Sign up to our newsletter
The latest security news direct to your inbox
ESET Ireland’s Urban Schrott has just blogged in What’s scamming this week? about scams that have been noted recently in that part of the world. He looks at several examples, but the one I’m looking at here is a type of 419 where the nature of the scam may not be immediately obvious if you’re not addicted to scam-watching.
How to be Accommodating
As Urban points out, since Ireland is a popular tourist destination, it’s not surprising that it attracts a goodly number of this type of scam message aimed at hoteliers and B&Bs. Note that the spelling and grammatical errors in the example below are the scammer’s, not Urban’s or mine. :) Bear in mind that scam messages aren’t always as badly written as this.
Subject: Vacation Acommondation needed
Date: Sun, 2 Feb 2014 02:11:42
I am writing a letter to make a reservation in your hotel my name is Mrs Abriana Badrick from u k.Me and my family decided to spend vacation in your hotel its a 8 days ,we will arrive on 10th February 5pm to 18th of February we are four member, 1 double room and 3 single room i will be happy if u will check availability and email me all detail regarding your hotel service.
I need to know room rate for this date, if you have any good package for family it will be great news for me. Also i will like to know type of payment you accept for advance payment as we will like to make full payment in advance by my credit card.waiting to hearing soon
Mrs Abriana Badrick
Check the Check (or Cheque)
Often this plays out that if they receive a response, the reservation is paid by cheque, then cancelled and refund requested, but as the cheque doesn’t clear, the owner gets scammed. Several other scams may also be attempted on the owner, but all with a predictably unfavourable result for them.
This scam is effective because under some circumstances a counterfeit cheque may not be detected as such until weeks after the cheque has apparently been cleared. I’ve seen this described as a US problem, but it can actually happen elsewhere. The first commissioned computing article I ever wrote and saw published showed up in my bank account but subsequently disappeared again because the magazine didn’t have the funds to cover it. In fact, it probably knew it was going into receivership before it posted the cheque. In that case, however, there was no attempt at unequivocal fraud. (Unless the editor never had any intention of paying me, which is pure supposition.)
The apparent intention with the scam message quoted above doesn’t seem to have been to pay by cheque, however. This looks more like the scenario the scammer makes a booking for the whole amount by credit card, usually for a large party for 1-2 weeks and with a stolen credit card, then cancels and asks for a refund by wire transfer or cheque (excuse the English spelling, but I am English! – I’ll change it below where I’m specifically talking about the American cashier’s check). In such a case it can happen that the hotel is required to reimburse the owner of the stolen card as well as ‘refunding’ the scammer.
Caveat Emptor et Venditor*
While many (but not enough) people are cautious about buying goods and services from unknown individuals, they may be less cautious about selling them. Another variation on this theme, sometimes directed against the hospitality/hotel industry but also sometimes against people selling or auctioning goods (online or otherwise) in the US involves offering to pay with a cashier’s check (the equivalent to a banker’s draft in the UK). That is, one where payment is considered to be ironclad because the payment is offered by the bank, not the bank customer.
However, if the check is a sufficiently sophisticated counterfeit, it may take quite a while for the vendor’s bank to discover that it’s a fake, and it then has the right to reclaim money for a cleared but fake check from the account holder. The goods offered for sale or auction are usually of significant value, so it’s bad enough that the vendor ends up with neither the goods nor the money he thought he’d been paid for them. More often than not, however, the scammer finds some excuse for sending a check for much more than the amount required for the goods, and asks the vendor to send the excess back after the check clears. If he does this, then he will have lost the ‘excess’ cash as well as the goods when the bank reclaims the check amount from his account.
419-ers at your Service
The scam can be effective against the suppliers of other services, of course, not only hospitality or retail services. For instance, one common type of 419 asks for various kinds of legal services. Whether you’re an individual with something to sell on eBay, a hotelier, a retailer or a provider of professional services, it’s worth knowing and remembering that just because money paid into an account has become available for withdrawal, that doesn’t guarantee that it’s been found to be a genuine payment. A counterfeit check may not be identified as a fake until weeks afterwards.
I suppose that if the hotel industry becomes more aware of this scam, it means I can expect even more hassle when I book a conference hotel in future…
*Let the buyer and the seller beware. The expression ‘Caveat venditor’ is sometimes used to indicate that the vendor remains liable if the goods sold aren’t fit for purpose. Obviously, I’m using it hear in a more general sense: both the buyer and the seller can be at risk if the other party in a transaction has fraudulent intentions.
ESET Senior Research Fellow
Author David Harley, ESET