Our last blog discussed how IT systems improved online auctions and fleshed out advantages as well as disadvantages. One disadvantage is fraud. It is very frustrating and causes great inconvenience. We will discuss the types of fraud, how both the user and company can take measures to prevent criminal activity as well as other factors that contribute to the subject.
Online auction fraud is an easy way for a con artist to make a decent sized profit. There have been multiple cases where the buyer of the product was taken for a large amount of money and only received a phone book or stacks of paper in return. Sources state that online auction fraud is not necessarily on the rise but rather that the con artists are becoming cleverer with their methods. Even though it may not be a growing threat, online fraud has been trouble for many online buyers and the auction websites are not doing anything about it. eBay and Yahoo have received many reports of potential fraud from those who have fell victim to it in the past but fail to act on any credible leads.
As stated con artists are becoming cleverer and are thinking of new ways to con people. Here are some ways the scheme are pulled off. Multiple types of fraud have been perpetrated through the use of online auctions. One example is overpayment fraud which targets the seller of a product as opposed to the buyer. A buyer will contact the seller of a high vale item and presents payment as a counterfeit check or money order that exceeds the value of the item. The buyer will then ask for the difference in in the order to be returned to the buyer. Wire transfer schemes involve the sale of high value items on established auction sites. When a buyer tries to purchase the product, they are redirected to w money transfer site which accepts the money order. After payment is received the buyer does not hear from the seller again. Second-chance schemes work in a similar manner but target losing bidders instead. These bidders are targeted and offered another product at a discounted price. Once again, after payment is received, the buyer will no longer here back from the seller.
To prevent fraudulent cases user should be more skeptical and educated themselves on this matter. Here is a list that can help the user avoid the attempts of fraudulent activity. This is not a exhaustive list however, these are very important factors to consider.
- Fully understand how the auction works and the seller and buyer obligations.
- Review the do's and don'ts before engaging in an auction.
- Examine the feedback from the seller.- Other than feedback, learn as much as you can about the seller. If it is a business check the Better Business Bureau.
-Use Paypal or another form of secure payment instead of using a debit or credit card.
- Educate oneself on the actions the company take.
Companies also came up with ways to prevent fraud. Microsoft defines a firewall as software that helps protect computers against hackers, viruses and worms that try to attack the computer through the internet. DigiCert defines Secure Socket Layer (SSL) as a standard security technology for establishing an encrypted connection between a server (website) and a client (browser). This encrypted connection allows customer information such as credit card numbers, social security numbers, and login credentials to be transmitted securely. Data sent between browsers and web servers unencrypted is vulnerable to being intercepted, allowing attackers to steal personal data. Customers can determine a website is using SSL when the web address begins with https:.
SSL works in the following way:
* The web browser sends a request to the website secured with SSL (https) asking the site to identify itself.
* The website sends its SSL Certificate, including the its public key.
* The browser checks the certificate against a list of trusted certificate and checks to make sure the certificate has not expired. If the browser trusts the website it creates and sends a session key using the website’s public key.
* The website decrypts the session key using its private key and sends back an acknowledgement encrypted with the session key. This begins the encrypted session
* The website and browser encrypt all data with the session key.
Encrypted email works much the same way. Encrypted email messages require both the sender and the receiver to share to share their public key. Many online auction sites use encrypted email to communicate with customers.
Other than steps provided for the user or company there are a few ways to prevent such criminal activities including law enforcement. The FBI will continue to investigate these fraudulent cases and chase con artist until their operations are stopped. Online auction fraud will continue to plague auction websites and buyers on those sites until the companies themselves start to help exterminate the con artists and their methods from the internet.
- http://www.fbi.gov/news/stories/2009/june/auctionfraud_063009
- http://www.fbi.gov/news/stories/2009/june/auctionfraud_063009
- https://www.digicert.com/ssl.htm
- http://pages.ebay.com/help/account/safety.html
- http://www.microsoft.com/en-us/default.aspx
Online auctions is one of the many ways that hackers and con artists generate full time incomes. I currently own a mid-sized ecommerce business with about 10 employees and each one of them has a history in ecommerce before coming to work for me. I have individually talked to each one of my employees and every one of them has been screwed out of money in an online auction type setting before. In the 4 years of growing and expanding my business, I have been screwed over maybe 2 or 3 times on each platform I sell on. I have a "protocol" of ways to train new hires in what to look for in each platform we sell. For example, there are certain things to detect fraud online auctions on Amazon, eBay, my online store, etc. This seems to be a growing "market" for hackers and con artists and is something that should be stopped!
ReplyDeleteIt does seem quite interesting. This looks like a very serious issue when it comes to the internet because identity is easy to forge. I wonder how future technology will grant us the ability to catch fraudulent acts before they are committed. Maybe some sort of special log in system Identification thing.
ReplyDeleteDo you think they will eventually comes with an application where they can detect fraud? Even thou people are very careful and follow your rules, they still won't be safe from fraud. I fine that anything online is never secure let alone online auction.
ReplyDeleteI do think that with all the innovation that eventually there will be an application to detect fraud.
DeleteDo you think in the future, that technology will help to decrease fraud or that individuals will have to learn how to be mindful of their transactions?
ReplyDeleteI would say in the future there may be a technology to decrease fraud but it never hurts for individuals to be mindful of their transactions.
Deleteif people do not want fraud, then stay out of the internet because even if the decreasing fraud, there will have small percent of fraud
ReplyDeleteDo you think that there could be a realistic solution to stopping or at least preventing most online auction fraud or will it always be a matter of finding these people after the fact?
ReplyDeleteI think even with new technologies and applications there will always be fraud. But I would not say it will always be a matter of finding the person after the fact.
DeleteI do not understand why the host is not held to a higher standard in regards to fraud incidents and compensation. When using an auction site, you trust that the site is secure because when money is involved, which is always the case, there is no room for error. The government should set more strict policies for these websites. When users of these recourses feel secure, they will feel more safe and spend more money, which will ultimately help the company grow.
ReplyDeleteI cannot see a solution to the fraud problem that happens on the internet, its so hard to stop people from committing fraud.
ReplyDeleteIf there is money to be made, I am sure hackers will always find a way.
ReplyDelete