted to open a number of store credit cards with it. They bought a car with a fake of someone else's https://bellevuebeatblog.com/2021/04/28/64000-dodge-challeng...
The credit card applications got blocked, but I found out about them because the thieves used my email address on the applications. The most frustrating part was trying to get in contact with the right people at T-Mobile and Verizon to report and shut down the fraudulent accounts. I found out about those because of soft credit pulls on my credit report. I'm not sure if a credit freeze would have prevented them since they were just soft pulls.
You know it's fake because the company hasn't made you sit through 6 interviews with random panel guests then ghosted you for 3
month then low balled you and put a 24 hour expiry on the offer. Bonus credibility points for only giving half of the question during the whiteboard session only to casually remember remember at the very end while grading harshly for missing that.
If the offer hasn't been rescinded at least once it's probably a red flag as well.
As someone who has worked a corporate job for a while, this is all red flags _BUT_ if you have not worked for a corporation, and you really need a job, you may be motivated to dismiss those little warning signs so you can get paid.
Scams don't work because scammers are smart; scams work because scammers exploit our motivations. Beware of charity scams this holiday season.
I've worked at corporate jobs and smaller companies, and frankly if a large company said "here's a list of our authorised resellers, and a signing bonus paid by cheque, please use it to buy equipment as it's faster than going through procurement" I would 100% believe them as at every job I've ever had (before I got a company card) it was faster and easier to just buy and expense. I genuinely wouldn't bat an eyelid until it was too late.
>if a large company said "here's a list of our authorised resellers, and a signing bonus paid by cheque, please use it to buy equipment as it's faster than going through procurement
That's not how I've seen things work at larger companies. It's more like "please go in that room that's full of abandoned computer junk and scrounge a monitor that still works as it's easier and faster than requesting a new one".
I would certainly expect it to be faster than procurement, but not living in the US the concept of receiving a Cheque in the 21st century would raise all forms of red flags. If they deposited the cash directly into my account via a BACS payment, same as my salary, that would be far more believable.
That said, $10k in office expenses for someone starting on $40k a year ($20/hr training) would also raise a flag.
Edit: Do people really get paid by checks in the US?
We do. Small companies don’t want to deal with setting direct deposits through an ACH and it’s much easier to write a check. The latest number from the Federal Reserve was that in 2018 they processed 18 billion checks issued by companies and individuals.
A personal check in this case I guess would be... odd. And there are certainly other red flags. But I receive checks from various organizations I don't have direct deposit set up with on a semi-regular basis, e.g. from my healthcare flexible spending account. Checks are definitely still used in the US even if much less frequently than they used to be. (If you count the ones my bank sends out on my behalf I write a few checks a month myself.)
I had a scummy employer that was always “overpaying” me. So I switched to paper checks that I cashed at his bank and wired to mine. If there was a real overpayment, sure, he’d get his money back…eventually.
For me, it's not the check, it's the emails. I would expect to have emails and calls from at least 3 people at the company - HR, Hiring Manager, and Team Manager. Also, companies are terrified of being sued, that's why they require all recruiting and hiring emails to be done on the corporate accounts. If they don't require HR and managers to use corporate email, that's a big red flag too
If the authorized resellers were companies I'd never heard of, I would hope that would raise flags. But, yeah, especially at a smaller company, getting an official-looking company check and told to use it to get myself set up and expense it when I started would seem pretty normal.
Though it's been many years since I've traveled to interview, I was always paid by check for anything out of pocket. (Except for a 3 letter government agency who paid me in cash.)
To be honest, one can easily realize that this "Marc Cannon" is a fake with the amount of spelling and grammatical errors he makes. Real professionals do not make spelling and grammar errors such as:
"Do you have any other question ?"
"Good morning how are you this morning."
"I will send you later"
"Good morning, How are you doing today ?"
"This is very disrespectful and all director are to meet you for training on monday and you're 'suppose' to have all your materials before then"
It was practically a dead giveaway when the guy used "autonation.com@proton.me", because the guy doesn't have access to the domain's email, he probably didn't even understand what you were saying.
I don't know, I've had a couple of bosses who were native English speakers and they would dash off emails so fast obviously without reading them that it took me multiple reads to parse what they might be trying to say. If it were just punctuation or spelling errors I would have been happy.
I suspect they wrote to their bosses much more carefully.
But something as sketchy as this setup would have my antenna twitching anyway, so these kinds of mistakes would probably be red flags given that context, otherwise maybe not
I gotta agree, poor grammar didn't stand out as a red flag to me. I've been through interview loops with like like 80% of the written and verbal correspondence was with people who had English as a second language and they frequently made similar grammatical mistakes. I'm pretty sure two of those companies were legitimately Intel and Amazon.
I'm also surrounded by Asian immigrants in the US and its pretty common to take an English name (sometimes first and last) if your name is so full of non-ASCII characters that American's can't pronounce.
Thanks for good point. I sometimes released, many extroverts (managers/tops nearly all extroverts), are tongue-tied, because they are not thinking before say.
They act like Colt, polling any semi-relevant phrase from scrap-bag of memory, and shooting with it.
I was not in the right state of mind, my brain weirdly skimmed and auto-corrected grammar mistakes. I thought it was weird but I was just happy and yet busy to think about it further.
Yeah I mean when someone is happy and excited that they're going to get a job that pays $45 an hour then they probably won't care whether the employers know English or not.
This is also a "red flag" that will probably stop being useful soon, as chatgpt etc make it easy for scammers to write things that don't have this kind of mistake.
I have read that the poor spelling in scams is on purpose, it filters people out early on. Anyone who overlooks the poor spelling and grammar is more likely to continue
Just fyi, anyone can send email (a.k.a. spoofing) from @autonation.com, the harder part is correspondence from that domain - but I think you were pretty much aware of the scam at that point. Good job.
There are definite flavours of Indian English here, which would be far less suspicious - if the scammer's name wasn't non-Indian. I suspect that, firstly, the scammer is not aware that their use of English flags them thus to native speakers, and secondly that they would in any case be subconsciously reluctant to use an Indian name anyway, perhaps because they (paradoxically) think it'd make it seem more like a scam rather than less.
A fake name, a fake job offer, a fake office, and a fake kit. If I was being interviewed I probably would have trolled this guy back by giving him fake money.
> Real professionals do not make spelling and grammar errors
I've worked with lots of professionals, including founders and c-suite people, who appear barely literate in emails and online chat. They're often very good talkers and very bad writers.
Definitely a cause for alarm for someone that supposedly works in software in Florida, but there are professionals who don't have English as their first language.
Well, yeah there are professionals who don't have English as their first language, but I mean making a mistake in the most basic punctuation marks?
Sure if he doesn't know the difference between "it's" and "its" then it's fine, but if he doesn't know how to properly use commas in a sentence then one must question his professionality. Additionally, there was no way he couldn't have had access to automation.com
I find it fairly common for people that do not have US English as their first language to not use punctuation the way that I was taught in school. I do that too when I think the punctuation is wrong for what I'm conveying (especially . or , inside quotes, when quotes are a command). Non-native people commonly use quotation marks that I don't know how to produce with my keyboard, put $ after the number, etc. A space before a question mark is not unheard of.
The somewhat read flag is "kindly" (likely Indian?) with "Marc" (likely not Indian) but it's common for people with a name that's difficult for Americans to understand/spell to use an Americanized name.
Using an email address that doesn't match up with the company's well known domain name is a real problem. Suggesting payroll comes by something other than check or direct deposit is a red flag. Luckily, requesting money via wire transfer tipped this person off before things got real bad.
> The somewhat read flag is "kindly" (likely Indian?) with "Marc" (likely not Indian) but it's common for people with a name that's difficult for Americans to understand/spell to use an Americanized name.
This is usually a Chinese thing, though. Indian people tend to just use their own names. Even then, a Chinese person would incorporate some of their name e.g. Mark Li.
I’m not blaming OP here, of course. As he said, he was tired and it takes real bravery to put your hand up and say “I was nearly scammed!”
I don't see how professionalism is tied to English proficiency. I've spent my whole career with ESL people (me included) and it doesn't really make sense to me.
As a non native speaker, I find it wild you think it's vs its is harder than punctuation. If somebody can't tell its from it's then they don't know what a verb is, which seems like a much more basic concept than punctuation to me.
Well, yeah there are professionals who don't have English as their first language, but I mean making a mistake in the most basic punctuation marks?
Sure if he doesn't know the difference between "it's" and "its" then it's fine, but if he doesn't know how to properly use commas in a sentence then one must question his professionality. Additionally, there was no way he doesn't have the office email ID.
I almost hate to say this to not give scammers any ideas, but it seems pretty obvious to me that you can buy look-alike domains that most people wouldn't think too much about. For example, autonationusa.com, autonationcorp.com, autonation-corp.com, autonation-hq.com, internal-autonation.com hr-autonation.com, autonationrecruiting.com, autonation-hiring.com and so on, you get the idea.
There are even other TLDs you could play with that most non-tech people would think are legit. For example auto-nation.co or autonation.inc autonation.corporation. All of these would cost less than $20. I haven't checked these all for availability, but I suspect at least half the ones on this list are available, and even if they aren't you can play with different combinations to get something that is available. The purpose is only to fool people at first glance.
While most people on HN might know that internal-autonation.com does not actually mean its from autonation, I suspect it would still fool a lot of HN readers. Outside of tech workers, I think this technique would fool the vast majority of the population.
You could even buy a domain for something like new-fake-hrm-saas.com and make a fake website for a fake SaaS HRM/Recruiting tool. Then send all emails from that domain. If anyone asks, you can say that intial emails go through that SaaS tool until you have fully onboarded. This is something legit that actually happens in real life early on in the hiring process when they want all hiring correspondance to go through an HRM tool. Again, maybe a tech worker would be cautious of this technique, but most people would be none the wiser. This would allow you to maintain one domain for multiple scams so you could easily burn one if you get exposed. You could even do subdomains with it like autonation.fakehrm.com and salesforce.fakehrm.com and so on for each company you impersonate.
Again, this isn't to give people ideas. But this could be easily done for $20 a year and minimal effort. (The fake hrm saas site could be a template site, all real SaaS sites look the same anyway).
Would work fine as lots of corporations genuinely do use multiple domains for email. But for scammers, every time someone realises they've been scammed their domain gets taken down and they lose email contact with a whole bunch of other victims in their pipeline at the same time...
internal-autonation.com is available right now for $10. autonation.inc is also available. I could generate 100 more like this that would fool most of the American population. Tech workers might be smart enough to avoid them, but the average person wouldn't think twice about these.
For example imagine getting an email from recruiting@internal-autonation.com. Again, I know a tech worker who actually is likely to have purchased a domain might know what is happening here, but most Americans would think this is legit.
I've received completely legit emails from Chase Bank that used URLs that, on first glance, had to be fake. I followed up using alternate channels and found out that it wasn't a scam just poorly executed "security".
I guess I'm pretty desensitized from having had so many colleagues with atrocious professional writing skills; 'cause the writing itself didn't really raise any red flags for me until "Marc Cannon" instantly blew up at the notion of a check needing to clear before money from it could be spent.
This reasoning has been used so many times and while it makes sense on the surface, if you think about it for a little longer, then you'd realize it's probably not true. For example, in this case, the bad grammar persisted even in the final stage where the money was about to be transferred. I don't think you really need to "filter" more people at that point.
I'm guessing there was a study of some kind and not just theoretical debate? In a way I would agree with you, but I can also see an argument for the contrary. As in you don't want to change the pattern at this point as that might fire some alarms and spook the horses.
Scammers intentionally make grammatical mistakes. If you can spot the mistakes, they don't want to engage with you.
(Of course, there are other reasons why would one spot yet ignore grammatical mistakes - sometimes it is because of the personal situation they are in, sometimes it's of empathy towards non-native English speakers)
Unlikely. I believe it started as a hypothesis to explain the many spelling errors in scam mails, but I don't think this have ever been confirmed to be intentional.
Great job figuring out it was a scam but honestly, it’s crazy that these things still work on anyone all the way in 2022. You would think that by now every human being that walks the earth would know that whenever someone you don’t know sends you “money” and then requests you send it back (or to another party) in a different form, it’s always a scam. There should be some ceremony whenever someone turns 16 or something, where you just get taught this and that’s the end of this scam. Insane that people still fall for this!
Same for the gift card scams. No legit business or government on earth in any industry asks for gift cards as payment! This is like an absolute ironclad fact of the universe. But so many people still fall for it!
This post seem to blame victims for the problem, and that is not fair. People can be in dark places mentally, struggle with disease, family issues, etc. Not everybody is mentally sharp 100% of the time to identify a scam attack and fight it back.
The problem is not victims, the problem is scammers. There should be better mechanisms to quickly clamp down on them. In this case, it would be really good if there was a mechanism or institution where the victim could report the scam and once verified it would gather information from Google, Dropbox sign, the bank receiving the funds, and other tools scammers use to build a case against the scammer in the relevant jurisdiction, and avoid them using the same tools for further scams.
My strategy to repel scams is to stay humble. Mo matter how much I think I'm prepared to identify scams, I am still vulnerable and I will continue to be vulnerable. Arrogance is your worst friend if your objective is to stay safe. No matter how many ceremonies you do when you're 16, in the right context and with the right words, you will still fall for a talented social engineer.
> This post seem to blame victims for the problem, and that is not fair.
Indeed, the scammers are the bad guys. At the same time, what about people that still fall for Nigerian princes or go through their spam folder for "sex in your area" or "penis enlargement pills"?
> ...verified it would gather information from Google, Dropbox sign, the bank receiving the funds...
While I agree that our banking system should evolve past the high-trust model that it has organically grown out of, this sounds absolutely dystopian to me. I would much rather live in a world where the resolution is "sorry, you got scammed, that sucks, learn from it" rather than "our corporate overlords will collaborate to ensure your safety." Even if real-time 2FA of fund transfers existed everywhere, people (including everyone in the right state, sure) would still click those things. Technology doesn't solve social problems.
> At the same time, what about people that still fall for Nigerian princes or go through their spam folder for "sex in your area" or "penis enlargement pills"?
Wait until you get older and have cognitive issues, or have a relative that gets caught up in these scams. It's easy to say "tough up" until it happens to you.
I was scammed about EUR 1500 some 7 years ago. It didn’t seem a scam: the price for an item was low but not too low, the identity of the seller I could verify. But the item ultimately didn’t arrive, and I didn’t know that for italian law it’s considered an “unfulfilled contract” rather than fraud, and requires a civil rather than a criminal case, which would turn out far too costly.
But the point is: I didn’t recognize some warnings because I just had my first kid and I was stressed, overworked and sleep deprived. Shit happens.
That's not nearly the same thing as what the other poster is talking about.
I once had something similar happen when I purchased Prince of Qin off Ebay (10-15 years ago I think?). Package never arrived.
That is in a wholly different class than these scams where they're asking you to cash a check and wire the money back, nigerian prince, etc.
What the other poster ISN'T considering is that there are still large segments of the population that are old enough that they're just not internet savvy. It's just the nature of life.
But their point stands as is, it's not reasonable for younger generations to be falling for these scams.
As a general rule convicting someone of fraud requires you somehow prove their state of mind. A person must set out to deliberately defraud someone for it to be considered fraud.
Of course proving a persons state of mind is extremely difficult. As a consequence it’s unlikely that police or prosecutors are going to take an interest in fraud that only involves small sums of money (less than a few million $).
However proving that a contract is unfulfilled is pretty trivial, and generally cut-and-dry. But failure to fulfil a contract obviously isn’t a criminal offence, so your only option is to file a civil suite. Thankfully most countries have small claims courts that cheap and very accessible, but with limits on how much you can claim. Just because the amount of money you’ve lost is above the small claims court amount, doesn’t prevent you from suing of an amount within the purview of a small claims court.
Beyond that, use a credit card. If credit card networks have provided any value in this world, it’s in the form of generally consumer friendly chargeback processes. It’s in there interest to make sure that people feel safe using their credit cards to buy stuff, more purchases means more transaction fees for them.
As an aside, this is one of the users I think everybody should design for:
> I just had my first kid and I was stressed
I often think back to when my nephew was tiny and imagine my brother trying to work a particular interface with one hand while holding a crying baby in the other.
> or italian law it’s considered an “unfulfilled contract” rather than fraud
That's crazy, but the same binary outcomes also exist in US law. Some states make very clear (to civil litigants' chagrin) that closing a sale with no intent to perform is a fraud; others haven't made that so clear; and, always, it's how you explain your situation to the gatekeeper that determines whether you might qualify for one side or the other.
That's what small claims court is for. Hopefully it doesn't happen to you again but if it does you can take them to small claims court. You don't need to pay a lawyer. It costs far less than €1500.
That's what it's called in the UK anyway. I assume Italy has something equivalent.
> Not everybody is mentally sharp 100% of the time to identify a scam attack and fight it back.
Exactly. A point made over and over in "The Field Guide to 'Human Error'" [1] is that when looking at failure, you can't use your current knowledge and state of mind when evaluating the circumstance. You have to look at it with the actual knowledge and state of mind at the time. If you don't, you will fail to find the actual problems and correct them.
Take this, for example:
> You would think that by now every human being that walks the earth would know
I would not think that! That's an unevidenced assumption. It's less a statement about the world than it is a declaration of ignorance. It makes it hard to engage curiously with the reality of the circumstances. Even if it were true, it assumes that having heard something once is the same thing as being able to apply it in all circumstances and all cognitive conditions. If people just stop there, we will never improve things.
Indeed, I think it's worth asking why victim-blaming is such a common reaction to stories of scams. One part is the just world fallacy [2]. Another is the fundamental attribution error [3]. And one that I have definitely been guilty of is that it lets me feel smart. "I, a genius, recognize the specific scam pattern. They, those helpless fools, never see it coming. Ergo, I have once again proved my mental superiority." It's hogwash, of course. But satisfying, comforting hogwash. It took me a long time to realize that it was incorrect and that pursuing feelings of smartness often made me effectively stupider.
I interpreted the parent post as describing a mere "contributing cause", but you seem to be saying the post is assigning moral guilt to the victims. Why? And how can we discuss preventative measures that potential victims of any crime (or accident) can take, if the two are so often conflated?
E.g. is teaching people self-defense equivalent to blaming them for successful physical assaults upon them?
You're relying on the idea that all foreign governments care about their citizens scamming Americans. And it literally takes only one government that doesn't care (or isn't able to enforce for whatever reason) for your strategy to be impossible.
Let's assume the scams are coming from North Korea or Cuba or Russia. You really think that there's more pressure the US apply that will make these countries go "you're right we shouldn't let our citizens scam your citizens"
The root issue it archaic payment systems and banks where a check can take 7 days to clear. In this age a bank check should clean in seconds and funds should not be available in your account until it clears. It should be on the bank to not lie to you about funds in your account.
People always say Russian scammers are safe if they do Cc fraud etc.
This is absolutelly not true, maybe some government collaborators get away with it because it is sanctioned, but the regular joseph will absolutelly go to prison, or be recruited for a war zone.
They do not, but the financial system is the same everywhere in the world, you do not want to be labelled as a high risk jurisdiction by the banks, acquirers and PSPs.
Let us use an example, Moldovian fraudsters using stolen credit cards and kyc docs online, this leads to chargebacks etc.
None of these cards are issued in Moldova, they are issued by american, british, new zealand, spain etc.
These banks often have offices in the countries where the fraudsters reside and they will absolutelly go for the fraudsters, if the word is that their cards and products can be compromised without consequences, they will lose a lot of revenue, customers, trust and reputation.
The government will not tolerate them becoming a high risk jurisdiction because of some carder kiddies, they will totally look them up.
I have friends who know many russian(many are coming to southern europe and russian friendly countries like serbia) friends who tried some stuff like that out of pure desperation, none of them made big money, but all of them eent to prison.
I work in finance and had personal correspondence with some fraudster groups, if you explain to them how you are going after them preciselly, step by step, they will immediatelly offer a truce. I am talking about really highly sophisticated groups here.
I consider myself pretty quick to detect scams, having worked in cybersecurity, though probably no quicker than the average HN commenter. And yet 15 years ago I fell for the “sell products that are no longer available” scam.
There was a keyboard I really wanted but it was no longer being made. However, I found an online shop that had them in stock! I ordered, paid, got my confirmation, and waited about two weeks before complaining that it hadn’t shipped.
Ended up with some dude from the usual geography for this stuff, yelling at me and threatening me over the phone. At which point I realized it was all fake, told him where to stick it and hung up. It was only $100 or so and I was lucky they didn’t do anything creative with my credit card.
The point being, there are lots of circumstances that can make you let your guard down. Thinking you’re too smart to be at risk is probably not the safest position to take.
I let my guard down once, because of a third party survey from actually Apple. Then actually Apple allowed the third party to funnel me onto their third party site. And that's where I suddenly found myself subscribed to a $15 fun recurring weekly quiz. I trusted them, because it's Apple, right? Except it wasn't Apple anymore. And, well, it wasn't fun to me so I un-subbed pretty quickly, but the first $15 were already payed. When I looked into it, they'd hidden themselves through layers of proxies so it wasn't possible to find an office address. And there was ofc no help to get from Apple, because they assured that they were only responsible the third party survey, and not what happened when you where funnelled onwards. I still think this is pretty crappy customer service from Apple, and that cooperating with such a scammy company reflects very poorly on them. Oh, and I still want my $15 back! (Don't worry, it's nothing compare to what I lost on FTX...)
if you're in the US you can reverse the charge, whether debit or credit card, although with a debit card you'll have to be re-issued a new one.
If enough people do chargebacks the payment processor will drop them because the ACH operator representing them will 100% fine the shit out of them if they don't. It's all contractual.
My point is, if you want to put a dent in stuff like this, do a chargeback. Like a union, the power isn't in your action, it's in the action of many.
---
But also, this is why I'm very picky and have quite often refused to purchase something I wanted. I'll trust Walmart.com in a way I won't trust momandpop.com. Unless they're using a payment process that isn't handled by them (CC via paypal, for example) I just flat won't use them.
What's worse is most people don't even consider the risk to calling in an order from a local restaurant for delivery (chinese, for example). They may or may not save your CC information and you have no idea how well those systems are secured. They're probably using a 3rd party, but you don't know who that 3rd party is so you can't even begin to assess that risk.
I'm not a fan of doordash by any means, but they do offer a service here in terms of risk assessment.
> What's worse is most people don't even consider the risk to calling in an order from a local restaurant for delivery (chinese, for example).
if you review your monthly statement, the "risk" is the possible inconvenience of having your card replaced. I don't let it stop me from ordering my favorite takeout, but you do you.
I honestly don't understand your threat model here. from the post I originally replied to, it's clear that you already understand that you can easily reverse unauthorized charges to a credit card. if you're already reviewing your monthly statements (which you really should be, as part of sane budgeting), this is basically a non-issue. you tell your cc issuer you suspect someone has stolen your credit card info, they cancel the card, and you can probably even get them to ship you a new one overnight. it's unlikely things even get to this stage though. card not present with no cvv is already the most highly scrutinized type of cc transaction by the processor.
I guess someone could probably treat themselves to their own monthly takeout order without me noticing for a while, but at least to me, this minuscule risk does not seem worth the mitigations you are taking.
I challenge you to quote me saying I don't order takeout.
Furthermore, many people use debit cards backed by an actual bank account and the vast majority of people can't afford to have those drained in any meaningful fashion without experiencing some severe consequences.
And thirdly, when the equifax breach happened I didn't bother doing anything. Why? Because I do NOT have the attitude that it's ok to be defrauded of money since someone else will pay for it. There was nothing for them to go after.
How did you pay? Did you let it go because "only $100"? Because if you paid by a non-sketchy method (paypal or credit card) the chargeback should be straightforward.
Good point, but at the time I didn’t think of that. I’ve never done a chargeback, which is probably a testament to my banks’ fraud detection.
For $100-ish, and a good couple weeks since I made the payment, getting my money back wasn’t the main thing on my mind. Which, again, is an example of circumstances clouding your judgement. I was mostly just pissed I wouldn’t be getting the keyboard.
I did try a complaint to the BBB since the shop was (probably not really) listed there… from which I learned how useless the BBB is, so I guess in the end I got something for my money after all.
> This post seem to blame victims for the problem, and that is not fair.
Guilt is not zero-sum. A killer gets 20 years, but a group of 10 people conspiring to a murder get 20 years each, not 2 years each.
It's perfectly possible the scammers are culpable to the maximum extent, while at the same time there is a smaller but consistent culpability on the part of the victim.
Totally not blaming the victim, just surprised that knowledge about these scams and how they work isn't as widespread as I'd have expected. We are grateful OP posted here and spread that knowledge a little further. It's a shame that these things don't just get taught to schoolchildren--too many people learn these things for the first time as a result of being victimized.
Suggesting people arm themselves with knowledge and use that knowledge for prevention is not really the same thing as assigning blame.
> The problem is not victims, the problem is scammers
but the solution isn't on the scammers side only, there are a series of circumstances on both sides involved that cause these things to happen.
if people weren't desperate for money, running out of alternatives, they wouldn't need to perpetrate these crimes, nor would they fall for them as often.
> if people weren't desperate for money, running out of alternatives, they wouldn't need to perpetrate these crimes, nor would they fall for them as often.
It's naive to think only the destitute perpetrate or fall victim to scams. By that logic, people like Bernie Maddoff or (allegedly) Sam Bankman-Fried wouldn't exist.
I’ve worked many years in fields adjacent to scams and fraud. I’ve seen many different kinds, especially romance and financial scams. This knowledge doesn’t make me more confident about avoiding scams, it’s made me realise that anyone can be scammed regardless of knowledge or intelligence.
Scams are about identifying what the victim really, really wants and offering it to them with some constraint. Some people are desperate for a job, for money to make ends meet. That desperation short circuits their common sense. I’ve seen successful romance scams that were so obviously scams. Even if you were in love, why didn’t you think twice about sending $10k the second time?? Neither of these would have worked on me because I’ve never been desperate for either of them.
That doesn’t mean I would dismissively talk like you did, saying no one should fall for them. I can be scammed, it’s just a question of finding what I’m desperate for and offering that to me, maybe with time pressure. In that situation I would ignore obvious red flags like a business asking for gift cards.
I need to be successful every time, the scammers need to be successful only once.
Victims of the gift card scam don't really think that the government wants you to pay your fines/taxes in Google Play money. The implication is that a government employee will make the problem go away if you pay them under the table. The victim is being made to feel that they're a participant in the scam, which makes them less likely to report it once they figure out they're getting cheated.
I've watched some scambaiting videos and I never see it approached like that. They do sometimes inoke avoiding taxes to get targets to buy gift cards or mark a transfer of money as personal.
That people buy gift cards at all boggles my mind. You're buying a currency with less versatility (and hence value) for 1:1. Where I live, we have perfectly fine government-issued bills to gift if that's your thing. Somehow, that's considered a bad present? Because it's lazy? Because it doesn't show your opinion on clothes brands? I don't get it, from the consumer's perspective. To the shop/mall it's a clear winner, since you know some receivers won't use their cards. It's a proper arbitrage to them.
This is one more very good reason not to indulge the insanity that is
a "cashless society". If you let go of those government issued bills
be sure that in no time at all you'll have nothing but fragmented,
private "smart" currencies each hobbled with its own insidious
restrictions.
Maybe. It's easy enough to send money to someone using the phone these days, so I'm not sure cashless would lead to gift cards here in Switzerland (or my native Sweden.) But I agree it's not a very fun package to open when it's just a promise to use Twint/Swish to transfer money.
Oh, maybe the real use for gift cards is that the receiver can't haggle. "I know you wanted to give me $200, but how about we make that an even $500 instead?" :)
I mean, I don't really see that happening. Sweden is for all intents and purposes cashless these days, and I don't think we have more giftcards now than we did in the 90s when cash was commonplace.
To clarify about the cashlessness of Sweden: cash still exists, and you can still get government printed bills, but many places have stopped accepting them, and these days whenever someone has non-foreign cash it becomes the topic of discussion: "why the hell do you have those?"
Honestly I don't know that they're useful for anything except donating to homeless(and even they usually have swish these days) or buying illegal drugs
I had a debit card when I was 14, but I think you can get one even sooner if your parents sign off in it. I think one of the reasons I didn't get a debit card sooner was because when I was a kid, cash was still relatively common (yes, I'm old - I remember using cash in Sweden!)
In France, when I was a kid, there were some cards you could get that are usually for kids. They actually belong to the parents, and are attached to their accounts. I think it's also fairly limited in what amount you can pay, and doesn't draw from the main account but needs to be "topped-up".
I've never had one, though, so I don't know the specifics.
Apparently, BNP Paribas (one of the major local banks) now has a "teen offer", for people 12-17 yo. This seems to still be attached to the parents' account with the same bank, but the kids get to "manage" the account.
Whether the form is electronic or physical is irrelevant to my
argument. If you read it again carefully you'll see that it's about
state-backed versus private currencies. Don't let the technology
dazzle you.
In a way they are, the difference is that they have the issuer network and banks' reputation behind it and so the number of shops that accept it is not a singleton set.
Isn't wedding gift being cash the standard thing? Do you bring gift items to weddings?
I always thought the standard of bringing cash to help them pay back for the cost of the event was standard everywhere. This is a Jewish thing?
It kind of explains why weddings in Israel are so expensive, I heard it's almost cheaper to buy flight tickets to buy wedding dress in another country.
It's not the standard here. In person and in media, there's a table full of wrapped gifts for the bride and groom. While I'm sure nobody would turn down cash, they wouldn't feel as appreciative of it as something that was bought with them in mind. Especially things that they'll still have 20 or 50 years later, and it brings back a memory of their wedding.
It's very culturally specific. Definitely not WASPy normal in the US.
Traditionally, people often registered somewhere like a department store or a kitchen goods store. Some of the function of gifts was historically to get a young couple moving out of their parents' houses a start. Of course, these days a lot of people are pretty well set-up before they get married.
> In order for a gift to serve its social function, it must be specifically matched to its recipient.
That's tricky though. Often enough, people really don't know or think enough to match properly, which causes the gift to end up being offloaded somewhere else later, and/or breeds silent resentment.
It's not just when people don't know what the recipient is interested in, but importantly, when they think they know, but don't understand that you shouldn't buy something related to someone's interest/hobby if you yourself aren't comparably proficient in it.
> Cash is not specifically matched to its recipient.
In some sense, it's maximally matched to every recipient, by virtue of being universal. Question is, is the gift supposed to be about recipient, or about the gift-giver? Super specific gifts are often about the latter.
My mom recently revealed to us that as we became adults, they specifically bought from places with a cash return policy, and bought us the most ugly, useless thing they could find there.
Yeah OK but then there are 100s of other general principles you need to know in life. Calling someone stupid every time someone doesn't follow one of the things that's obvious to you is not constructive. We need things like this to go public to avoid them from happening, and shaming victims doesn't help here. The author is already extremely apologetic in this post, and still there are people saying he's stupid for almost falling for it. I am usually quite rational, but I've done some pretty stupid and embarassing things at times where I was not thinking everything through. I imagine most people have.
Imagine you go to vacation to Paris, take an evening walk and get mugged. Your attitude is like the local saying "what an idiot for walking around in that neighborhood at night".
I think the part that makes it more difficult to detect that this is a scam for someone that never encountered it is that it relies on the difference between real money in your account and "money" that can vanish at any point, you just don't know it. This is a case that most people don't encounter outside of this kind of scam. Another unintuitive part is that even if the rules of the bank say the money is yours, it actually isn't if it came from a third-party that was hacked/scammed/whatever.
The gift card thing is something that should trigger an alarm even if you never heard of it.
I believe she was targeted by the ruling political party, who have a history of harassing and doxxing their critics, (or the current indian government itself) to demoralise her and besmirch her reputation as a journalist. And that happened. She is now attacked by her critics for her "naivety", and ridiculed by them, and she went into depression and took a break. (It all points to that as she was never asked for any money, as is is usual with these kind of scam. )
I seriously doubt that they would waste their time on this. They have much more powerful tools at their disposal.
1. Aatish Taseer: His OCI card (something like dual citizenship, but not quite) was cancelled. He claims he's been told not to even attempt to visit India ever again.
2. Rana Ayyub: she created a donation website and got clobbered with tax evasion.
3. Numerous NGOs: including Green Peace and Amnesty have had their licenses revoked.
There are many more such cases, but off the top of my head, these jumped out.
I mean, its not all that common. I don't get checks that often, almost everything is handled electronically. But checks are still a way to distribute money physically that isn't cash, so it serves some purpose.
Most Americans (especially those under 30) do not own a checkbook and don't know how to write a check. That is part of why this scam works. 20 years ago Checks were common enough that every adult understood that Check's aren't real money and people would be more cautious until it clears.
But the fact that now everything is instantaneous, Checks are maybe the last exception to that. So someone with no knowledge of checks might assume that it is "real" money. I think few people understand the differences even between a cashiers check, a personal check, and a money order.
Luckily Banks are more aware of these scams and tellers have been trained to ask A LOT of questions about wire transfers before executing them. It sounds like in the posted article, that OP actually got a warning about this from the banker how this is non-reversible. But again, even OP admitted that he had never completed a wire transfer before. I've only ever made 2 wire transfers in my life (and I'm 36) and both were to buy a house. Few Americans have complete a wire transfer and probably don't understand the implications of it either.
So I think this scam actually preys and relies on the fact that little knowledge exists of wiretransfers and checks.
Like another person said, the decline of checks in the US is probably much of the reason why these scams are taking off. In the 80s or 90s everyone knew of the possibility of "writing a bad check". My local stores would even have lists of people posted at the checkout who they wouldn't accept checks from due to writing bad checks. Even if didn't use checks back then, you'd be aware of this possibility. But now, younger people are not as familiar with how they work.
Checks are a brilliant idea with a terrible implementation.
Idea: physical financial instrument with a specified payee (OR a bearer instrument, using the same format!), with a completely unconstrained denomination, which the payer can draw up on demand and in the field.
Implementation: reveal enough information about your account that anyone can "authorize" arbitrary transfers; take weeks and weeks to learn whether the funds are actually available and there's absolutely no way to convince your bank to reveal whether the transaction is verified, at any point; etc.
this one was delayed because it was sketchy.
I deposited a check using my bank's app last night after my bank closed and it cleared in about 20 minutes.
Every day somebody is born who hasn't heard one of these stories! And honestly one thing about life is that you generally are slowly building up trust with people, and then can be asked to do things that are totally legit all the time.
Of course skepticism is required, but I know a lot of people who got dealt a lot of shit by their (real) employers simply by not understanding what is normal or not, as it was their first job.
This is slightly different to most. Would it have got this far it is was a cold contact? Probably not.
What this group did was lure someone into thinking they're part of a company as you're more likely to do what your employer tells you and you're far more likely to trust your employer too.
It probably pays off for the scammers to spend time this way as they probably get a much better conversion ratio.
I suspect that given enough effort and the right circumstances you too could be scammed. And that's pretty much the problem: scammers have near infinite time to set you up, it's their day job after all and you have a limited time to verify their bona fides.
Delta airlines gives gift cards as payment for volunteering on oversold flights. Really doesn’t help dissuade people from “$50 Panera Bread” gift cards from being involved in transactions not involving Panera Bread.
In general, a commercial entity will rarely use a free email service like Google mail. And the ones that do, are too small to keep you employed very long.
And yes, these scams show up anywhere there is no traceable financial history to the advertiser. Also, did you know using a staffing agent is pretty much a guaranteed %15 to %30 pay cut from if you applied directly to a company hr contact. Note too, that once you use a staffing agent, that often your CV can no longer be considered when directly submitted to a firm that also recently posted on the agents service.
Asking employees for money sounds like a ridiculous premise, and rather cheeky if it is normal in your area.
Not losing anything but coming this close to getting scammed can feel very embarrassing. Thank you for putting this up to warn others. I can tell from the intro that you still feel duped. Yeah, it seems obvious in retrospect, but it really is very understandable. We want to believe it’s true so badly that we’re willing to look past all the red flags.
I haven't gone through all the comments, but am I the only one in here who doesn't want to read past 2nd email? If someone sent me some shady email address, then that shady email address sent me a message saying, "Hey it's me that shady email address owner, but I can't get to it, so I am using ANOTHER shady address."
Someone convince me this post of his is not a waste of time.
Yeah, I don't know how I would have gone past that point. There's also the weird capitalization of words after commas and "Screening Test/Interview Questions" and if you do bother to make it past email two it changes to "Screening test/Interview Questions" and really bad grammar in general.
Those kinds of silly mistakes are nearly intolerable on resumes, why would it be acceptable for a hiring manager or HR to communicate using horrible grammar?
I've been thinking about this more, and I wonder if it could be related to what the "advance fee" or "inheritance" scammers do. Basically, they make the email as ridiculous as possible because it weeds out the smart people and leaves them with those who would genuinely fall for it.
(I am not calling the author of this post stupid, btw. I'm just making an observation.)
Yeah, I read the post thinking "how on earth is this guy still falling for it? Everything about this screams scam, scam, scam, scam. Is he stupid or something?"
If I'd come this close to falling for such an obvious scam I'd be embarrassed to tell anyone it happened at all, much less publish a full transcript.
It's a waste of time. The idiot fell for the most obvious of scams. Apart from the fake email addresses, the first line of the first email reads: "Our company AutoNation received your resume and application in respect of our job posting". That weird phrasing just screams scam. Every conversation with the "company" after that gets worse and more scammy.
For everyone who is commenting on the grammar/spelling mistakes, this is on-purpose. It dramatically increases the positive predictive value of their scam (i.e. the probability that the victim they have messaged on day 1 will go through with the wire transfer on day 5). It does this by pre-filtering the general population for gullible individuals.
Yes, because it is worth noting that there is a tangible investment being made by the scammer here. They have to know that there's a decent chance that the victim follows-through on the scam.
At a minimum there is the cost of the fake check itself (which looks pretty good to be honest) and the cost of the overnight UPS envelope. At a minimum I'd imagine this is a $25 investment on the scammer. If the victim gets cold feet (like OP) and doesn't go through with it, then the scammer actually does lose money here. They are making a real tangible gamble when they send the check that the victim will fall for it. I realize $25 isn't a lot, but they wouldn't want to just send this out to everyone. So there needs to be some level of filtering to give the scammer the confidence that the victim will follow-through.
The bad grammar is intentional. This is often cited as a way to think that the victim is "stupid", but thats actually not true. The scammer is assuming that the victim will know the grammar is bad and actually notice the mistakes. The scammer isn't looking for someone who doesn't notice the bad grammar, they are looking for someone who is willing to overlook the red flag that the bad grammar represents. If they are willing to overlook a major red flag like that, then they are more likely to overlook smaller red flags later on, making them more likely to follow through. OP is a great example of this as they state at the beginning that they noticed the bad grammar from the start, but were excited about the opportunity and overlooked it. Even someone with only high school education would read this and naturally notice the bad grammar. But overlooking it is what the scammers want to see.
I also think it's important the line where the scammer asks OP if he has ever done a wire transfer before. When OP says they haven't then the response from the scammer was "Ok do it NOW". Again, they want people who don't understand the un-reversible nature of wire transfers. A lot of people naturally assume that all banking transactions are protected like credit cards (and to a lesser degree debit cards) are. Someone who has never made a wire transfer is likely to not understand this, which is great news for the scammer. A natural response from a co-worker if they asked you legitimately (for some reason) to make a wire transfer and you say you didn't know how, would be to offer to explain how it works, not rush them to do something that they just admitted they know nothing about.
There's this magician called Jamy Ian swiss that I often watched. He would do a card trick and fool you. Then he tells you how he does the trick, and still fools you. It doesn't matter how much he tells you, you'll still get fooled because "Nobody thinks that magicians will work this hard to fool you."
These scam tricks still work in 2022 because we think scammers are always on the nose. We never think how hard they will work just to fool us.
Yeah I've encountered at least a couple of recruiter companies who were really weird and gave me bad vibes and decided not to continue with them, trust your gut, what made me think twice about these recruiters:
1- Unusually bad English (Not talking about normal immigrant English like mine, but like really bad, no way someone hired this person to recruit for these kind of positions).
2- These `recruiters` talk in very low volume, I had to tell them to speak louder, my guess is that they are in an office with a lot of people doing the same.
3- They ask you about weird stuff in their e-mail communication, like sign something in early phases of interviewing.
4- When tell you when they will call you and the number is flagged as 'SCAM LIKELY' then they tell you to save the number, super red flag
After that I googled the companies / job postings and were super generic with bad reviews in glassdoor.
Do you trust any work related email sent to you using a gmail account? Cause I absolutely don't. I work in a very very tiny startup and even this guy sent me the acceptance mail through his company site.
Nobody in any kind of business uses @gmail.com. Maybe some Etsy person selling out of their extra bedroom, but that's it.
Domain names and email hosting is too cheap to use gmail for business. Even if it was a legit business, I'd stay away if they couldn't be bothered to do that minimum.
It's not just the use of @gmail.com, it's the fact that it's clearly an autogenerated address with random chars that tripped me.
If it was claiming to be a small business from companyname@gmail.com, I'd be less suspicious - but a large corporate not using their own domain for mail, the email address itself, and the then switching to a second email address are all giant red flags for me.
It is quite common among US businesses that are not large enough to afford a dedicated IT department and do not want to spend too much on a MSP. Not the kind of company that would be offering this kind of job, for sure.
In my life as a contractor, I've only seen one company exec use an icloud.com email account for work related communication. So, it's very unusual but at least I've seen one legit use case.
> Are cheques even used for anything except for fraud anymore?
Based on the cheques spelling I guess you're not in the US.
Checks are very common here, I write them every month. In theory I could pay my water bill by credit card but their payment portal is so randomly broken that I save a ton of headache by writing a check and dropping it off at their payment box. My office lease only takes checks. Various other rentals mainly only take checks or they charge a fee so I save money by giving them a check. Anything government-related is either a check or a big additional fee, so again I write them a check to avoid giving away extra money for no reason.
Checks are actually super convenient and more trustworthy than most alternatives. When paying, sending a check costs me a stamp which is far less than the credit card fees most places charge, or sometimes I can drop it off for free.
When receiving one, in most places it can be deposited by just taking a photo, doesn't get easier than that. Most importantly, I don't get to be another victim of the "$PAYMENT_PROCESSOR froze my account and stole my money", whether it be paypal or any of the other ones.
> When receiving one, in most places it can be deposited by just taking a photo, doesn't get easier than that. Most importantly, I don't get to be another victim of the "$PAYMENT_PROCESSOR froze my account and stole my money", whether it be paypal or any of the other ones.
If only there was a way for people to transfer money from their bank to someone else's bank... They could call it "bank transfer", and it would solve all these problems!
> They could call it "bank transfer", and it would solve all these problems!
Yes, it is ACH, which is what a check is. One doesn't need to physically have the piece of paper to make it happen (which is why you can deposit a check with just a photo). Either way it's just ACH.
I live in the UK and if a business or person wants to receive money, they just give out a bank account number (6 + 8 digits) and name. This number can't be used to withdraw cash, deposit cash or paper checks, or any other purpose. It doesn't get more convenient than that. Pretty much every other country works the same, except the US.
I have a rental condo and have to send monthly payments to the property management company for things like HOA dues. The property management company doesn’t know how to send out a plain text email. Every email is a Word document followed by a jpeg of the Word document. There’s literally no text in the email so I can’t copy/paste things like the call-in number for the monthly meeting.
This same company strongly encourages us to use their “payment portal” to pay our HOA dues. They, of course, charge an extra few percent on every transaction. That’s annoying, but given their inability to properly operate email, I can’t imagine how insecure their payment processing is. Even if they’re using some third party system, they probably have it configured incorrectly. So yeah, it’s a check in the mail every month.
All of my regular bills in the UK (mortgage, energy, water, internet, insurance, debt, probably some others I'm forgetting) are deducted automatically from my bank account every month. I don't have to think about it all - and there's zero possibility of nuking my credit score by accidentally missing a payment.
Having to remember to write a check for each bill every month sounds like an enormous (and enormously unnecessary) inconvenience. Is there really not a better option in the world's richest country in 2022?
Because of the quirks of the US banking system, my personal philosophy is that no one gets to pull money from my accounts. I will push payments for my bills to the various providers.
My payments are still done electronically but I have to go into my bank's BillPay service and direct the amounts and payment dates for each bill. It's a bit more work but it also means far fewer surprises or errors to clean up. I already reconcile my accounts on a weekly basis, so it's only an extra minute or two to set up the payments for the coming week.
> All of my regular bills in the UK (mortgage, energy, water, internet, insurance, debt, probably some others I'm forgetting) are deducted automatically from my bank account every month. I don't have to think about it all - and there's zero possibility of nuking my credit score by accidentally missing a payment.
Sometimes, vendors may support doing a recurring ACH transfer out of your account for the total of the month. In terms of mechanism, this is exactly the same as a check which is also just an ACH transfer out of your account. Not all vendors support this.
There is increased risk, however. By giving them blanket authorization to deduct whatever they want out of your bank account you now have the risk that they might get it wrong and deduct too much.
If you have enough money in the account to absorb the difference it'll eventually get sorted out. But what if you don't? Your balance may go to zero and all those other recurring payments get rejected and you'll get hit with tons of late payment fees and you'll be stuck with those. So you might nuke your credit score with all those late payments that weren't even your fault.
My absolute preferred approach is to do auto-pay to a credit card. That way I'm insulated from risk (at least in the US, credit card laws strongly favor the consumer; perhaps the only laws in the US that favor the consumer so well). Any mistakes in the system are not my problem and can't impact my balance.
But for vendors who can't bill to a credit card or charge too many fees to do so, the safest approach is still a check.
Direct debit is available (and is very common) but not all vendors support it. Anecdotally most younger people use automatic methods for recurring payments whenever possible, and write checks for one-off purchases, like paying repairpeople. Older folks write checks for everything because that's what they're used to.
I'm not sure if it's an age thing but I live in the US and am mid-30s. I rarely, if ever, write checks. The only time I interact with checks is as a gift and I'm cashing it. Writing checks is a smell - if I can't use Zelle/Venmo/etc, it's an issue.
But by doing that you're imposing the risk to the seller that they may lose their money when paypal/zelle/venmo/etc freeze their account and steal their money (see frequent recurring threads right here on HN of this happening over and over).
I realize as a payer it's not your problem but something to think about.
I've paid rent using cheques to multiple different landlords within that time frame. US and Canada.
I've received money from the Canadian government using cheques in that time frame too, but admittedly you could just special case the government.
I've received prize money from a university run contest during that time frame using cheques (barely in the time frame, small sum of money), and I know others who have received prize from privately run chess tournaments using cheques (I think the latter just because it's a cool souvenir).
One problem with any other form of payment in the US is that there are no useful laws about limiting fees for different payment types, unlike in Europe. So everything paid for with credit cards is now a minimum of 3% more expensive than the listed price. Some places up it to 5% to cover their fees to payment processors like Stripe, Square, et al.
Once a month for the water bill, because the city charges extra to pay online with a card. I think there are rules that say they have to?
A year or two ago when we had a tree service come out to trim some things. Before that, when we had a fence redone. Both of those were smaller local companies.
Here's a question, where you are, does "Direct Debit" exist?
In the UK and here in Australia, when I set up a utility account I get a message saying "why not set up a direct debit?", which means that a transfer goes straight from my account to theirs at the alotted time each month, for the amount of the bill.
You get your usual bill usually a week or two before the debit goes out so you can make sure it's OK well before the transfer, and the debit process is guaranteed to return the money to you in case of a dispute. You can go into your online banking app and cancel any/all direct debit authorisations whenever you like.
We have it, but I don’t trust companies not to fuck it up. I don’t want to allow the 5 or 10 companies I pay monthly fees to to each have the keys to withdraw money from my account. I mean we’ve seen what happens with tech companies like PayPal and how they screw you over. I’m not letting the local electric company have that kind of access to my account! One billing error, hack, or hidden surprise fee, and I could be wiped out.
In Sweden we have direct debit (autogiro), but we also have e-invoice (e-faktura), which I prefer and think it's the best of both worlds: the invoice and the charge are sent electronically to your bank (usually ~3 weeks in advance), and you approve with one click -- scheduling a transfer of that amount on the due date. That gives you the chance to verify if everything is correct before you pay, and does not give the company any permission to withdraw funds from your account.
This is what I usually do: (1) check my bank 1 week before the end of each month, (2) eyeball the amounts for all e-invoices, (3) approve everything with a single click.
One billing error, hack or surprise fee and you’re one phone call from having it reversed under the terms of the direct debit guarantee. In the countries I’ve lived in.
I’m in the US for what that’s worth. What you’ve posited assumes you can get someone on the phone which is no small task these days. Also, keep in mind that something like 60% of Americans are a single surprise $500 expense away from going into debt[0]. (Luckily I’m not one of them.) But generally, it takes weeks to months to get your money back if something like this happens, and that assumes everything goes well, which it rarely does.
The UK direct-debit guarantee includes the provision that you must get a full and immediate refund on error, to prevent this sort of thing, and while I'm sure it doesn't always work as smoothly as you'd want, they are very commonly used and not a great source of complaints.
There are only ~350 million in the US. The others are elsewhere and don’t suffer the same weird banking issues we do. That said, I still pay electronically, I just do it manually. I go to my banking site and enter the amount on my bill, which I’ve checked to make sure it’s accurate.
I just paid the US State Department via check for passport renewal. Also, I expect to use my checkbook later this year to buy a car. Overall, I probably average 2 checks per year. (though I do expect that to decrease to 0 in the next 5-10 years)
We pay for stuff by check all the time; as a Canadian business with vendors in the US, it tends to be the most convenient and inexpensive way to make payments of significant size. Our bank in the US has a feature where it will mail a check to anyone in the US from your account, free of charge (aside from the funds being sent, obviously). Certainly seems bizarre that sending a physical piece of paper through the mail is free whereas moving some bits around is expensive, but that's how it is!
Most bank accounts in the U.S. have this feature, it’s called “online bill pay.” They do actually pay larger companies (utilities, mortgage, corporate landlords, etc.) via ACH transfer. But for any biller not so set up, they just mail a paper check.
But looking at the last 2 years - hardly written any cheques (checks).
But I do receive checks. From mortgage refinancing company, from escrow, from FSA/HSA (probably could get it electronic, but I have failed twice to get this set up, and now I do not even bother), and recently some ROTH conversions since the company refused to do bank transfers any more so they make me receive and deposit checks.
Sure. Buying and selling stuff that's "deplatformed" by Paypal / Zelle / Venmo (nothing illegal, their lists of prohibited items are as long as they are silly). Paying roofers and other local contractors who often aren't set up to take credit cards, especially if you venture outside a major metro area. Paying for a car without financing. Refunds from my own bank.
My council tax refund from my previous council when I moved house this year could only be sent as a cheque. I found this so strange I made an FOI request to try and work out how much additional income the council was making from uncashed chequeues.
Cheques are a very useful and quite secure method of transaction
(because all the security work and processing framework to prevent
cheque fraud has been in place since the 1970s).
They are slow. That's the point.
They are essentially a two factor method of instruction to your
bank. Legally (in Britain at least) one can use any reasonable method
to give instructions to ones bank. Banks that want to "phase them out"
because they are "too expensive and slow" are derelict in their
function and should be hauled over the coals by trade and industry
legislators.
Yes, frequently. My rent, water, and electric bills are paid by checks I send through my bank online, and I have hand-written checks to pay various taxes, donations, and the bill for my eye doctor. I receive checks from a tenant to pay rent, from contract work, tax refunds, and reimbursements for stuff I pay for in some of the organisations I belong to.
In fact, counting both my personal accounts and the org account I'm treasurer for, I've probably sent or received two dozen checks just in the last month.
Yes, but even 20 years ago people were incredibly suspicious of checks, and that's only gotten stronger.
I get checks as refunds or payouts from companies a few times a year, and it's weird every time. I gather that they legally have to pay it out and can't just credit your account, but I'd rather they do the credit. It'd be safer for everyone, and if I cancel my account they could just cut a check then.
- The US Treasury sends refund checks and also sent the stimulus checks to me.
- I paid my rent by check when living in Manhattan 9-10 years ago.
When you ain't doing it frequently enough, it's frustrating. (edit: it's more friction given I live outside the states and the bank I have now requires phone-based 2FA to login to the internet bank, but at least it is infrequent enough to not worry too much)
I've never written or deposited a cheque; I don't know that I've even seen one. But checks are alive and well in the US. Contractors like them, I've written them to myself to transfer money between accounts when electronic transfer restrictions are too painful, etc.
You may as well start spelling it the US way, because we'll still be using them ;)
Can cheques in USA be cashed out? I mean, can a contractor take a check to any bank and exchange it for cash or do they have to be paid into an account (and money accessed 3-5 days later)?
I only ask because usually contractors want to avoid cards/back transfer did they don't have to declare the income and can do tax fraud.
Back in the 80s in UK you could "cash a cheque" meaning take it to a bank and get cash. Chequebooks then were printed as "crossed cheques" which couldn't be cashed [easily?]. Then by the 90s one wasn't guaranteed to get the money unless a "guarantee card" had its details copied onto the cheque -- for which an imprinting machine was used (still a valid technique about 10 years ago).
Checks can still be cashed in the U.S. either by going to the bank it was written on, or to a “check cashing” place that tends to operate in the poorer section of towns, near pawn shops and rent to own furniture stores. Those places charge rather outrageous fees, but they’re taking fairly large risks of being scammed relative to a bank.
In the U.S., a lot of places that take payments, including state and county government, only take credit card payments through processors that charge additional fees. I've seen as high as 5% with a $50 minimum. But if you pay with a check, no extra charge.
Not in the U.S. The interchange fee alone is at least 1% for a credit card, typical all-in fee to the merchant is 2-4%. Checks cost almost nothing in comparison.
In the last couple years, I used to use checks pretty frequently to transfer between my personal and business bank accounts with different banks. It was the easiest way to do it without fees and was reasonably quick (used mobile deposit).
I still get cheque payments from various government departments for rebates. My most recent one was a £3 cheque for an overpayment when renewing my driver's license by postal order... That was an arcane transaction.
For example in Spain they are the de facto payment method for real estate purchases, even though most people have not even seen a check in their lives.
Edit in case a simple answer is viewed as stifling discourse: I probably write around 20 checks per year. Mostly to local vendors/laborers or for youth fundraising activities. I receive checks for fundraising activities that I host. Venmo is basically the same, and getting more common.
I think it's quite simple: If you are starting a job, the company pays you. Never ever should you spend a significant amount of money before receiving the first pay check.
Yeah, but on business trips this is usually the reality in big corporations. Quite often even the company credit card is deducted from the employees bank account. And you need to get the money reimbursed with the receipts. If you do it fast enough you may get reimbursed before your credit card invoice is deducted from the account.
One thing what does not help is that legit companies and businesses act as scammers. I receive also a valid calls from companies and email which look 100% as scam.
Just recently I got call from hospital about upcoming my procedure (I did not answer — all unverified calls go to vmail) and when I called back the hospital and they had no clue.
But it was a valid call: they outsourced all these things to company x which outsourced that to company y. All they cared is that company which does this have HIPPA compliance - all other things (unverified phone numbers, central system, etc.) whatever.
Sorry, but Your case with hospital, is very similar to typical corporative chaos, when because of CAP theorem (corporations are distributed systems by definition), information delays unavoidable, and one department already know information, and others have no clue.
Pretty common scam, and one that I've run into multiple times, including at the very start of my freelance IT work right out of high school. In that case, a "business" wanted some computers fixed, but they needed to be released from some courier. The "business" stated they would send a check for me to deposit, and that I would then pay the courier on my end to release the hardware to be delivered for me to repair and send back. I hadn't seen this scam before, but I knew something was fishy; after all, if they're able to write me a check, why wouldn't they be able to pay this courier themselves? I stood my ground, insisting that delivering the hardware for repair was their responsibility, and theirs alone. The "business" sent the check anyway; I shredded it and ghosted them. I only learned later how common such check-bouncing scams indeed are, and how big of a bullet I had dodged.
Oh no! Even after the rude awakening they’re still erring on the side of trusting.
At least put a credit freeze on. It’s easy! What’s done is done so no sense beating oneself over it or worrying, but take precaution!
>”They have my drivers license which contains a lot personal information but eh... proably somewhere based in india or something, I dunno.”
While hopefully not likely the worst case scenario can be a nightmare but doing two new actions now can help. 1. File a police report! 2. Put credit freeze!
And a third action that everyone should do, request the free credit report a couple times a year and inspect. But makes sure it’s the legit site and also free.
The scammer rents an Airbnb (or similar) and makes an excuse why they aren't present for a tour but gives you a pin/code for a key box. Then they tell you that all furniture (it's an Airbnb after all) can be put into storage on the "landlord's" dime and you don't have to pay anything. In the end after you signed they take your deposit and ghost you. This can be done multiple times with the same apartment, even on the same day.
Some Airbnb owners reported that they had multiple families with trucks full of their stuff arrive on the same day to move in.
What would be useful is a clear explanation of the workings of these scams - I mean it took me halfway through this thread to work out he was pressured to repay an uncleared cheque.
And the "sex in your area" scam someone mentioned - I simply assumed that sort of thing is real (some kind of scuzzy meetup thing) as opposed to a scam (not sure how it works - presumably pay up before getting the number of the gorgeous woman who wants sex now! Admittedly cannot see a big difference between that and reputable dating agencies :-)
So yeah a public safety website for scams might be useful.
Two of my friends got the same email upon applying: offer to interview, PDF interview, offered job position, asked to sign offer letter, and offer to send a check.
It easily stood out as a scam, as I have read tons of similar stories on reddit.
What stood out to me is that they had applied on Indeed via LinkedIn, yet gotten into this scam loop. As Indeed a reputable place, curious, I applied to the same position but was rejected in a day, and my rejection letter came from official AutoNation address.
Indeed sell access to candidate information uploaded to their platform (including contacts). Can't remember whether it's clearly communicated to candidates or opted out by default or not, but there's a use case for that service and I've helped make legitimate hires using it before.
But for the scammer it's easy enough to quietly use an Indeed business account completely unrelated to their scam, buy a bunch of resumes from people who have actually applied for jobs in a certain field on Indeed, and contact those candidates, pretending to be a different business that posted real job ad for that job on Indeed.
It also helps that Indeed users tend to one-click apply to large numbers of jobs so might believe they actually applied to that specific job, or otherwise trust some clever job-matching stuff is happening with their resume. Especially since most of the time it'll be their actual resume the "employer" responds with, not just their LinkedIn profile info
I don't see what Indeed and Autonation have to do with you being scammed. Autonation looks like a legit company that the scammers impersonated.
There are numerous giveaways and red flags in the process, the major one is them using a non-corporate e-mail address. I interviewed with dozens of companies, that never happens.
Also there are many spelling and grammatical errors, no serious company will present itself like that.
A basic search reveals that Marc Cannon is EVP Chief CX Officer at Autonation. Do you think he is involved is hiring engineers so early in the process?
One round of interviews to get hirred? Sorry, that never happens either (unless you work in crypto).
Asked to pay for equipement in order to start work? Again, that never happens.
Also, you transfered money to Destin Ellis? Why is that not a company? Where is the invoice? Why does the equipement go to them and not to you?
Also, the offer letter is signed by Manfred Eissner which is a Brand Designer (on a simple search on LinkedIn) and not the CTO of the company. Not to mention that CTO's are not botherer with these offer letters usually, it's the head of HR who deals with these.
Also, an offer letter is much longer and detailed.
Some basic reasearch would have stopped you from getting scammed. I'm sorry that this is not what you want to hear, but scammers usually throw the bait and the most desperate buy it. What you show above is that you are not experienced with the workings of a corporation and were quite desperate to get hired. Try to recover the money by contacting the bank and after that maybe it's a good time to reflect why you fell for this trap and how to improve your reasoning in the future.
I think you're in the U.S., and if so immediately freeze your credit so that they can't take out new credit in your name. They seem pretty motivated and they have a lot of your identity information. You can learn how to freeze and unfreeze your credit for free at https://www.nerdwallet.com/article/finance/how-to-freeze-cre....
Then pull all three of your credit reports to check for anomalies. You can do that for free at https://www.annualcreditreport.com. Right now you can do it for free every week. In non-pandemic times it's once a year. Do NOT agree to any upsells for additional features or protection to get your free report; it's not required to just get your reports.
The bad grammar was a tell for me - did not even come close to being plausibly from a native English speaker. That said, I can understand how someone who very much needs/wants a job could could fall prey. I hope things work out for this guy.
11. I saw a ton of red flags in regards to grammar and spelling but brushed it off, maybe it was just some foreign recruiter, whatever, I make typos all the time
That's part of the scam though, it's made on purpose
I got scammed twice in my life by people from the same country (will let you guess the country). What bugs me the most is the people blaming the victims (oh how can you fall for that..) which gives some sense that scammers are "smart", when they actually exploited/abused the most valuable thing in a
functioning society: Trust, that would drag the society way back because now you can't have nice things, you have to doubt, distrust everything you deal with.
Very revealing how self interest can blind a type of person to an obvious scam. This guy got lucky but they almost had him. I can’t help but think of crypto.
These people are the same ones targeting the elderly. Now they’re targeting people in financial distress who have no real work experience in a corporate environment. These scammers are garbage because they specifically target the weak and vulnerable
I’m glad that OP didn’t fall for it, and I’m impressed that he would publicly post a detailed account despite the embarrassment. It’s a nice public service
Maybe if all company data was in git(hub) it could help check who adds a company, and from which source come the jobs https://github.com/joblisttoday/data
I think recently I dodged a scam too, i had an interview with a guy with camera off, website without tax code and all blanked off whois for the domain website
The twist was the check was to cover his purchase of computer and supplies for his home office and after he deposits it he is told to wire $8,000 to a vendor for the equipment. Implied threat is that he is stealing from them if he doesn't wire the money.
Of course even if he waits for the check to clear, the bank will still come after him for the money in a couple of weeks which is usually how long it takes for these bad checks to come back.
Edit: Check was sent to him by UPS which avoids the use of mail fraud which the USPS Inspection Service can prosecute very aggressively.
Actually I was not threatened that I was stealing if I didn't wire! I wish I was though because that would have definitely given it away. The receipt of my bank deposit they asked me to take a picture of just had more than enough to pay! I remember double checking the receipt in-case it had too much personal information and even was aware that I didn't want to show my balance but something in my brain just didn't combine all the pieces until I heard the words "wire transfer" which triggered memories of crime shows.
Besides all the other red flags, what would have (probably) triggered an alarm would have been the actual list of equipment (and its generic content).
Set of furniture?
Copiers?
Graphics generator and software?
Data storage and Microfiche?
High speed Internet access?
All coming from a same supplier, the same that provides the Mac and the "Dual Monitors", maybe it is "normal" in US, but elsewhere there would be several different suppliers, very detailed confirm orders, a lengthy contract for the Internet access, endless back and forth for fixing delivery and installation dates, etc.
This named cross-selling in scientific marketing, when somebody sell to customer related items, even far related.
Best example, when You will buy auto, good seller will try to sell items for tourists, picnic items, spinning, and even bait (sure, will include regulated items in base, like insurance, fire-extinguisher).
I got you. I said "implied threat" meaning that someone who was having second thoughts before wiring the money is thinking about what could go wrong if they didn't wire the money, and not what could go wrong if they did. As others have mentioned there is also the whole sunk cost fallacy. This whole story is a great example of social engineering and it's the first time I've heard of it. Good for you to take the effort to post it. It's just long and could use a quick summary of the actual scam upfront for people with short attention spans.
Absent all the red flags, the basic form of the scam is pretty sophisticated. Here's a check to get yourself setup from our preferred supplier and expense it when you start probably should set off alarms to the degree that other things seemed off. But it's not by itself something a legit company would likely never do.
IANAL, but the mail fraud laws in the US includes interstate delivery via private carriers, so if they catch the scammers it's still a felony. It seems likely that USPIS wouldn't be involved though.
When you receive the check, shouldn't you go to the bank and withdraw the cash with that? And bank lets you know that it is a fake check, thus denying the withdrawal. At what stage and why are you required to send your cash to someone else?
No, the bank doesn't know if it's a fake check straight away. They find out weeks later during a reconciliation process with the bank that printed the check.
To add more context: the check is usually not completely fake. It has a legit bank routing and account number on it, typically a business that is also being scammed. So the money will likely actually get withdrawn from some random business’s account and only discovered weeks or even months later.
Guy gets a "job" as a software engineer with a WHOLE lot of work, onboarding, paperwork, etc. Then the first thing they ask him to do is deposit a check into his account and send them the Cash immediately, before the check clears. They had the check UPS'd to his house, too.
Yep, he gets the job and then they suddenly run into a lot of errors and whatnot and he has to pay their check. When he tells them its a scam, they start questioning him lmao.
Look at their bad grammar in the full conversation though, this was the last dead giveaway.
tbf bad grammar is not unusual when dealing with remote teams. The gmail is a bigger giveaway (but again, I've done business with big corporations via gmail addresses where it's just easier to use a personal address than get IT to sort remote access or a mailbox big enough to handle attachments...)
"We're mailing you a check, now please send the money to someone else" is always a red flag. In the rare cases someone doing this isn't scamming you, they're probably using you to avoid taxes or breach spending guidelines or something else unfavourable to you instead...
"Do you track the check"
"I will send you later"
"A IT director Lead from the company..."
"...by purchasing the home office equipments..."
"Immediately the funds are available, you will be directed..."
That's not even mentioning the smorgasbord of run-on sentences, weird capitalizations, etc. Yes, there's a lot of non American English. But it's presented as coming from an American given that the job listing is all US and that name is an American (or at least Anglo) name.
Pidgin dialects of English are no less correct than more wildly use dialects of English (grammar rules are shaped by the speaker of a dialect or language, as they use it, they are only set from on high when some people like to declare others as "unwanted" users of that language. But I digress)
Slightly different grammatical rules. For example, some dialects of Indian English use the present participle for future tense (similar to some Caribbean dialects)
"Ok Bob, you're hired. Normally we'd send you a computer and all the other equipment you need, but our vendor communications are all fucked up. So we're going to send you the check we would have sent them, you deposit it, then you order the equipment from them. Plus that way your name is officially on the purchase and you own the equipment after 15 weeks! Why don't we just send the check to the vendor? What, are you calling me a scammer? How dare you!"
The scam is that they are secretly the vendor and they never send you the computer equipment that you buy with your own money. The money from the check they sent gets taken back by the bank because it's fake.
The original post here is just a long string of original documents and background information, leaving the reader to read the entire thing to piece together what happened. Providing a summary in the introduction is a key part of effective communication.
Scam or no scam, you shouldn't be telling them your desired rate/salary; you should be asking them what the range is for the position they're hiring for.
It's like a cop asking you "do you know why I pulled you over?" Don't volunteer information, just ask "Why did you pull me over?"
The information on rates for many people is freely available. I'm more than happy to share my expected salary in the first interview, as the worst case scenario for both of us is if it comes out after an onsite that there's a disparity.
Levels.fyi, salary ranges on a large number of employer websites, even glassdoor, will give you a reasonable indication of rates.
Looking to make use of her degree, she was excited to get a job offer doing remote work as an office coordinator. She has a dog so working from home was a plus, and $25/hr instead of $16/hr doing retail was a big raise.
She not only lost $3000 from the scam check, she also lost her old job, having given two weeks notice and didn't realize it was a scam until she was gone. The thing that pained her the most was the shame of having been scammed.
Although some red flags were there, her main blind spot was the disbelief that scammers would go to so much effort to (a) set up an entire website for the fake company, (b) were willing to spend hours in the fake interview, and (c) having her do two weeks of "training" courses while they waited for the laptop and other things she bought made it it cross country into their hands.