We recently received yet another attempt of online fraud through our website contact form. It’s one of many attempts since we posted our procurement service. Our procurement service is only available for our existing customers. We won’t accept unsolicited requests. In this particular scam attempt, the fraudster was requesting to purchase laptops for his company. The company was supposedly located in Ontario, California. And the fraudster filled up all the necessary information to make it looked like a legitimate inquiry.
Here are the simple steps how we determine the red flags,
- First we identified the IP address of the sender of the forms. Of course, the scammer can easily spoof his/her IP address. But we’ll check the IP address to match the supposed location of the requesting company by verifying the email header of the form.
- We then verified the IP address with the RAW server logs. If you have your website hosted with an ISP, you can access this RAW server logs from the Cpanel. In our case, the server is located in the Midwest, so there was 2 hours’ time difference.
- Next we checked the geolocation of the IP address. The fraudster was using an IP address based in Phoenix, Arizona. This was the first red flag as the fraudster claimed his office location was in Ontario, California.
- As mentioned earlier, the fraudster filled out all the necessary information including his email address. These days, fraudsters usually don’t use those free email accounts any longer such as Yahoo, Gmail, Hotmail, etc. Based on his email account, we verified the domain name by using Whois. There are plenty of online tools that you can utilize Whois.
From Whois, we caught the second red flag based on the domain name registration was done recently. This fraudster’s domain name was newly registered at the end of May, 2019.
- We then further checked the domain name hosting from the same result of Whois inquiry.
The fraudster was using hosting company based in Nigeria. This was the third red flag. There will be no reason why would an American company utilize an Internet hosting based out of the US.
- We verified the hosting provider by using any of online tools available to check for the hosting company.
- We browsed through the fraudster’s website. The website was professionally done. It will easily deceived any intended victims to think the company was legitimate. From the website we found the supposedly office address and we checked the address with an online commercial leasing company.
According to our search result, the address of the fraudster’s company was available for leasing. Another word, it’s an empty suite. This was the fourth red flag.
By researching the fraudster’s business in question, we were able to avoid being scammed. As you can see, scammers’ tactics are becoming more sophisticated. You’ll have to do your due diligence until you are sure 100% certain that you’re not getting ripped off.