“If I protected at least one person with my story, it was worth going public, even if my EGO suffered.”

“I was cheated. I lost relatively little, but the online scammers swindled me out of €184”, businesswoman Asta from Lithuania begins her story. She admits that she hesitated for a long time before making her story public because people have different reactions – some praise people for having the courage to share their experiences, and others say that learning about the methods and techniques used by scammers will help others to avoid being scammed in the same way. But there are also those who laugh and think: “Well, how can you be so stupid, I would never have fallen for that…”.

Lately, we often see articles on various Internet portals with big headlines such as “Internet scams are rampant! Be careful”, “Person who lost thousands of euros warns: it can happen to any of us”, etc. We read the headlines and maybe flip the publication to look at the details if there is a good hook in the headline or if we want to know more juicy details or how much money the victim lost. Most of us know the tactics used by scammers, we know not to click on links from unknown senders, to ignore suspicious SMS messages, and to be wary of phone scams, but the number of victims of online scams is not only not decreasing, but there is an upward trend in the number of such scams.

Education and awareness-raising are said to be of the ways to combat scams. However, we need to be aware that scammers have also access to the same information and coming up with newer and newer ways to lure and entice the victim in order to get money, personal information, credit card details, infect the victim’s device, etc., as quickly as possible. No scammer says it outright – give me the money! They do it subtly, using psychological pressure, usually by telling you to do certain things as quickly as possible and offering you various discounts or other benefits.

Asta decided to sell her second-hand items on a well-known website

Asta says that she decided to sell some of her more expensive second-hand items on a well-known online platform. She shares her experience that the website where she registered was not very intuitive and the system was a bit slow. A few days after posting the advert, a potential buyer showed interest in the items she was selling and offered to communicate further via Viber. Asta did not find this suspicious as it was much quicker and easier to communicate.

The buyer indicated on Viber that she wanted to buy Asta’s goods and sent her an order link. Asta logged on to the online platform to check whether the transfer had already been made, but as there was no information about the transfer, she decided to wait for a little.

A few days later, the buyer was “worried” and asked if Asta had received the money, and started pushing for things to move faster. Asta had doubts about the transfer, but she had heard that such platforms do not immediately transfer the money to the seller, so she went back to the link the buyer had sent.

 The process of authorising the seller to make sure the seller is not a “scammer”

The link sent by the buyer led to a website whose address did not look suspicious at all and whose environment looked original. In order to find out the details of the transfer, the website asked the customer to fill in a special form and confirm her identity. The form required the details of a bank card, as the transfer would be made to that card. Asta was also not suspicious of the fact that, in order to authenticate the seller and to make sure that the seller was not a ‘scammer’, the form required the balance on the card.

As the card balance was less than €100, Asta received a message when filling in the form that the card had to contain at least €150, which would be read by the system and refunded immediately. The system reiterates that this is done in order to identify the merchant and “due to the recent increase in fraud cases”. In order to complete the registration as quickly as possible, Asta immediately transferred another €100 to her bank account. After completing all the requested registration steps, she received a message that the transfer had been ‘cancelled’ and the buyer kept asking if Asta had received the money for the goods.

The next day, Asta checked her account and saw a balance of EUR 0,00 – the account had been emptied. It then became clear that Asta had fallen into a scam and she immediately took action: she contacted her bank, blocked her bank card, and informed the police.

Stories about scams must be shared

It was only when Asta had recovered from the situation that she noticed that she had not filled in the form on the original second-hand goods website and that the address of the website was different from that of the original website, with the addition of the letters “-lt.lt”, which did not arouse suspicion. Asta also wondered about the constant pressure of “did you get the money” and “where are my goods”, and finally the inclusion of personal and financial data on the website form should have raised suspicion.

She shared her experience on social media and warned her friends to be careful not to get into similar situations. After the story was made public, Asta received many stories from friends and acquaintances, including thousands of euros lost.

Asta finally acknowledges that her story has generated a lot of discussions  and that it contributes to educating people about online scams. She says “if I have protected even one person from online scams with my story, it was worth making public, even if my EGO suffered”.

How can I protect myself from scammers and avoid falling for their hook?

In order to avoid falling into similar situations, we need to share our stories, learn how to recognise scams, and know what to do to avoid unpleasant situations, as scams can happen not only when selling goods online, but also through emails, SMS, phone calls and web browsing. We also need to know what action to take if a scammer has reached its      target.

As a result of the increase in online scams, several organisations from Lithuania, Latvia, Estonia, Malta, and Cyprus have decided to develop training material on phishing.

By accessing the online learning environment (www.cyberphish.eu/learn), you can not only learn about phishing, but also test your knowledge and solve phishing resistance scenarios. A certificate will be issued to those who complete the online course.

Dr. Renata Danieliene, Information Technologies Institute.