Tips to Spot scams - A new Trade Me buying scam attempt I haven't seen before
Got an email which doesn't seem right? It's probably a scam!
Always double check on trademe.co.nz for the status of your listings and account.
This is a phishing attempt email I received shortly after a user bought an auction of mine:
What's wrong with this email?
- Sender is not TradeMe (@trademe.co.nz).
- Bad grammar.
- TradeMe would never ask you to click a link through your email to complete a trade.
- TradeMe does not have a payment holding system like this scam depicts.
- TradeMe emails typically have a footer reminding you about scams.
I had bank transfer/cash for payment methods of my auction. This unexpected method to complete the trade raises alarm bells.
Check the seller account details:
- This is a new account and has no ratings. (But not always the case!)
- This may legitimately be a new user to TradeMe, but with the suspicious email we can assume this account has fraudulent intentions.
- This account may have belonged to a legitimate TradeMe user who sadly had their account compromised ('hacked'), this is why I am not showing the full username.
Where did the scam link go to?
- Do not click links like these! The link could have downloaded malware, impersonated a bank login page, or blackmailed me. Any number of things could happen.
Watch out for more scams:
- The person behind this scam now has my email address, my name and my TradeMe username. They could send a scam email in the future trying to impersonate TradeMe or another company.
What do you do if you receive a scam like this?
- Contact TradeMe! https://help.trademe.co.nz/hc/en-us/requests/new
- Do not reply, click links or otherwise antagonise the person behind this scam!
- TradeMe can refund the success fee and remove bad feedback left by the fraudulent account.
In my experience, TradeMe has been good at removing fraudulent accounts and warning others of fraudulent listings they have participated in. But these do occasionally slip through, so help TradeMe buy reporting scams!
-
S Community SuperuserEditedKia Ora Mark,
Thank you for the time and work you have put in to sharing the message here - an excellent article 😊
A very similar case was commented through earlier today to which Lucy - Customer Experience Team has requested these emails be forward directly through to their Trust & Safety Team using the abuse@trademe.co.nz email address - Cheers.
1 -
Yes, I saw that email this morning and my success fee had been refunded.
Extra brownie points for TradeMe, I saw the user came up as "account suspended" after 2 negative feedback ratings (myself + someone else) last night. This morning the account looks fully suspended.
Great job for the system automatically disabling their account until a human could verify, that has would have saved more people they were trying to target!
1 -
S Community Superuser
The other known email reported on Community comes through with the Link "Proceed to the final step" to select and does indeed take one through to requesting Bank details Login & Password - You've highlighted this new attempt well here - Cheers 😊
1 -
Hi there, identical buy now situation and identical scam phishing email sent to me today, also from account with 0 feedback which has now been disabled. Have forwarded email to abuse@trademe.co.nz, hopefully they will refund fees as I receive an error message when I try to do this through the listing. Thanks so much for providing the above info, it has been most helpful as I wasn’t sure what was happening, really glad I didn’t click on any links!
2 -
S Community Superuser
Well Done Catherine, - As your Buyer's account has been disabled keep your eye out for an email from TradeMe which should also contain confirmation of your success fees refund - Stay alert to any further phishing emails which may come through, especially those you don't know and wouldn't be expecting - Cheers.
1 -
I had a success fee refund the next business day for my listing Catherine.
1 -
Hi guys, so I was refunded my success fee for the last item, thanks for all your help/advice on this, but the same thing happened again yesterday!! I changed all my auctions to only allowing bids from authenticated/verified members, this was a verified account with a large amount of all positive feedback - presumably a legit hacked account? The account has been disabled and my success fee refunded already, but incredibly frustrating and making me consider other selling platforms. Is there anything further to be done to prevent this and protect auctions? Cheers.
2 -
Yes Catharine, it could be someone's TradeMe account 'hacked'.
Sadly it happens on many other websites too. Someone I know recently had their social media account hijacked by this.
It's likely not 'hacked' from Trademe's side, what has likely happened is that the user has had their login leaked or session tokens leaked.
Example:
- The person has accidently opened a file included in an email. -> The file didn't open and they thought nothing of it.
- The file was an .exe or .scr executable file and it was malicious code running on their computer.
- The file looked at their stored passwords and/or session tokens on Chrome, Edge, Firefox, etc and sent them to the attacker.
Session tokens:
This is when a website lets you stay signed in. It gives your browser a cookie with a lot of characters as the 'key' and it's used sort of like a password to keep you logged in. When you login to the site, your browser will let the site read the session token and the site's authentication will verify the token is still valid.
The token is valid for a short amount of time, but it's all about chase when it gets exploited and used! It's an example to be very careful which websites you save the passwords of and 'stay logged into'.
1 -
S Community Superuser
Thanks for that comprehension Mark, - That's a valuable insight to share & Much appreciated 😊👍
1
9 comments
Date
Votes