E-commerce Scams: How to Avoid Being a Victim

E-commerce scams are those scams perpetrated on online marketplaces or online buying and selling platforms. The essence of these scams is to lure the unsuspecting to part with their money either through theft of card information or the purchase of substandard/non-existent goods and services. E-commerce scammers have numerous methods to achieve their goals, below are the most common.

The use of fake websites. The rise of various e-commerce website builders such as Shopify, woo-commerce, Wix, and Magento has made this option more appealing for scammers as they can easily set up e-commerce stores with little or no technical knowledge. Once the website has been set up, the scammer will either put up pictures of non-existent goods or goods with a reduced market price. With regards to the former, the aim of the scammer is to get people to make purchases for goods they will never receive. With regards to the latter, putting up goods with a reduced marker price will drive traffic to the site as would-be buyers search for a bargain. Then their card details will be harvested at the point of purchase.

The use of hacked websites. In this scenario, scammers seek out an e-commerce store and compromise it. This can be done through social engineering an admin to get their login credentials or implanting malware on the admin’s device to harvest such credentials. Once they have access to the website they implant a code on the checkout pages that would harvest card credentials as they are entered. Neither the website admins nor the customers know what had happened.

Account takeover. This occurs on e-commerce websites that have poor security. In this scenario, a scammer takes over a user’s account on an e-commerce store. Since there is poor security, the scammer can use the user’s accounts to order goods after they have changed the delivery address. Once the scammers received the goods, they sell them and obtain the monetary value.

Steps for Protection

  • Shop From Only Reputable Marketplaces and Retailers. If you see a deal or offer and the online store is unknown, it might be best to avoid such because cybercriminals have been known to set up fake online stores to hoodwink unsuspecting people. Naturally, any online store in which you want to make a purchase should have a good reputation and should be well known. Always do some research on the store and item and if you want to make a purchase.
  • Do not store store your card details on any website. If you are not buying anything, don’t submit your card details.
  • Check that the site you are buying from is secured, that is, check for a locked keypad icon on your browser or that the URL begins with https://
  • When buying from an e-commerce platform, if possible, opt for cash payment upon delivery.
  • Practice Good Cyber Hygiene. Use strong and unique passwords for all your accounts, this can be easily done if you’re using a password manager. You should also consider using a virtual card in which you can fund with only the amount needed for the items you wish to buy. Finally, make sure multi-factor authentication is enabled across all your online accounts.
  • Monitor Your Bank Accounts. Make sure alerts are enabled and functional on all your accounts. Also, make sure you have the contact numbers or email of your bank’s customer support in case you need to reach them.

In conclusion, E-commerce frauds are pervasive because of the popularity of E-commerce. As the technology to edge out Cyber fraud develops, so does the technology to create new scams. Therefore, to protect yourself from Cyber fraud, one must remain vigilant and do everything possible to prevent it from happening or minimize its effect if it does happen.

Contributors:

  • Oluwaseun Adio
  • Akim Emmanuel
  • Blessing Oyekan Mariam

EazyMobile (eazymobile.ng): An Appraisal

eazymobile.ng is an online platform that claims to “offers economical payment of Utility Bills, Airtime To Cash, Data Purchase, Money Transfer, Airtime Top-up, Buying And Selling Of Bitcoin, Investment Plan, and all Telecom needs, either on a recurring or one-time basis.” Of all the previous services listed, the “Investment plan was what caught our attention. A section on their homepage showcasing their services also has a blurb about their investment service.

Information concerning their investment plan was not readily available on their website, so we decided to check out their social media handle to see if anything of interest could be found there. Out of the four social media links listed on their website, non was functional except the link to their Twitter handle. A perusal of their Twitter account shows it was a personal account before being converted to several business accounts. A Tweet from 2018 shows it was called Ogojesu Modest Data with the numbers 08110391505 and 08166327382 listed.

Later on, in 2019 we find flies of EazyMoble and in 2020 a Tweet about “Eazy Global Solution.”

A search of Eazy Global Solutions on Facebook led to their Facebook page where we found a flier of their investment proposition.

They were offering a 10% return on investment for every 25 days which translates to 146% per annum. This is an outrageous figure, especially when compared to prevailing market rates and the CBN monetary rate which is 11.5% per annum. Looking at the flier, we see the company registration number listed as RC 3062123. A search for the company name on the Corporate Affairs Commission’s website shows that the Number 3062123 is a registered business name and not an incorporated company.

The search also revealed that the company upgraded its status to an incorporated entity on the 18th of August 2021.

So from April 2, 2020, when the flier was posted till August 18, 2020, Eazy Global Solutions has been running an investment scheme with just a Business Name. This means they carried on without any form of regulatory compliance or oversight. Also, on the flier, we again see the number 08166327382, first seen on the flier from their Twitter post. A google search shows this number on a pdf document on another website ogdams.com

Perusing ogdams.com we see that it is a replica of eazymobile.ng and both are offering the same services.

From the foregoing, it is safe to say that both websites are being run by the same entity or the owners of both websites know each other and have some sort of relationship.

Putting it all together, given that Eazy Global Solutions just recently got incorporated and shows no evidence of regulatory approval from the Securities and Exchange Commission, and ran their investment scheme for more than a year with just a business name, we warn all to stay clear of their investment package. Another thing worthy of note is to be wary of businesses that offer investment schemes as one of their service packages. They might be using their other authentic businesses to confer legitimacy on an otherwise fraudulent investment scheme. Do not be swayed by huge returns on investments and always do your due diligence.

Avoiding Charity Scams: A Brief Guide

Most humans want to do good for a plethora of reasons. Some are for altruistic reasons while some are for more cynical reasons. But whatever their reasons may be, this automatically makes them potential victims of ‘Charity scams’.

Charity scams are schemes devised to deprive unsuspecting people of their funds by preying on their benevolence. This can take many forms but mostly through scammers pretending to be legitimate charities. In such instances, they pretend to solicit funds for victims of a recent disaster, veterans from the military, orphanages, or people with serious medical conditions.

Charity scammers use every available means to approach their victims, they can approach in person, via e-mail, telephone, SMS, and social messaging applications. They use logos and images of real charities and victims or create fakes using image editing applications like Photoshop. Unfortunately, most charity scams go unreported because the victims committed sums they consider expendable. This sustained precedence seems to encourage its occurrence.

How to Recognize a Charity Scam

Here are some ways to determine if that call, e-mail, SMS, social media post/message or pitch is legit.

  • Fake Charities are not registered: A reputable charity organization should be registered with the government. To know if a charity is registered, you can look them up from the CAC name search portalthe portal gives details about an organization’s registration date, branch address, and contact information.
  • They use pressure and urgency: Reputable and legitimate Charities do not pressure people into donating no matter how urgent a situation may be. In contrast, scammers treat ‘donations’ as a matter of urgency, pressuring you into making donations. They employ emotional blackmail, aggressively pushing victims’ stories with the aim of manipulating the donors.
  • They accept donations through channels that aid anonymity: Given the unprecedented proliferation of payment technologies, scammers now employ alternative channels of payment, especially those that protect the identity of the receivers. These may include Cryptocurrencies, Gift Cards, and Wire Transfers that are untraceable, so you should watch out for this. Legitimate charity organizations will always accept a variety of payments method including traditional methods that provide an audit trail.
  • They spam you with messages: Fake charities spam people with messages or links for donation. Legitimate charities do not do this, instead they usually have a webpage with clear information on how to donate and where.

Steps for protection

  • Verify their “good works”: Don’t be swayed by responses such as “we take care of the needy” or “we support widows and orphans,” without actions these are empty words. Seek out concrete proof that the are actually involved in the work they claim with verifiable results. For instance, If they claim to take care of orphans, find out where their orphanage is, how long they’ve been involved in the work and the difference it has made in the lives of the children.
  • Do some checks on their website: Scammers can clone a charity organization’s website and content. They then slightly alter the domain name (For example, www.nogofallmaga.org can be misspelled as www.nogofalmaga.org). How can you be vigilant and not fall for this? You can do so by using these online tools to check if a website is a clone and if the content of the website is used elsewhere; CopyScapeSiteLinerPlagSpotter. You can also make use of reverse image search to check if images on the website are being used on other sites.
  • Verify Crowdsourced or social media appeals: Before you give out money for a gofundme or social media appeal for assistance, make sure you can verify the situation is true or that you personally know the person soliciting for funds. If you can’t then you should consider not giving no matter how tragic the situation may be.
  • Approach the charity yourself: Always approach the charity organizations you are willing to make a donation or offer support. Do not rely only on a phone number, contact or website address given by the person who first called, visited or emailed you because they could be impersonating a legitimate charity.  

In conclusion, always do your due diligence, and do not let the antics of charity scammers dampen your drive for giving, for there is great value in helping others.

Contributors:

  • Chibuike Gabriel Offor
  • Awoyomi Muyiwa Anthony
  • Emmanuel Beyoma