It was the last day of July and Javier Sedano, from Burgos, had an electrical resistor from a thermos from a second home that he wanted to sell. He uploaded a photo to the MilAnuncios sales page and asked for 80 euros. He was apparently lucky because in just 10 minutes they were already writing to him on WhatsApp. “Good [sic], this is yours? Do you sell?”, they told him, next to the link of his ad.
The buyer, a certain Elizabeth Montés, did not ask anything else. She was writing from a Ukrainian phone, she did not want to know details or ask for discounts. But she had a requirement: she wanted to pay with MilAnuncios Exprés. On the company page it is advertised as a service that allows the seller not to receive the money “until the product arrives and you verify that everything is correct”. Sedano verified that this service existed on the real page of MilAnuncios, without reading the details, and waited for the link that the buyer was going to send him.
There was only one problem: the link spoofed the identity of the real page. The trap asked Sedano to fill in the data with his card for payment. The system doesn’t work like that, but at that point it’s secondary. Sedano is an industrial engineer, attached to the director of the Technological Institute of Castilla y León and is more familiar with these scams. Or so he believed. His case shows how difficult it is to notice a sophisticated trap with which nearly 1,000 euros were stolen. Especially if the trap comes at a time when it is convenient for you to sell an old resistance and forget about it: “This crime is tocomocho 4.0. You put a product up for sale and they contact you because they say they are interested. You request transfer or bizum and they tell you that there are other safe methods. They use a foreign phone, but you think it’s someone from abroad who lives there,” explains Sedano.
“People must be honest enough and help the rest”
As if that were not enough, Sedano was at that time aware of several things, one of the usual reasons why someone gets confused and falls: “I was doing several things at the same time and it made me lower my guard and think that the technology was failing and that no one was going to swindle me for such a small amount, no one is safe, “he adds.
Sedano could have kept quiet and spent his sentence in silence, but he has preferred to tell it to warn citizens, banks and organizations of how easy it is to scam on the Internet. “People must be honest enough and help the rest. When you know of a fraudulent operation, the simple thing is to keep quiet, but others must be protected and there must be more resources to combat cybercrimes that usually go unpunished, ”she says.
From the card to a crypto platform
When Sedano received the link, he clicked on a button to “receive the money”. He entered his card number and started receiving SMS messages to confirm. He seemed suspicious and, however, he did not hesitate: “I thought that since I am not paying, but that they are paying me and I do not put my pin, I am not going to make any payment.” But there was something that Sedano did not foresee: payments of less than 200 euros did not require a pin.
With the data of his card and the codes that were in the SMS and that he entered, the fraudsters executed payments with his card: “With the SMS that I enter, they send another SMS where they tell me that the previous one is not correct and automatically they put my card details and pin on a platform to buy crypto called White Bit. There they charge me 199 euros”, and so on several times. White Bit is a Ukrainian company that allows crypto trading.
But the plot did not end there. Minutes later, when Sedano was still unaware of the scam, another buyer emerged. He was writing from a phone in the Ivory Coast. He sent a photo of the resistance and wrote: “I am interested in his article, what is the price?” Sedano, already pissed off, decided to raise it to 100 euros. The buyer, who said his name was “Riccardo Fernandez Gonzalez” cared little. He wanted it the same: “I agree with the amount requested. I would like to make the purchase through the MilAnuncios platform because it is safer for both of us. Let me explain the process, ”he replied, with a lack of expression.
From then on, without changing his number, he pretended to be an employee of MilAnuncios Exprés. Changing his tone, Sedano looked surprised: “But this is a movie,” he said. The alleged Riccardo continued as if nothing had happened, with absurd warnings: “The conversation is recorded by the police for greater security. Please keep in mind that you will have to stay with us online to finish the transaction as soon as possible, it will only take 30 minutes, okay?”
As the conversation grew more bizarre and Sedano grew suspicious, the fraudsters didn’t budge. At a time when Sedano is about to cancel the conversation, always on WhatsApp, the fraudster who had said his name was Riccardo says that he is “a trustworthy person” and sends two photos of a valid Spanish identity card in the name of Inés GR until 2030. EL PAÍS has tried to contact her, but has been unsuccessful.
Well, I also call the police.
Then Sedano threatens to take him to the authorities and the scammer’s response is: “Okay, I’m going to the police too” and denies that it is a scam.
Criminals try to attack by all means. They never overestimate the limit of a victim’s patience or gullibility. During these two conversations with alleged clients, Sedano was contacted from a third US phone number. This time they posed directly as an employee of MilAnuncios Exprés. The company that owns MilAnuncios, Adevinta, which also owns InfoJobs, FotoCasa and others, has not responded to emails and calls from this newspaper. This Tuesday they announced a turnover of 54 million euros in the second quarter of 2022.
The alleged employee who wrote to Sedano sent him a very long transaction number and told him that the conversation “was going to be recorded by the international police and the Civil Guard,” which is information that they repeat throughout the conversation. Luckily, Sedano repeatedly refused to give more information on WhatsApp. The new link that they sent to Sedano included a “5″ at the end of the name “serviciomilanunciosexpress”, in addition to the service in which the domain had been contracted: “godaddysites”.
During the long conversation, when Sedano refuses to give more information, they ask him this oddity: “Please, calculate the code received by SMS + the password and send us the result to transfer your funds immediately”, and they provide him with an email address gmail email to send it. After new refusals, the attacker sends a photo of an alleged MilAnuncios identification card held in a hand that seems retouched and where the first name in Spanish appears instead of the second surname, something like this with other names: “Fernández Daniel, Cuéllar” . And they add this misspelled message on WhatsApp: “Keep in mind that we are a very secure and reliable platform and now follow the last step. We will revive fine, but know that we are very busy currently we are going to more than 10000 clients currently, so we have to complete the transaction here directly and quickly.”
After all this harassment from three different numbers, the next morning the presumed initial buyer, Elizabeth Montés, had the courage to ask Sedano why she hadn’t received the money yet, to hurry up.
Sedano believes that all or part of this process is automated: “It’s not done by humans. I honestly think the only human in all of this was the third conversation. There are messages that are repetitive, automatic. It is computer engineering of theft. It’s very well thought out,” he says. Criminals detect new products for sale on these platforms and try to obtain card numbers with strategies that real services do not provide. Sedano’s son tried it on Wallapop and something similar happened to him.
Sedano has several morals from this episode: “Do not answer non-national mobiles, do not enter links to receive charges, never enter SMS on the collection page.” Furthermore, he believes that banks could do more: “The best technological recommendation is for banks: sentinel engines should be introduced to prevent transactions in seconds on an ongoing basis. I received like 10 SMS in seconds. It’s because someone wanted to buy ten things at once with that card. If my bank sees transactions being made at that speed, what it should do is block the next one. This type of fraud could be protected from more than one operation, ”he explains.
If you have more information about similar cases, you can write to [email protected].
Subscribe to continue reading
read without limits
Don’t Trust On this News and Website Maybe it’s Fake
– Article Written By @jordi perez from https://elpais.com/tecnologia/2022-09-01/soy-ingeniero-y-tambien-me-han-timado-en-internet-nadie-esta-a-salvo.html