Recently, I saw a post online in a export business forum: "The customer sent a document. I wonder if it involves fraud?"
Another foreign trader said that he almost lost 6.5 million yuan because he clicked the link from the customer?!
Cheated twice? Am I on the VIP list of the scammer?
The foreign trader said: A new customer in the Netherlands talked twice via the email, and each email was replied in about ten minutes. No customer has ever returned to me so quickly. I suggested to talk on whatsapp or WeChat, but opponent ignored me, and the email tracking information could not see his IP address... It was not long before the customer sent a file, saying that it was about the purchased goods, and sent it through the Dropbox, Click it, a page will appear, saying I need to fill in the email and email’s password
Because I didn't know this, I clicked a link with Wetransfer a month ago and filled in a password, which resulted in the loss of my account... This time, I had to fill in a password to log in, so I wondered whether there was something fishy. I asked the other party to send it in another way, but the other party returned two consecutive letters, explaining sincerely:
1. Because the file is too large, you can only use Dropbox to send it;
2. They chose Dropbox because they were once scammed.
Although I think there is a problem with the whole reply logic, but I dare not judge him to be a scammer. After all, it is really difficult to get an order now. I still hope that some foreign traders can answer my doubt on this.
Later, some netizens said after the post:
"The one who wants the password can basically be identified as a scammer, because the authentic Dropbox sharing file does not need this. The customer sends a link, and you can download it directly!"
"Dropbox can be downloaded directly without entering a password, so it should be a scammer"
In fact, this is a classic foreign trade scam, but in another form, the other side's scammer is sincere, and the foreign trader is in a hurry to get the order, so he will be scammed if he is not careful, so the poster cannot judge whether it is true or not even when he has ever been cheated!
"What if it is true? What if my order is finished?" We always think like this, but we don't know that this gives a scammer a chance to take advantage of it!
Another story: the company almost lost 6.5 million yuan due to a series of mailbox scams
When you see a website sent by a customer, you log in quickly and enter your email and password. Although these operations are just a minute, the consequences are very serious. You should know that their real purpose is the payment of the customer you are about to get an order from!
Boss Deng of Hangzhou Garment Foreign Trade Company recently went through such a series of scams and was closing to a loss of 6.5 million yuan!
"On September 10, a customer sent an inquiry. After chatting for a few days, he sent a purchase information document. Clicking on it showed that I needed to enter the email address and email password. I didn't think much about it, so I filled it in. Later, I followed up with the customer. The customer said that he was still considering it and would reply to me in a few days.
On September 15, I just had an old customer place an order. He said that he expected to pay me 6.5 million yuan for goods in about a week.
On September 25, I found that I had not yet received the payment for goods, so I went to ask about the situation, but the customer was also confused. He said that the payment for goods had been made, and he also showed me the chat record and payment information.
At that time, I was really shocked. I realized in a flash that I had met a scammer, and then I called the police at the first time.
After investigation, the police found that the email password I had previously clicked on the link was the phishing software of the swindler. They used some means to tamper with the payee information and collection account in the email I sent to foreign customers, and the customer finally made the payment into the swindler's account according to the email information.
Fortunately, because I called the police in time, the police successfully recovered all the payment through timely appeal to stop payment and freeze! "
Through the above two cases, we can see clearly that the fraudsters operate step by step. You think that they just input a password, but it have actually become the "victory horn" for them to cheat customers!
There are many ways of fraud, how to avoid it?
Now we have sorted out the classic features of phishing mail scams and the most effective remedial measures. Foreign traders must check and remember!!
Typical features of phishing mail
Features of phishing mail:
1. Give a link and ask for your email account and password to view the sample.
2. I saw similar products on other suppliers' websites and asked if you could do it? It is the same to give a link. The requirements are the same.
3. The payment has been made. Please download the attachment to view the payment memo. The attachment is actually a website, which means you can enter your email account and password.
How to identify phishing emails quickly?
1. No matter customers send inquiries on major B2Bs, or emails after several exchanges, or even chat content on online chat tools (such as hotmail client end), as long as the chat content is a web page with a link and need you to enter Email Address and Password, it could be directly identified as phishing email.
2. Were there any attachment in the email, or downloaded content is a website address, and request you to enter the Email Address and Password, you can judge it as a phishing email.
3. If the email contains an attachment which is an exe file, be careful of the trojan horse and delete the email directly.
4. It looks like customer service mailboxes of various B2B platforms or email systems (including Yahoo, Hotmail, etc.), sending emails to you and asking for your email account and password to verify or update your email account, which can be ignored directly (if you are not sure, you can contact the customer service of the platform or email to confirm whether it is true).
Remedies after been scammed
It is useless to just change the password and kill viruses. A scammer can still get the contents of your mailbox. You must do the following four things before you can be safe:
1. Delete the email address filled in by the scammer in "automatic forwarding", otherwise, every letter you send to any guest will be automatically copied to the scammer, but you do not know it;
2. In "Associated Account" or "Associated Email", delete the account and email set by the fraudster. Otherwise, even if you take the first measure, the fraudster can still log in to your email with other accounts;
3. For some mailboxes, after the password is modified, the new password can be automatically sent to the mobile phone, while you need to check whether the fraudster has left any mobile phone number information in your settings.
4. After doing the above three things, you should check the login history of the latest email from time to time within three weeks. Most mailboxes have this function. Once you enter the mailbox, click the login details to check whether people from other regions have logged into your mailbox recently. If no one from other places logs in your mailbox within three consecutive weeks. Then you can basically rest easy.
Of course, if there is a customer who wants to place an order, you can check the login record of the email properly, which is more safe.
How to recover the payment after being cheated
What if it is found that it is a fraud operation after the customer has remitted money? Some foreign traders shared their experience in successfully recovering the payment for goods ↓
1. Ask the customer to immediately send an instruction to their bank to cancel the remittance (if fraud is involved, they can also handle it urgently during non bank working hours).
2. Email the scammer and warn him. Find the scammer's IP address and real email address, and then write an email to him.
3. Call local police at the first time and contact the local 110 and the 110 of the place of receiving payment (applicable when the place of receiving payment is in China)
(1) If report the case to local police, you must state that you are the victim; and tell police following:
a. The scammer also pretended to be a customer and communicated with you about the order.
b. The order is customized. If the fraud cannot be recovered, the company will inevitably suffer a great loss.
C How badly this scammer had deceived you. And it may be a big gang;
(2) Report to police in collection place of payment
Tell the police at the place of receipt of the payment the information of the receiving bank, amount, payment time, swift code and other information to facilitate their verification with the bank, and communicate how you need to cooperate with them to handle the case.