African scammers are being forced to change their operating procedures for scamming women across the globe. We have had a lot of success here identifying the identities, profiles, emails, and user names of those that have stolen photos from legitimate military personnel in an effort to scam money out of unsuspecting victims. As such, they are now resorting to other methods. I’m going to mention two here.
I got the following email from reader tipping me off to this new scam:
There is a soldier that has been emailing me for early release. He tried to go through Larry Christians to get money. They sent me money on a prepaid credit card. Totaling $300 I was supposed to Western Union it to Micheal Roberts. His email address is firstname.lastname@example.org. The address given for Western Union is 122 Church Street, Ikeaja Lagos ST, Nigeria, 23401.
This is a new variation of an old method of scamming. This works quite simply.
Scammers purchase stolen credit card information from the internet. This information is scanned from unsuspecting customers. These customers are generally in the restaurant business. Generally, when you go to pay your bill in a sit down restaurant, you place your credit card in an envelope for the server to take back to his/her machine to make the transaction. For a brief time, the credit card is no longer in your line of sight. Criminals only need a few seconds to scan the card through a small device that sends the information to an app on a smart phone. That information is then sold online around the world.
Here’s a quick video of just one of the ways this can happen:
You can buy these scanners for as little as $9 online. There are some that are only 1.5 inch by one inch in size, like this one.
Once the information is saved somewhere, the card has to be given back to the owner. So, how do scammers use credit cards to spend money? This is where the email I shared above comes in.
Anyone that’s been to WalMart or really any store knows that there is shelf after shelf of gift cards. These cards are just pieces of plastic until they are “activated” at a cash register. You could steal a handful of those and walk out with them empty and no one would probably care. As you know, gift cards all have magnetic strips on them.
How many of you have been to a hotel lately? What kind of “keys” do they have for the rooms? That’s right, magnetic striped cards that the door reads. I have a collection of hotel room keys from throughout my Army career in a box. I don’t know why I keep them, I just thought it would be neat to one day look back at all the different hotels I’ve been to.
A quick search of Amazon for “magnetic stripe card reader writer” will turn up at least one product like this one for about $300.
All the scammer needs to do now is “imprint” the credit card information onto either the gift card or the hotel room and in seconds those are now exact duplicates of the stolen credit card.
Ever wonder why sometimes POS terminals ask for a zip code, sometimes a pin, sometimes the last four digits of the card, and sometimes the security code on the back? Because cloned credit cards obviously don’t have those. That information (except the last four digits of the card) isn’t stored in the magnetic strip. Usually, the scammer will just write the 4-digit number on the room key if they want to use it.
So, what scammers are now doing is either buying or stealing credit card information from the internet and putting that information onto stolen gift cards. These cards are sent to unsuspecting victims and usually come with a request.
For example, the victim may be told that the card has $500 on it, but the scammer only wants $300. He instructs his prey to take out $500 and send him $300 by Western Union. By the time the police catch up to the victim, she has already sent the $300, spent the $200, and is now facing jail time or fraud charged for the entire $500 amount.
Another scam I’m seeing lately is the military charity scam. There are numerous sites that scammers can go to scam women. For example, Kickstarter is a site that allows groups, organizations, and people the ability to raise money for causes, projects, or whatever. Bands use Kickstarter frequently to raise money to self-publish great music. One of my favorite bands, Madison Rising, used it to get back in the studio since the music industry is basically blackballing them for their conservative leanings. There’s nothing wrong with Kickstarter, I’m just using it as an example.
Scammers create a profile and purport to raise money for a fallen comrade or to raise money to come home and see a sick child or whatever. They troll dating sites trying to spread the word about their cause. Money begins flowing and once the amount has been raised, they suddenly disappear.
The problem with these scammers is they call into question legitimate needs. My advice is simple: if you don’t know the Soldier or person professing to be in the military and they ask you for money, be careful. Before you send money to someone, check them out. Run a simple search through Google or Bing and find out anything you can.
If the scammer is claiming to be raising money for a fallen friend, look it up. All troops that have died are listed somewhere, like They Have Names. But, even here there is a catch. It’s not difficult to find the name of a recently deceased military member and use their name to scam people out of money.
In the end, the answer is to beware. Contact the person asking for money that claims to be in the military. Ask them for their military email address. If they claim that they can’t give it out for security reasons or because it has been disabled, it’s a scam. All military emails have the “.mil” extension. This is not an official military email: email@example.com. That is someone trying to make you think it’s a military account, but the extension is “.us” not “.mil.” Similarly, official correspondence from government agencies will end in “.gov.” Many scammers claim to be FBI, but even their emails end in “.gov.” There is no if, and, or but about it. It will ALWAYS be that way. This is the one surefire way to find out if you’re speaking to a real military person.
Never let your credit card out of your site. If it’s dropped, watch the person pick it up and keep it in sight at all times. If the machine is in the back, go with the server to watch the transaction. This isn’t as uncommon as you might think. One of my Soldiers dropped her credit card at the commissary this past weekend. Within a day her credit card information had been sold and charges were made in California and Kansas totaling over $1000. My wife had her debit card spoofed, but we caught it after only one transaction. Be careful about where you use your card and NEVER use a smartphone based credit card scanner to purchase something at a bazaar or something similar. Take cash if you think you’ll be purchasing at an unusual location. Finally, it doesn’t hurt to get a credit monitoring service like Lifelock or something similar.