Our last blog discussed how IT systems improved online auctions and fleshed out advantages as well as disadvantages. One disadvantage is fraud. It is very frustrating and causes great inconvenience. We will discuss the types of fraud, how both the user and company can take measures to prevent criminal activity as well as other factors that contribute to the subject.
Online auction fraud is an easy way for a con artist to make a decent sized profit. There have been multiple cases where the buyer of the product was taken for a large amount of money and only received a phone book or stacks of paper in return. Sources state that online auction fraud is not necessarily on the rise but rather that the con artists are becoming cleverer with their methods. Even though it may not be a growing threat, online fraud has been trouble for many online buyers and the auction websites are not doing anything about it. eBay and Yahoo have received many reports of potential fraud from those who have fell victim to it in the past but fail to act on any credible leads.
As stated con artists are becoming cleverer and are thinking of new ways to con people. Here are some ways the scheme are pulled off. Multiple types of fraud have been perpetrated through the use of online auctions. One example is overpayment fraud which targets the seller of a product as opposed to the buyer. A buyer will contact the seller of a high vale item and presents payment as a counterfeit check or money order that exceeds the value of the item. The buyer will then ask for the difference in in the order to be returned to the buyer. Wire transfer schemes involve the sale of high value items on established auction sites. When a buyer tries to purchase the product, they are redirected to w money transfer site which accepts the money order. After payment is received the buyer does not hear from the seller again. Second-chance schemes work in a similar manner but target losing bidders instead. These bidders are targeted and offered another product at a discounted price. Once again, after payment is received, the buyer will no longer here back from the seller.
To prevent fraudulent cases user should be more skeptical and educated themselves on this matter. Here is a list that can help the user avoid the attempts of fraudulent activity. This is not a exhaustive list however, these are very important factors to consider.
- Fully understand how the auction works and the seller and buyer obligations.
- Review the do's and don'ts before engaging in an auction.
- Examine the feedback from the seller.- Other than feedback, learn as much as you can about the seller. If it is a business check the Better Business Bureau.
-Use Paypal or another form of secure payment instead of using a debit or credit card.
- Educate oneself on the actions the company take.
Companies also came up with ways to prevent fraud. Microsoft defines a firewall as software that helps protect computers against hackers, viruses and worms that try to attack the computer through the internet. DigiCert defines Secure Socket Layer (SSL) as a standard security technology for establishing an encrypted connection between a server (website) and a client (browser). This encrypted connection allows customer information such as credit card numbers, social security numbers, and login credentials to be transmitted securely. Data sent between browsers and web servers unencrypted is vulnerable to being intercepted, allowing attackers to steal personal data. Customers can determine a website is using SSL when the web address begins with https:.
SSL works in the following way:
* The web browser sends a request to the website secured with SSL (https) asking the site to identify itself.
* The website sends its SSL Certificate, including the its public key.
* The browser checks the certificate against a list of trusted certificate and checks to make sure the certificate has not expired. If the browser trusts the website it creates and sends a session key using the website’s public key.
* The website decrypts the session key using its private key and sends back an acknowledgement encrypted with the session key. This begins the encrypted session
* The website and browser encrypt all data with the session key.
Encrypted email works much the same way. Encrypted email messages require both the sender and the receiver to share to share their public key. Many online auction sites use encrypted email to communicate with customers.
Other than steps provided for the user or company there are a few ways to prevent such criminal activities including law enforcement. The FBI will continue to investigate these fraudulent cases and chase con artist until their operations are stopped. Online auction fraud will continue to plague auction websites and buyers on those sites until the companies themselves start to help exterminate the con artists and their methods from the internet.
- http://www.fbi.gov/news/stories/2009/june/auctionfraud_063009
- http://www.fbi.gov/news/stories/2009/june/auctionfraud_063009
- https://www.digicert.com/ssl.htm
- http://pages.ebay.com/help/account/safety.html
- http://www.microsoft.com/en-us/default.aspx
