How Does This Scam Work?

[George7941]

I just placed an ad
https://www.kijiji.ca/v-art-collectibles/city-of-toronto/omnibot-robot/1734961771

Not soon after, I get this text

I missed the fact that it was a 825 number, so I was less on my guard. Also there was no urgency, he was going to swing by in about five days. Urgency is one of the hallmarks of scammers. That was why I did not suspect a scam at first.

I am guessing that clicking on the link sent will take me to a fake page that will convince me to type in my banking info.

Is just clicking on a provided link harmful as long as you don't provide further info? I have not yet clicked on either of the two links.

 

[jadmt]

correct.. don't do it report it as spam/scam. tell them to venmo you the money to hold it and see them disappear.

 

[ClutchDisc]

I wouldn’t click that link at all. To me, that screams scam from the first text. And if not the first, definitely the second text.

 

[goblin]

interac-ca dot th.

Unless your Canadian bank is in Thailand - it's a scam
If it does have dots after it - it's not the final domain.

 

[dubber09]

Why is it -$30? I'd it actually a payment request as opposed to deposit? You know how with EMTs one can actually request a withdrawal from other party rather than sending them money. Also, how (and why) did they know your phone number to text you?

 

[rstsco]

Is just clicking on a provided link harmful as long as you don't provide further info? I have not yet clicked on either of the two links.

Once you've clicked on a link, this gives a bad actor the ability to install any kind of virus, keylogging, or anything else on your computer. Never click on a link in a text or email you weren't expecting. My kids and grandkids know I will not open a link sent from their numbers without our first talking about my to be expecting it. Phone numbers are easily spoofed.

From a browser, you can usually mouse-over a link and see the URL.You can also right-click, copy the URL, then paste it into Notepad or somewhere allowing you to inspect it. If I don't feel it's safe, I won't click on it... even on BITOG (sorry @wwillson ). If in a text or email, those almost always get deleted immediately.

In the past, I've received text messages from my credit union's "fraud department" where their number had been spoofed. When I get one of these, I'll call the CU directly. A few weeks ago I missed a legitimate fraud alert and hadn't returned their call, so they canceled the card. When I found the card not working and called the CU, they sent me a new card. I appreciate their being so proactive and feel waiting a week or so for a new card is better than either the CU or me being out money due to fraud. Yes, I'm retentive when it comes to things like this.

 

[alarmguy]

Never click a link. NEVER
Correct reply is “you can pick it up Sunday or Monday if it’s still available”
Cash and carry

 

[Pablo]

Checking is misspelled.

 

[rstsco]

Never click a link. NEVER
Correct reply is “you can pick it up Sunday or Monday if it’s still available”
Cash and carry

Often the best response is no response.

Any time I've listed an item on Craigslist, I specify exactly what the subject line needs to be, and if it's not, the reply will be ignored. This weeds out the vast majority of spam replies and are deleted immediately. Even if a legitimate potential buyer is responding, if they haven't followed the instructions correctly, they get deleted.

 

[mk378]

"Is this still available" means it's a bot for sure. An actual potential buyer would at least describe the item.

 

[alarmguy]

"Is this still available" means it's a bot for sure. An actual potential buyer would at least describe the item.

Good point.
I’ve seen Facebook marketplace ads for everything including cars and boats where the person posting says “I will not respond to questions asking if it is available. If the ad is still posted it’s available.”

 

[Vil_Riker]

A scam center operated by the Chinese mafia in the lawless areas of northern Thailand.

 

[alarmguy]

Checking is misspelled.

Good catch and should be a red flag, but there is a use of the word in the way it is spelled. It is a old British way of spelling checking I think also sometimes used in Canada

Still a red flag, but there is that outside chance, then again we already know the OP has a scam text
https://acemoneytransfer.com/blog/cheque-or-check-which-is-correct

 

[Pablo]

Good catch and should be a red flag, but there is a use of the word in the way it is spelled. It is a old British way of spelling checking I think also sometimes used in Canada

Still a red flag, but there is that outside chance, then again we already know the OP has a scam text
https://acemoneytransfer.com/blog/cheque-or-check-which-is-correct

I was kidding. Sorry for no smiley face, although I think our Canadian friends got it.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

I don't list much stuff at all anymore. Just not worth the secret handshake and all.

 

[alarmguy]

I was kidding. Sorry for no smiley face, although I think our Canadian friends got it.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

I don't list much stuff at all anymore. Just not worth the secret handshake and all.

I should have known! East Coast reader of a West Coast poster!

 

[ecotourist]

Good catch and should be a red flag, but there is a use of the word in the way it is spelled. It is a old British way of spelling checking I think also sometimes used in Canada

That's the usual spelling in Canada.

 

[George7941]

Why is it -$30? I'd it actually a payment request as opposed to deposit? You know how with EMTs one can actually request a withdrawal from other party rather than sending them money. Also, how (and why) did they know your phone number to text you?

My phone number is in the ad

 

[George7941]

Once you've clicked on a link, this gives a bad actor the ability to install any kind of virus, keylogging, or anything else on your computer.

That is scary. I thought that I would have to give permission before anything could be installed on my device.

NEVER CLICK ON AN UNKNOWN LINK - I have come across this often enough that it has been burned into my brain and stopped me from clicking on the links that were sent.

 

[alarmguy]

That is scary. I thought that I would have to give permission before anything could be installed on my device.

NEVER CLICK ON AN UNKNOWN LINK - I have come across this often enough that it has been burned into my brain and stopped me from clicking on the links that were sent.

Actually even opening an email can be dangerous, many companies test their employees, by sending emails from unknown sources and see if the employee opens it. If they do, the go "back to class" (online training)

 

[rstsco]

Actually even opening an email can be dangerous, many companies test their employees, by sending emails from unknown sources and see if the employee opens it. If they do, the go "back to class" (online training)

Yep. Any text or email that could possibly be questionable are deleted without opening their content. Do not pass GO. Do not collect $200.