Turning the tables on a scammer... by contacting his mum on Facebook

Using the same username across the web? That may have its drawbacks…

Turning the tables on a scammer... by contacting his mum on Facebook

Some scammers think the chances of the police ever catching them are low, but there's one thing they are afraid of: their mum.

Christian HaschekSecurity researcher Christian Haschek tells the story of how he tried to sell some Apple gift cards online that he won in a competition, but ended up handing over the gift card codes... and not receiving any money in return.

Although the scammer tried to fade away, Haschek knew the usernames that the gift card robber had used on eBay and Reddit.

That eBay nickname had also been used on a freelance job search site, providing his first name, the first letter of his surname, and confirmations of his city.

The information collected so far brought Haschek to a likely Facebook profile belonging to the scammer - but its locked-down privacy settings prevented much further information being extracted.

No matter, one of the scammer's friends was a lot more lax with their Facebook privacy settings, and Haschek was able to trawl through four years' worth of old posts - eventually revealing the scammer's full name.

So, now what? Well, Haschek found the scammer's older brother and mother online, and sent them this message:

Haschek Facebook message

Hello <REDACTED>

My name is Christian Haschek and I'm the head of the security research company Haschek Solutions.

I want to talk to you about your brother <REDACTED> He is scamming people on Reddit <REDACTED>

He stole 500$ (2x 25U$) Apple Store gift cards from me personally a few weeks ago. He wanted to buy them from me. I gave him the card codes and he deleted his accounts. All I had was his IP address (located in <REDACTED>) and his Ebay account he used to assure me his karma is good)

Then I focussed my companies resources to find out who he is and within a few days we had all the information needed to take legal action.

We have found multiple IPs and Email addresses. they all connect to his steam. ebay and multiple other accounts. We also found his address <REDACTED> and his birthday.

I have contacted him several times via various sources but he keeps lying and deleting his accounts.

When I found out he is only 22 I hesitated on contacting the <REDACTED> state police because I too at his age did stupid things and I don't want to ruin his future because of this.

<REDACTED>

I wanted to consult you on how to continue with this matter, as I said I don't want to ruin his life but I need to know that he won't scam people anymore.

Best regards,
Christian

Check out Christian Haschek's blog post to find out what happened next. :)

So, what can we learn from this?

Well, when you reuse usernames across the web you're helping others pull the strands of information together to weave a picture of who you are, where you might live, and what your interests might be.

Furthermore, take Facebook privacy seriously and be careful what you post and how you share it. Sadly it's not enough for you to be careful with your online privacy - you also need your friends, family and colleagues to be just as wise to the risks of sharing too much information.

Finally, take care when you sell things online.

If you are on Facebook, and want to be kept updated with news about security and privacy risks, and tips on how to protect yourself online, join the Graham Cluley Security News Facebook page.

Tags: , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

Subscribe to the free GCHQ newsletter

, ,

2 Responses

  1. Alex

    September 15, 2016 at 1:57 pm #

    Had I received it, I would have thought the original letter was a scam in and of itself considering the poor composition and spelling.

    • SJM in reply to Alex.

      September 15, 2016 at 8:25 pm #

      If you had a bit of consideration you would have deduced that english is not Mr. Haschek first language since he is from Austria.

Leave a Reply