Topic: Bitcointalk Escrows - Trade Safely! - page 16. (Read 108383 times)

Right... my sentence was not the best. I only referred to the small part of trades that you referred to before.

At the end it's correct that it's not possible to make it totally safe. As escrow you can only try to find potential risks and avoid them or try to lessen them.

Huh  yeah right 

Why would you be so smart since everthing is simple and stupid 


Anyways good luck bro.

Note: Try to follow KYC & AML terms for a SAFE escrow lool   

Quickseller


The person was very clear about authorizing the forwarding of the bitcoins. Well, the hacker ralobot surely chose the matching words and shortly after send a pm from ralobot's account that he sent the pm. It looked clearly like both parties fulfilled their duties and the buyer was pleased.

You don't think I would read the buyer writing me that he did not receive anything and still would release the coins, don't you? Of course the buyer only could answer on my email telling both parties that the coins are released and the escrow ended. The buyer never realized that something was off before that.

Sure, I would not release the coins, I wonder why you mention it at all. And yes, I would try to find out what is going on. Easiest way would be to contact the buyer through other ways or ask another user to send him a pm. Or my brandnew altaccount.

So you suggest a signature. Well, I'm not sure if you ever tried to explain signatures to someone new to it. It is no fun. Adding this to every escrowtrade... I would stop instantly now. Because it would be a huge hassle to explain everything in many cases. And escrow would become more complicated and longer. Which is, when I enforce it, a disadvantage of using escrows. People already switch or use no escrow at all only because I'm not online the whole day. So making that mandatory is not cool.

Well, I might suggest it to the trading parties at the start. Give me a phpkey or a bitcoin address you want to sign with when you want me to release coins or when you received the goods. Might still mean alot of explainations but maybe it works.

Man... and all this for this single happening. Wonder how often it will happen at all. Well done ralobot. >:-(

---

Ralobot.com


There are some cases when I actually can check if the goods reached. Couponcodes whose value I can check before I release it to the buyer without letting the seller know the time when I do. Buyer takes the amounts and tells me to release.

Or accounts might be able to be secured by me before forwarding them.

With material goods. There is tracking and both parties can make videos and images.

But you are sure that it is not 100% scamproof. It is a protection and till now all scam attempts Iam aware of could be stopped because the scammer ultimately was not so totally smart like he thought.

But yes, surely it's not absolutely safe. It's surely safer than sending bitcoins first and receiving nothing, yes.

First and foremost, if the person sending the bitcoin is not clear that he is authorizing the release of escrow then you should not release the escrow until you receive clarification. If you have received and read the 2nd message saying that the goods have not yet been received prior to pushing the transaction releasing escrow to the seller then you should not release escrow and if you do then you are in the wrong. If you are in a situation when you receive conflicting messages as you say you did, and you are blocked from sending PMs to one of the parties to a trade you are in the middle of escrowing then you should open a scam accusation thread to get as much clarification from both parties and the community as possible.

A more common scenario is that the party releasing escrow is vague about the authorization of the releasing of funds, and this can be solved by replying to all requesting clarification on if you are okay to release funds held in escrow.

You have a couple of potential solutions to guarantee that you are receiving instructions from the person that you started the trade with. The first and most obvious solution would be to require a signed message from the person authorizing the release of escrow, the signing key does not need to be old, it only needs to be clarified at the time the trade is initiated and written into the escrow contract that you yourself sign. The same can be true about the specific address that you release funds to, as you could include a clause in the escrow agreement that the person receiving the bitcoin should sign the address he wishes to receive btc to with a specific key. In order to counter potential concerns about not being able to sign a message, you could also add a clause into your escrow contract that you will delay the release of escrow by x amount of time if you do not receive a signed message.   

Short Answer: Dont escrow .... here is why (Seb) :

You cant offer a safe deal even with a signed message simply because YOU're unable to check or verify if the goods has been REALLY received or not AND if they worked or Not.

Rule: The buyer can be a scammer as well as the seller.

Based on the above rule i can easly scam escrow and here is how:


Lets say i've found a member selling a 3D printer, i'll tell him to use escrow ofcourse he wont refuse since escrow is the protection right

Anyways i will deposit the price to escrow so the seller will ship the machine .... after i recieve it i will simply say its not working than i will send it back for a refund AFTER i get some stuff from it or use it  ... <--- behind these 3 points something that might blow your mind  

I can do the same thing with all E-codes i will use the code than tell escrow the code is not working and he should'nt release funds..... alots of things can be done to trick escrow cause simply

YOU ARE NOT A POINT OF VERIFICATION.

Hi fellow escrows. I would like to get advice on how to handle a potential risk that I experienced lately.

I had a trade worth 260€. Everything went normal, deal ended with the seller sending the goods and the buyer telling me to release the coins. Only shortly after I received a pm from the buyer that he never received anything. I answered, only to get the message that I was blocked for answering the buyer. Shortly after I saw a scam accusation thread.

Well, first accusation was that I was scammed by the buyer who sent a message including our quotes from an account looking similar to the buyers one. First fright was gone when I realized that the pm came from the exact same account that the buyer owns.

It turned out he never blocked me from receiving messages so the only explaination was that his account was hacked by the seller so that he can get his coins back.

Next thing was that the seller claimed that he was scammed by sending the digital money to another account the seller told me. So the possibility was there that the buyer faked it and let it look like he was getting scammed. So that he had received coins and digital money.

At the end the story of the seller did not sound perfect and finally he was being revealed as the scammer.

Anyway the risk was there that the buyer would have faked it.

Third theory was that a third party was involved though this would have needed the other account being hacked too. So unlikely.

For information here the accusation thread: https://bitcointalk.org/index.php?topic=1386622.new#new and the thread where the scammer finally was revealed surely: https://bitcointalk.org/index.php?topic=1389494.new#new

It's the first time I hear of something like that where a hacker did not instantly change the password.

---

Now my question. How can an escrow prevent this?

Well, normally I would think that the trading partner would have to be cautious and that the escrow would have to assume that the trading partner was not hacked. But it seems there were voices like "so what will you do to prevent this?".

Well, I don't know. Some suggested that I demand a signed message when the seller sends me the address he wants the coins released to as well as the buyer sends one with his message that I can release the coins. Though surely that will scare away users. Even suggesting it... I know that it is a hassle only to start that topic, even with shorena's link on how to do it. Everyone who tried to explain signatures know that it can take ages.

Others claimed only to release coins when the escrow receives a screenshot of the payment. Well, that might have helped in this case, since I doubt the hacker sent anything at all, though I would not know if the screenshot is faked and investigating this surely would take time too.

And asking the trading partners to change their password because they might have been hacked sounds way too far fetched too.

So does anyone has an idea what an escrow potentially could do there? I mean it would have to be done in each trade only on the assumption that a trading partner could have been hacked.

Hey Marco, I have relaunched my escrow service. Minimum tip is 0.01BTC

Sometimes references can be a filter to keep people out. I would argue that knowing the 6th part of the trilogy is a must. As such one will likely know Colfer and Artemis as well. In regards to escrow, I sometimes feel people do not look enough at the profiles of those they hire.

Ah ok, sounds consequent since trust related things normally are not dealt with by the moderators.

I guess it will be pretty hard anyway. You would need to approach so many users that the chance of being called out is pretty high.

Buying trust is not disallowed by the forum rules, but it is highly frowned upon and if people notice that you do it, you'll get a shitload of negative trust ratings.

mexxer-2



I heard of it. Well, I'm not sure how widely known it is. But even if not, the effect might be zero. Probably only established members know the fear of such names.

---

bitcrystal



Buying good ratings is not allowed and you can  be sure that people are around that would alarm everyone when it looks like this is happening.

If you receive a bad rating then you don't need to care when this person is not on default trust. If he is then you can try to proof your innocence but no one can force him to remove it. You then can only try to proceed and get positive ratings from other default trust members to negate the effect of the red trust.

Actually I know some people that even have default trust red but I can't agree to these ratings. I still would trade with them then. For example some receive red trust only for their fiery temper and such.

yes you have right but what is if a guy here have buyed his good ratings?
yes right but if you have to work with people that give you a bad review because they can not appreciate your help what you do then? Then you will be punished for your good nature and others then think poorly of you you do wrong because you're innocent or it actually mean only good.

yes you have right but if you work with guys the not can estimate for example your work here. For example i develop more years and release projects here for free. If you help guys to install your work but then you know that the guys have dont make free work for others and can not estimated develop works because they don't have develop works for free to the community here then is this rating useless.


therefore i try to make my own picture and goes sure,save my work, if i give anybody root access etc. Then everybody can have bad ratings but he is a good guy and that its the problem.

Meh, I've got many escrow requests even with the avatar. F*ck those who don't get the reference 

Sure the ratings are subjective. But they surely are better than nothing. Especially people on default trust are MOSTLY, not always, trustworthy, so trusting their judgement is better than seeing a blank trust rating.

And surely trust is gained through things like you describe. Though for other forum members it still would be usefull to read the reviews from your customers. Well, at least if they don't all come from newbies they can be trusted.

Sorry for my bad english. This is a translation of google translate.

I have made a intresting experience. It is not at all depends on how active someone is here. But rather like what know you appreciate doing. I'm talking for example of my projects. People who to thank for my work because they have, for example, developed in-house applications. These are more willing to donate to also say thank you for your work as such people but never have what published for free on a accoun the is here active for years.

What I mean to say you can only really tell whether you can trust someone when the time among themselves takes to understand and get to know him. It does not help him to other reviews to be considered because, reviews of other are subjective.

The best way to a picture makes himself whether one can trust someone.

mexxer-2


Ah ok. I had to google the name though. Well, I wonder if it is more widely known by others since it looks a bit strange when a trader might get told to use an escrow named mexxer-2 and when he wants to he sees he might be a criminal mastermind.

Maybe I overrate the possible effect.

Confidence is ignorance. If you're feeling cocky, it's because there's something you don't know.

I like my avatars to be a reference of sorts, in this case its a reference to Artemis fowl(Which I found has another fan in the staff  ).

Yeah IDK why, but marco has been slacking off on updating the list. So, might take a while to get yours updated
Edit: Also, congrats on the Legendary upgrade

I have relaunched my escrow service. With a minimum tip of 0.01BTC
https://bitcointalksearch.org/topic/m.14067468

ezeminer



Well, the last thing can be prevented relatively good by checking the account out properly. Though some things can't be checked 100%. For example a signed message for an address might be beaten with an even older address. Or loans could be done through other means. Though the escrow can explain the buyer those risks which would end up making the deal more safe for the buyer. And you would not believe how many account trade scams would happen without some escrow doing it.

Besides... account trades are not rewarding as an escrow in form of tips. And the time needed is 10th of times higher than for normal trades since you need to check the account out. I use that list for checking: https://bitcointalksearch.org/topic/tutorial-checklist-to-find-out-if-an-account-is-a-safe-buy-or-collateral-1362297

---

Blazed



OgNasty wrote something similar though I really don't escrow accounts often. Though I can imagine when an escrow vanishes then buyer and seller, maybe indepentendly start to contact all the other escrows and soon it looks like a huge amount of trades.

You might be below the actual amount of trades with your 5+. Though mostly traded are accounts worth $20 or even lower. I stopped escrowing them so I don't get asked often anymore but there were alot more requests for those accounts back then.

---

SFR10



It would be the same like when theymos and staff tried to forbid account trades. It was simply useless. The only effect was that the trades did not happen through forum pm's anymore. So at the end staff not even was able to see what happened and what was traded. As far as I understand it it was allowed again to allow them to have some insights.

---

mexxer-2


I had to laugh when I saw your new avatar. Back then we joked on the forum that all the scammers already announced their character by naming them properly. Pirateat40, nefario and whatelse they all were named. So "criminal mastermind" does actually not look like the best idea.

---

knightdk



Well, not saying that you bought the account but the ability to sign even for an older address can not really proof that you are the original owner. The original owner could have sold you the private key of the signing address. A signature only can ensure that an account was not taken against the will of the original owner.

So it's never a good idea to post addresses you don't have the private key for or losing a wallet because of missing backups. It can be deadly for your trust.

Anyway, I hope you are legit since we had enough scandals...