Craigslist PayPal prepayment scam… how does it work?

One thing that is great about the Internet is that it makes it possible to connect simultaneously with all of the world’s criminals. I am trying to get rid of a batch of kitchen appliances and posted a Craigslist ad. “Kathy White” responded with the following:

Hi,
Thanks for the mail.. i will be paying you via  PayPal, don’t worry
about the pick up, the pick up agent will be coming to pick it up
immediately your account is credited…..send me your PayPal invoice
to cgredstores@gmail.com so that i can pay in.

Thanks

Plainly this is not someone who learned English in the U.S. And plainly a non-criminal would not want offer to pay $1000 into a PayPal account based on viewing an anonymous Craigslist ad. How would the payer even know that these appliances exist?

So let’s assume that this email is from Nigeria and that “Kathy White” is not going to be coming to pick up my stylish-but-hated Bosch dishwasher and its GE brethren. How then can she possibly profit from putting $1000 into my PayPal account? She won’t get the appliances. If she arranges a refund from PayPal it will be for the $1000 that she sent me.

18 Comments

  1. James Grenier

    April 29, 2013 @ 11:14 am

    1

    One scam is to spoof a PayPal confirmation email of receipt of funds into your account. Not sure if there’s anything more sophisticated than that.

  2. Mark Lutton

    April 29, 2013 @ 11:18 am

    2

    I don’t see why you think this person didn’t learn English in the U.S. It’s typical of many who attended U.S. high schools.

    The scam is that someone DOES come to pick up the appliances (a U.S.-based accomplice, obviously, if “Kathy White” lives in another country). Or perhaps visits you when you’re not home and takes away your TV as well.

    There are several ways the scam can work. Kathy can send you a fake PayPal email with a link that takes you to a phony PayPal page. Or she can use a hacked PayPal account and transfer the money from the hacked account to yours. Or she can really put the money in your account, then complain to PayPal that the appliances aren’t as advertised and have PayPal automatically debit your account. PayPal is rather notorious for responding to buyers’ bogus complaints and giving sellers no recourse.

    In addition she can use the information on your PayPal invoice in many ways. Just having the account number or the associated email address can be useful for running other scams.

    And of course there’s the classic “here’s more money than you asked for; please send me a cashier’s check for the extra.”

  3. Anthony

    April 29, 2013 @ 11:33 am

    3

    Not sure, but I doubt it involves anything fancy. They just need the slightest bit of legitmacy to convince you to click on some link in a dispute email that captures your paypal password(they already have your login once you send them an invoice.)

  4. patrick

    April 29, 2013 @ 11:34 am

    4

    It seems like she thinks she can pick up the appliances, then file a report with Paypal saying she never got them. Or, she knows a way to fake a payment that will get revoked — sort of like writing a bad check.

    “Coming to pick it up immediately” seems suspicious. Why the rush? Well, because she’s not really paying you.

  5. Nat Friedman

    April 29, 2013 @ 11:37 am

    5

    I’ve seen this one before when my dad tried to sell his motorcycle on craigslist. She’ll send you a phishing link to setup a paypal account, but it won’t go to paypal. You’ll enter your credit card and bank details into a website that looks like paypal, but is owned by scammers.

  6. Chaminda

    April 29, 2013 @ 11:42 am

    6

    Check this, apparently Kathy White is quite popular and making deails:

    http://800notes.com/Phone.aspx/1-409-909-1000

  7. Isaac D.

    April 29, 2013 @ 11:45 am

    7

    My guess is she’ll “accidentally” pay you $1800, and then ask for you to immediately send her the overpaid 800 to her via Western Union. Then the PayPal refund happens.

  8. D

    April 29, 2013 @ 11:54 am

    8

    GOOGLE KNOWS ALL.

    It’s certainly a formula communication. Googling “cgredstores” brought up this:
    http://800notes.com/Phone.aspx/1-409-909-1000

    An excerpt:
    “Had my car up for sale on a classified ads website. Got an email from ‘Kathy White’ saying she wanted to buy the car for her cousin as a surprise. She was conveniently away on business therefore could not come to view the car, but was happy to pay the full amount that was advertised and she would send a shipping agent to pick the car up. ‘She’ only wanted to deal through PayPal, and became quite pushy in trying to get my account details. I told her cash only and I’ve never heard back.”

    I am thoroughly disappointed about the quality of today’s criminals. Why are they recycling identities like this when any will do?

  9. Jan

    April 29, 2013 @ 2:06 pm

    9

    Interesting find, perhaps a more revealing excerpt from that same thread, also from Kathy White:
    “I was about to made the payment when i had a little problem with the
    pick up they said they can only schedule the pick up date and time
    when they receive their money for the pick up via Western Union Money
    transfer in there head office in Tx, So i included 700 for their pick
    up fee and 100 for the Western Union charges to the payment i sent to
    your paypal account and PayPal will instruct you on how to get the
    money sent to my pick up agent. The payment has been made and the
    money has been deducted from my account”

    So it seems you are not the one being scammed: it’s a money laundering operation for hacked PayPal accounts and you’re supposed to be the stooge that does the PayPal to Western Union transfer (although you may be left holding the bag if a chargeback occurs before you get the funds out of PayPal)

  10. philg

    April 29, 2013 @ 2:14 pm

    10

    D: Thanks for that reference. Kathy was “away on business” before. Today she is “present out of town for my new project”. Here’s her follow-up email:

    Im just asking about it to make sure its in good condition as im
    buying it for my cousin as a surprise and she doesn’t know about it, so
    can you assure me i will not be disappointed? also no shipment
    involved as i have a pick up agent that will come for it.I’m satisfied with
    your firm/advert price, As im requesting this transaction should be
    done via PayPal so the PayPal charges is on me.Payment will be made
    via PayPal only if you don’t have an account, its very easy, safe and
    secured log on to  www.paypal.com) i’m present out of town for my new
    project, so im sorry i will not be able to come look at it in person.

  11. D

    April 29, 2013 @ 3:30 pm

    11

    “Assure me I won’t be disappointed” – she’s claiming to buy something sight unseen, and so she’s giving you this opening to make you think she trusts you, and make the whole thing more intimate. She’s also setting herself up as the mark in *your* eyes. I’ll bet you could talk her up in price, as long as you go along with the next steps of the scam. I mean, really why not $1,500 instead of $1,000 when you don’t intend to pay?

    As social engineering goes, I’d give it a B. Clearly it’s effective enough, since “Kathy” has been at it for a while.

  12. philg

    April 29, 2013 @ 3:34 pm

    12

    D: It is hard to believe that this is in fact effective. It doesn’t make a lot of sense to “surprise” a cousin with a gift of 1000 lbs. of used home appliances. Maybe I will try it out on my cousin Lynn. I don’t doubt that she will be surprised when a massive appliance truck shows up in her driveway!

  13. Dan Weber

    April 29, 2013 @ 4:23 pm

    13

    The biggest problem in stealing consumers’ (as opposed to businesses’) bank information is that so much of the banking system is reversible in case of fraud.

    So they look for stool pigeons who who will accept a reversible transaction (PayPal, ACH transfer, credit card payment, check payment) and do a non-reversible transaction (wire transfer, cash, Western Union, Bitcoin) on their behalf. Then they get out of town, and eventually the legit owner finds out what happened and reverse everything, leaving you, the stool pigeon, holding the bag.

    There is good evidence that finding these cash mules is the limiting factor in stealing money online, so anything that slows down Kathy at this stage is probably a social good.

  14. Joshua Levinson

    April 29, 2013 @ 5:39 pm

    14

    What they’ll often do, once you agree to the deal, is ask if they can pay you extra, and have you send a money order for the excess along to someone else. So, if you’re asking $1000, they’ll PayPal you $2000, and ask you to send a money order for the extra $1000 on to someone on their behalf.

    Then, after you send it along, they suddenly reverse the transaction (it used to be they’d just send a personal check that would initially clear, but would actually bounce several weeks later).

  15. Nickg

    May 1, 2013 @ 8:38 pm

    15

    I have a lot of experience with these emails, as I like to mess with the Nigerian scammers. I like to make them think I have shipped something to them, which reveals the next steps of the scam.

    First, they mass email those generic emails to Craigslist ads, such as, “is the posted item still available?”. The higher priced your item is, the more likely you will get one. They always offer to pay more than the asking price. And it will never have a reference to the actual item in the ad, such as, “Is your iPhone still available?”.

    Once they get a response, they come back with the whole “I’m out of town, it’s a gift for someone, I need to use Paypal, etc.” If you agree to ship something (or pick something up), they will send a few emails claiming to be from Paypal, which they clearly aren’t. These fake Paypal emails are very pushy urging you to ship the item ASAP and give them the shipping confirmation number. The fake Paypal emails also claim that the payment was successful, even though there will be no payment showing in your PP account.

    They say that once there is a valid tracking number and the item has been shipped, then Paypal will release the funds into your account. I have convinced them a couple of times that I have shipped the item to their Nigerian address. Which then, of course when they think they will be receiving the item, there is a problem with the Paypal transaction and you won’t be getting the fake promised payment into your account.

    So, for example, lets say you list a Rolex for $5,000. The scammer offers to pay $6,000 via Paypal. You cover the excess $1,000 mistake out of your bank account (real money) and send it to them via Western Union. You ship the Rolex expecting the payment to clear into your PP account after you give tracking details.

    Then bam, there is a “problem” with the Paypal payment. So now, you have shipped the Rolex to them, so you lose that. And you lose $1,000 out of your bank account to them.

    Sorry for the length of my comment, but it is a scam every time you get those types of emails. And that is the most common one. I really hope people don’t actually fall for it. But if it didn’t work, they probably wouldn’t bother to keep trying.

  16. WilliamT

    May 2, 2013 @ 2:49 am

    16

    I had one of these once. Their “trick” was to send a fake paypal confirmation email that the money had been transferred (including an additional $1000 for the transportation cost), and then try to trick me into paying (via Western Union) the “transport firm” who was going to pick up the goods. I strung them along for a while but eventually they must have realised it wasn’t going anywhere. There was also some excuse about why paypal hadn’t yet “released” the funds into my account.

  17. Mark Lutton

    May 2, 2013 @ 11:54 pm

    17

    “I am thoroughly disappointed about the quality of today’s criminals. Why are they recycling identities like this when any will do?”

    Nothing new about that. Women in 18th- and 19th-century London who abducted young girls commonly identified themselves as “Good Mrs. Brown”. Readers of Cleland’s “Fanny Hill” and Dickens’ “Dombey and Son” will recognize the name.

  18. chris

    May 3, 2013 @ 10:29 pm

    18

    I received the scam today and what had me confused was how do they do the fake paypal address when the address they give for paypal is actually paypal.com
    I own a computer training facility for the Gov and came up with the answer.
    I get it if the paypal.com was a fake site however I looked up the web address they gave me and it really did go to paypal.
    The car I’m selling is on Craigslist and they did everything through the text on phone.
    When they asked me to open a paypal account and gave the link I replied that I already had a paypal account. I never heard back.

    My thought is they had hoped that I would click onto the paypal. com link they sent and obtain my info that way. Then I thought about how they could get this info if it went straight to a paypal.com site.
    Here’s what they do
    If I did not have a paypal account and clicked on the paypal.com link they had sent it would actually go to paypal.com however here’s the tricky part and I mean tricky so listen up. Just like a 3 way call they have a 3 way link and when you think you are filling out the paypal account on paypal.com you actually are creating a new account however they are also receiving the same info on their end. After you had finished they go into your bank and clean it out. And that’s that

Log in