Story image

Escrow scams set to rise

09 May 2013

The number and scale of escrow scams are expected to grow during the month of June, with cars, motorbikes and electronics shoppers at most risk.

That is according to Bitdefender, who says over the last ten months fraudsters put more energy into creating fake escrow websites at the beginning of winter, with over 16.8% of the escrow scams registered in almost one year were created in June.

A similar spike was registered in February this year, with over 17% of the total number of analysed escrow scams but after a steady decrease from July to October, the number of fake escrow companies starts to grow before the holidays, especially in December.

Cars, motorbikes and electronics top the list of items that scammers use most to swindle online shoppers in the growing underworld of escrow fraud, a Bitdefender study on over 2,000 fake escrow websites shows.

Scammers generally pose as sellers on authentic auction websites, then direct buyers to the fake escrow service they control, the scammer then takes the money and never delivers the goods.

“The scammers can be quite convincing – that’s precisely how they can make money,” says Catalin Cosoi, chief security strategist, Bitdefender.

“They put a great deal of effort into coming across as legitimate, even to the point of warning their targets to protect themselves from credit card and payment fraud.

"A typical statement seeking to reassure their victims is that they never request banking details – it actually makes no difference with escrow fraud.”

Here are the Top 5 items scammers ‘ship’ to Neverland:

CarsMotorcyclesElectronicsItems of special valueBikes

Other items ‘transported’ by escrow scammers include bank deposits, medical records and tissue samples.

Before making any payment online and using an escrow service to ‘secure’ the transaction, Cosoi recommends users check WHOIS information for clues about the domain registration, hosting and online activity.

Unlike real sites, more than 90% of the fake escrow websites are registered for just a year, and use e-mail addresses such as contact@privacyprotect.org to remain anonymous.

Another sign is that real escrow websites use secure server connections (SSLs) to protect customers, so “https://” should appear in the address browser.

Fraudulent websites may even ‘borrow’ the logo of SSL verification services such as Verisign, so users should check if the site is listed by the authentication company.

Have you fallen victim to an escrow attack before? Tell us your experiences below

Orange Belgium opens 1,000 sqm Antwerp data centre
It consists of more than 500 high-density 52 unit racks, installed on the equivalent of 12 tennis courts.
Time to build tech on the automobile, not the horse and cart
Nutanix’s Jeff Smith believes one of the core problems of businesses struggling to digitally ‘transform’ lies in the infrastructure they use, the data centre.
Cloud providers increasingly jumping into gaming market
Aa number of major cloud service providers are uniquely placed to capitalise on the lucrative cloud gaming market.
Intel building US’s first exascale supercomputer
Intel and the Department of Energy are building potentially the world’s first exascale supercomputer, capable of a quintillion calculations per second.
NVIDIA announces enterprise servers optimised for data science
“The rapid adoption of T4 on the world’s most popular business servers signals the start of a new era in enterprise computing."
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.
Storage is all the rage, and SmartNICs are the key
Mellanox’s Kevin Deierling shares the results from a new survey that identifies the key role of the network in boosting data centre performance.
Opinion: Moving applications between cloud and data centre
OpsRamp's Bhanu Singh discusses the process of moving legacy systems and applications to the cloud, as well as pitfalls to avoid.