

For Sale? Beware of These Scammer Tricks! — Recently, one of our readers asked us if we thought a Zelle payment for an item she posted for sale in Facebook Marketplace was a scam. “Hell yes!” we said. At about the same time, Reddit members were discussing the likelihood that some used cars posted for sale online were scams. The conversation that followed on Reddit raised a very good point that will help you identify some online sales as scams! We thought it worthwhile to look at both sides of this “for sale” coin. Are you selling merchandise, or buying merchandise online from individuals, and not businesses? Here’s a couple of things to look for to protect yourself from getting scammed!
One of our readers sometimes posts things for sale online in Facebook Marketplace. We’ll call her Tricia. Tricia recently posted a vintage Hamilton Beach Standing mixer, along with two bowls, for $100.00. The next day she received a message from someone identified as Joaquim Cruz, expressing interest in the mixer. Mr. Cruz asked for Tricia’s email and phone for texting questions about the item and seeing photos. Then, without much conversation about the item, Mr. Cruz informed Tricia that he had sent her a Zelle payment for it. (Zelle is a peer-to-peer digital payment system, similar to Venmo.) Shortly after, Tricia received an email from Zelle, stating that she had received a payment for $175 (Not $100) and that the payment had been withheld and was “pending.” Mr. Cruz claimed to have received a similar email stating that his payment to Tricia was put on hold because Tricia didn’t have a Zelle business account. Check out the text exchange and “Zelle email” below and we’ll explain how this scam operates…
We hope our readers noticed that Joaquim Cruz explains that he is “required to send in an additional payment of $300USD” so that Tricia’s account will “expand” to a business account! (“expand” is not the correct word to use.) Mr. Cruz is willing to do that but asks Tricia “Can I trust you ??” IT IS A MAJOR RED FLAG FOR A COMPLETE STRANGER TO ASK YOU “Can I trust you?” We’ve seen that phrase used hundreds of times by scammers! Look carefully at the email below that Tricia received and you’ll notice that it didn’t come from zelle.com! It came from a personal Gmail account called ZelleOnlineCustomerServiceTran. (Hey Google, WHY can’t your AI see account names that are created with OBVIOUS fraudulent intentions and immediately delete them?! This should be YOUR responsibility, rather than expecting netizens to jump through your reporting hoops! )
This bogus email, pretending to be from Zelle, told Tricia that she needed to accept another $300 from Mr. Cruz in order to update her Zelle account to a business account and receive all $475. Had she agreed to that, she would have received another FAKE email telling her that all $475 was received and she now would be able to upgrade her account. The fee for this upgrade is several hundred dollars. But not to worry because it was Mr. Cruz who overpaid Tricia so she could make this account upgrade through his generous funds! All Tricia had to do after upgrading was to repay Mr. Cruz the extra money that he had sent so her account! That, of course, is the scam! It’s been exploding recently amongst individual online merchandise sellers in communities like Facebook Marketplace!
Though Tricia didn’t recognize that the email she received was a scam (until she shared it with us and we told her), she made it clear to Mr. Cruz that she accepted CASH ONLY! Of course, “Joaquim Cruz” ignored that request. You can check out more details about the way this scam operates in this excellent Yahoo article by Andrea Norris, published on September 30 and titled “Zelle Facebook Marketplace Scam: How to Recognize and Avoid This Scam.” There have been lots of very successful scams targeting Zelle app users. Here are a couple more recent articles detailing many more of these scams….
9 Common Zelle Scams to Watch Out For (By Jaime Stathis on Reader’s Digest, updated 9/29/22)
Stop Zelle Scams Before Thieves Get Anywhere Near Your Money (By Peter Butler on CNET, 9/27/22)
No doubt, you’ve heard that the cost of used cars has skyrocketed as demand for them has soared. Many reports suggest that this is due to a complex interaction, and trickle-down impact, from supply-chain issues related to the COVID pandemic, electronic chip shortages, and even the war in Ukraine. These have all had an effect on the production of new cars, and hence demand for used cars. (This July 22 article by Coco Khan in The Guardian does a good job of elucidating this problem.)
What this unprecedented rise in used vehicles means is another opportunity for scammers to target the public! But rather than targeting them as buyers, people are seeing deals “too good to be true” appearing on sites like Facebook Marketplace. This image appeared recently on a Community website on NextDoor.com. It was a screenshot taken from Facebook Marketplace showing several cars that were for sale in Eastern Massachusetts, USA. The image includes three Nissan used cars for sale by owners, ranging from $600 – $1000. Compare those prices to the used car listings below from the Kelly Blue Book average values, based on the year and model listed for the car :
Kelly Blue Book (KBB) values:
2005 Nissan Altima: $2961 – $4132
2007 Nissan Maxima: $3943 – $5382
2010 Nissan Maxima S: $6682 – $7537
The person who posted the screenshot on the NextDoor forum was asking if people thought these prices were legitimate or a scam because they were so far below the KBB estimates. One respondent named Ian said “Yes- if contacted- they will tell you the vehicle is in some distant location and you just have to send $$ to have it shipped. You will NOT be able to go inspect the vehicle. Oh yeah, there will be a sob story about a sick or recently-deceased relative as well. ‘If it’s too good to be true…’ ”
Ian’s point is well made and contains two important facts that we’ve repeatedly seen from scams related to the buying and selling of merchandise, as well as the renting of houses and apartments…
- If you contact someone selling/renting something and are told that you can’t see it in person for whatever reason, OR you have to go visit it WITHOUT the seller accompanying you, OR that you have to send a deposit FIRST to hold the item… WALK AWAY! THIS IS VERY LIKELY A SCAM!
- If it does seem too good to be true, it is! WALK AWAY!
Scammers are depending on people’s very tight pockets in today’s economic circumstances to keep their eyes on deals that are unrealistic and too good to be true! Force yourself to let it go! You aren’t “missing a good deal” so much as protecting yourself from a very likely scam! And if you truly think this is a real deal of the century from someone doing you a favor or desperate to get rid of the item, we STRONGLY urge you to conduct the exchange in a public space, in person and, in the case of a car, get a title and run a VIN check to see that the car isn’t stolen and to learn its accident history. Here are two good resources to use:
https://www.nicb.org/prevent-fraud-theft/buying-vehicle
(National Insurance Crime Bureau)

Heard About the UK Energy Bill Support for Citizens? Scammers Have! – Scammers have been exploiting the British government’s recently announced Energy Bills Support Scheme by sending out highly convincing phishing text messages. Protect yourself using this FREE, all-in-one tool! Click below to read more security tips:


Hurricane Related Scams, and You Deserve a Good Laugh! – Hurricane season was barely underway when Hurricane Fiona ravaged Puerto Rico with 10 – 30 inches of rain on September 18. This storm continued to batter other Caribbean Islands before taking an unusual turn toward Canada where it severely damaged parts of Prince Edward Island and Newfoundland. Just eleven days later, Hurricane Ian roared across Cuba, devastated much of the Southern Florida caribbean coastline with 150 mph winds, and then continued on to hammer South Carolina with sustained winds of 85 mph. The destruction between these two hurricanes alone is estimated to be more than 100 Billion dollars!
In response to the carnage, resultant human suffering and loss felt by millions of people, scammers once again demonstrate a remarkable lack of humanity and empathy! They use human suffering to steal and cheat. Beware of scams related to….
- Donating money to help victims
- Rental properties and/or rental equipment
- Fake contractors
- Malicious clickbait disguised as emergency relief
- Requests on social media for support
If you are looking to donate $$ to help those in need after terrible disasters such as these hurricanes, one excellent place to do that is the Center for Disaster Philanthropy (CDP), based in Washington, D.C. According to CharityNavigator.org, CDP has their highest rating of 100 points out of 100 possible points!
Here are a few articles related to hurricane-related scams:
https://www.rd.com/article/hurricane-scams/
https://www.fcc.gov/consumers/guides/after-storms-watch-out-scams
https://www.cisa.gov/uscert/ncas/current-activity/2022/09/30/hurricane-related-scams
https://www.wjhg.com/2022/09/29/be-lookout-hurricane-ian-relief-scams/ (Video from WJHG)
Rob, Professional Scambaiter Extraordinaire, shared another scam call with us that’s hysterical! He received a call from a female scammer who pretended to represent Medicare. (Once again, you can hear lots of scammers in the background.) Instead of talking to the scammer himself, Rob turned on a voice recording of a woman who was having a hard time focusing on what the scammer wanted. The recording included a very impatient child in the background, making it so frustrating for the scammer that she hung up after 5 minutes! The scammer, who has an Indian accent, tells the woman that her medicare card is going to be terminated in 3 business days! This call will give you a good laugh, especially if you have kids and are often a distracted parent!
Scam Call
In a different 419-Advance fee scam, Rob was given $5,000,000, which he has promised to share with us as soon as he collects it. We mention this because we want readers to understand that scammers will create online fake banks as a part of these scams. They’ll send the targeted victim information how to log into their new bank account to see that the “money” is in their new account. But they have to pay fees before it can be transferred to their personal home bank which, of course, never happens. The fake bank used to try and scam Rob was called Platinum Global Finance Bank. Check out our feature article about Fake Banks, which now lists 68 fake banks!
Last week, our Top Story was about bogus online specialty liquor stores that are used to scam people. The next day we were contacted by another professional scambaiter named “Whiskey Scambaiter.” As you can guess, he specializes in going after these types of scams! He told us about @WhiskeyScam (Whiskey Scam Alert on Twitter) and gave us lots more online scam liquor stores that were reported to be fraudulent websites. So, pour yourself a quality drink, pull up your computer, and enjoy this super-sleuth team of whiskey-affectionados as they call out tainted-liquor shops. (And visit our updated article to see these additional 19 active scam websites.)
A FINAL NAIL IN THIS COFFIN: During the last two months we’ve received at least six emails from people claiming to represent a marketing agency and asking if we are willing to be paid to have the agency post content on our website. (We’re not!) We are finally THRILLED to say that an online security service, PhishTank.org, has identified these emails, and their associated Google-collecting forms, as phishing scams! Vindication feels so good!
Valuable consumer alert from the FTC: Did you get an email saying your personal information is for sale on the dark web? Here’s what to do….


Scammers Must Subscribe to Our Newsletter…Paypal Pain – So many phish and so little space… Let’s start with the fact that we published an article last week about the most realistic email we’ve ever seen that is actually a phishing scam. Two hours later, one of our readers sent us another example that had just targeted him. Coincidence? Hmmmm…. Not too likely. Here it is. There are subtle English errors in this email and also on the destination page on Paypal. Most importantly, the recipient is NOT identified by name and address. BEWARE!
At the other end of the professional scammer spectrum is this email from “Paypal” that opens with “Valuable User…” Also, notice the odd way that scammers typed their scam phone number. They do this hoping that anti-spam filters will not recognize it as a fraudulent number. But this crazy format ABSOLUTELY identifies it as a scammer’s phone number! Lunge for the delete key!
Comcast (Xfinity) subscribers have been heavily targeted during the last two weeks by phishermen! Readers have sent us many examples of these scams. Here’s one example we also found funny because it appears to be a message from COMCAST VOICE. The recipient was asked to log in and “READ VOICE.” The link points to a phishing page set up on the free service at pory[.]app.
Delete!


Scams You Can Expect in the Fall – Here in the northern hemisphere, Fall has arrived and the leaves of deciduous trees are turning colors. As surely as they will fall to the ground, your inboxes will receive scams like this one. Though Gutter Guard and Leaf Filter are real products, this malicious mimic is not from them and isn’t real. It is a landmine, placed in inboxes every fall, for at least the last four years. We want readers to notice that the email came from a free Yahoo account and links point to a misused service at Microsoft. BleepingComputer.com wrote an interesting article back in 2018 describing how cybercriminals have taken advantage of Microsoft’s blob storage services. Bottom line, be on your guard for more fall-related malicious clickbait, including Halloween and Thanksgiving related clickbait!
Have you noticed that airlines seem to be managing their fleets better, and canceling fewer flights due to staffing shortages? As more and more people are booking flights, we found this malicious clickbait of particular interest. Sent to us by a longtime reader, the email thanks you for booking your flight with American Airlines. They are “reviewing your payment” and offer a clickable reference number. But this email didn’t come from AA.com and the reference link doesn’t point to AA.com! It points to website called londi[.]net. Step away from the ledge! We’re certain that the link is malicious!


Never Click These Attached Files! – We hope we sound like your mom or dad, saying the same thing over and over, until your eyes roll back in your head and you storm into your room, slam the door, and yell “OK! OK! I get it! Enough, already!” There are files that can be attached to emails that should NEVER be clicked, even if they come from legitimate services! (Yes, we just said that.) These files contain instructions that direct your web browser to do what the sender wants! Check out this bogus email pretending to be from Change Health Care, but was sent by cybercriminals from a Gmail account. The email claims to contain a “secure, encrypted message” and you are asked to open an html file. No, no, no! Do NOT click files ending in DOT-html, DOT-htm or DOT-php! Now open that door and don’t roll your eyes at us again or you’re grounded!
We may have a new record for the number of security services informing us that a link is malicious. Fourteen! Below is an email that targeted David at TheDailyScam. It appeared to come from the Chinese company called Alibaba and sent by someone named “Alyssa from Peru.” Apparently, Alyssa wanted a quote from David and he needed to click either “Reply Now” or “Manage Your Orders.” But those links didn’t point to Alibaba. They pointed to a severely misused service online called ipfs[.]io. In July, 2022, Trustwave.com published an excellent article addressing how severely ipfs[.]io was being misused by cybercriminals!


DCU Login and Security Alert! Login Blocked –Smelly phish abound! Check out this text that arrived in a reader’s phone from 949-994-8978, telling her that her DCU Account has been “temporarily suspended.” (She doesn’t have a DCU account.) She’s asked to click a link to a domain called aq47[.]net.That’s certainly not dcu.org! Apparently, the domain aq47[.]net has been around for nearly 2 years and has long been identified as a phishing site. Too bad we can’t get Hostgator to take down that site and remove the domain!
Here’s a very different type of phishing scam that came to one of our readers as a text, pretending to be about Paypal again. Notice that this text came from a bizarre email account visible, in part, at the very top of the text. It is called “paypalhelp-teamid-1rt10i4.” The text claims that your account has been “limited” and you are asked to click a link to log into it. The link clearly shows that it doesn’t point to paypal.com! Deeeeleeete!
Until next week, surf safely!

Copyright © 2021 The Daily Scam and Scamadviser. All rights reserved. You are receiving this email because you
have subscribed to it via Scamadviser.com or thedailyscam.com
Keurenplein 41, UNIT A6311 | 1069CD Amsterdam, The Netherlands