Author

Topic: Small Guide - How to detect a website scam (Read 334 times)

legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
April 17, 2022, 11:07:51 AM
#25
<...> And will the website you provide understand that all those people are doing scams?

The following is a and old post of mine, but it serves it's purpose to show how these tools may be used. The tools themselves help to find sites with a matching image, similar or identical to the one you provide the tool to search for.

<…> Fake identities are behind many ICO Scams. You can use tools such as Reverse Photos (https://reverse.photos) to detect cases such as these. For example, I just captured the first lass from your image (Charlotte Cox), and even with the bad image quality, I managed to get at least six more identities associated to the same exact photograph:

<..>

The above case was extracted from a site where people were providing false testimonials and opinions on a given mining site. The woman in the picture, allegedly called Charlotte Cox on her profile, turns out to be quite a few other people as per the above quote. That is one of the easy red flags to bear in mind.
hero member
Activity: 2660
Merit: 651
Want top-notch marketing for your project, Hire me
What is the way to recognize them?
There are a lot of steps to take if you want to recognize a scam project but the information provided by the project owner is what will trigger the step you needed to follow to be sure if the project or team are genuine.

And will the website you provide understand that all those people are doing scams?
No, the site provided by the above user is used to check images online because some scammers make use of models or bought some pictures on Shutterstock, so the duty of the site provide use the result of the image you search on their portal.
legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
And will the website you provide understand that all those people are doing scams?

This is, unfortunately, impossible to know.
Because criminals use photos of models or good people, which they pick up over the internet. Therefore, one of them will be true and not a fraud. In addition, nowadays it is already possible to get faces from people, made by AI. Which don't appear anywhere, if not on that fraudulent website.

Therefore, it is up to each of us to be attentive to various details and to try to understand if, in the set of information available, it is coherent and makes sense.

Most criminals miss some detail that the most attentive will be able to identify and suspect the situation. But unfortunately a good number of them assemble everything very well which makes it all more difficult.
copper member
Activity: 182
Merit: 1
Trident Protocol | Simple «buy-hold-earn» system!
Same scammer pretending to be on different platforms with unique usernames in order to fool more number of people can be detected with this but if they are using similar attire to carry them.But it can still be verified through Google images if they are using this method:


You can use some websites and their tools to check photos and find fake ones.


In fact, it is often seen that many companies serve pictures of their team members in such a beautiful way and provide links on social media but later it is seen that when their ICO / IDO is over, they cannot be found.  What is the way to recognize them?  And will the website you provide understand that all those people are doing scams?
hero member
Activity: 1722
Merit: 801
Same scammer pretending to be on different platforms with unique usernames in order to fool more number of people can be detected with this but if they are using similar attire to carry them.But it can still be verified through Google images if they are using this method:


You can use some websites and their tools to check photos and find fake ones.

legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
No real scammer with a brain will ever accept credit cards, you have enough time to make a chargeback and I'm really curious about the :
Quote
(to keep the data of the same)
what do you mean by this?

The clear sign it's a scam site is when the only payment accepted are cryptocurrencies, that's when you should start asking yourself questions.

Look, there are still many who ask for credit cards, as this can steal data and use them for other purchases.
For example, they use this data to make cloned cards and in turn rent cars to steal, buy illegal products, etc.

A site, which only has a credit card payment method, is always strange to me. Of course, not all are schemes, and new or smaller projects, it is good to have several payment methods available, such as PayPal.

Today there are higher levels of security for credit cards, but there are still a lot of credit card fraud.
staff
Activity: 3304
Merit: 4115
I've seen a lot of scam sites that accept credit cards. That just shows that scammers are often not any smarter than the people they manage to scam.
I mean the reason they've resorted to such low level of scamming is because they haven't got the required intellect to actually earn the money legitimately. Maybe, they would have benefited from the IQ test of the forum Tongue.

Although, in all seriousness sometimes the scammers aren't particularly looking for you to purchase something from them, and keep that money, but get your credit card credentials. If they that, they could theoretically make purchases in your name. Hence, why credit card fraud is rather popular among these types of people.
legendary
Activity: 2912
Merit: 6403
Blackjack.fun
Problem with the certificate is that the issuer doesn't check whether the info you submit to get one is correct or not; you just pay 15 GBP and they issue you what is essentially a worthless piece of paper. And that's another reason why so many scams have UK address listed. I wrote about it some time ago so those who are not sure how that looks like can check it out. That basically became a rule of thumb for me so when I see that someone is boasting with that, I look no further for other signs of scam.

One additional problem is that you can't link even a  legit certificate to the website.
For example, I could start a website called Rika Mining and show this certificate:
RIKA LIMITED
Incorporated in 1994, I would assume it's a legit business.
Same for Stomp LTD, 2003.

Real scammers, the lowest of the low just search for keywords on that index, 2,372 matches found for "mining" alone, 133,959 matches found for investment. Pick one and claim it's yours.  Wink

legendary
Activity: 1722
Merit: 5937
No real scammer with a brain will ever accept credit cards, you have enough time to make a chargeback
I've seen a lot of scam sites that accept credit cards. That just shows that scammers are often not any smarter than the people they manage to scam.



I would add one more red flag that is especially popular among ponzies and that is certificate of incorporation. While in reality it doesn't prove anything even if the data from certificate displayed on the website matches the data found on Companies House, scammers like to use it because it does appear legit to those that are not familiar how this certificate really works.

Problem with the certificate is that the issuer doesn't check whether the info you submit to get one is correct or not; you just pay 15 GBP and they issue you what is essentially a worthless piece of paper. And that's another reason why so many scams have UK address listed. I wrote about it some time ago so those who are not sure how that looks like can check it out. That basically became a rule of thumb for me so when I see that someone is boasting with that, I look no further for other signs of scam.
staff
Activity: 3304
Merit: 4115
There are a few more red flags on these websites, I'm mostly interested in mining resellers so they only fit these but still:

- the reviews, serious websites don't list customer reviews, not with pictures and names anyhow how do you even get the picture of your customer in the first place)
- pop-up notification about x from y country buying z amount of stuff every minute
Good point. This was what I was talking about before, if you do a reverse image search on those images, they'll likely always be some kind of stock image. The give away is they're usually very professional looking, when the reviewiers probably haven't got perfect lighting etc.

- pop-up notification about x from y country buying z amount of stuff every minute
Yeah, every minute is probably excessive. Although, these are quite popular plugins so it doesn't always mean they aren't legit if they've got some sort of notification plugin. Although, I'll be honest its an invasion of privacy for me, X has bought from Y, those types of notifications should be frowned upon.
legendary
Activity: 2912
Merit: 6403
Blackjack.fun
There are a few more red flags on these websites, I'm mostly interested in mining resellers so they only fit these but still:

- the reviews, serious websites don't list customer reviews, not with pictures and names anyhow how do you even get the picture of your customer in the first place)
- pop-up notification about x from y country buying z amount of stuff every minute
- numbers that don't really match the age of the website, millions of investors' money in one week
- full CV of the people running this business with a ton of info about their experience but at the same time you can't find any of this info anywhere else, eight can you get a second pic of them
- 1-minute youtube videos that tell you how great this company is with the same persons that are doing tons of those. with an obviously fake logo in the background, I know one guy that has made 6 (that I know of) for scammers selling gear
- obviously edited videos with their brand on cars or trucks on buildings, pretty easy to spot once you get the hang of it
- city center address for a business that resells mining gear, what's the point? Paying 10k in monthly rent for what?
- weird data about the company, 4-5 old registered company but with no activity prior to this, no relation whatsoever to the current website

6. Payment methods
A reputable store offers several forms of payment, usually the most common in the country of origin and globally accepted. Usually, in addition to the traditional credit card, it is possible to use PayPal, and possibly another payment method. On the scan sites things are different, as a general rule only accepts payments by credit card or bank transfer, and sometimes even Western Union. And never use PayPal or similar.

This happens, because the only ways for the criminal not to be caught and to be able to steal the victim's money is by using the credit card (to keep the data of the same) and by bank transfer (which normally, when the person discovers that it was deceived, there is no way to get the money back).

No real scammer with a brain will ever accept credit cards, you have enough time to make a chargeback and I'm really curious about the :
Quote
(to keep the data of the same)
what do you mean by this?

The clear sign it's a scam site is when the only payment accepted are cryptocurrencies, that's when you should start asking yourself questions.
legendary
Activity: 1974
Merit: 2124
With time the hacking styles or say scammers have become advanced by opting for the the latest technical updations in their way to scam users out of their funds.The points you have mentioned are well good like the website structure or the team behind the project then it's all can be really good build up to attract more customers but diving into the core aspects will help you to recognise the legit projects.

The developer they hire have nothing to do with how the project is going to work if they are getting paid well and not on the team so you know there are many CSS crash course which will help you to optimise the site in good way.Even if they are spending say $1000 they have plans to scam 10x or more from people.So be sure to check all the details at minor level also before investing your funds or say if you are newbie then avoid them.


(1) Using Google Images is a good way to find that Mark Smith is also Brian Coleman, but also Will Brown, John Brandel, Philip Johen or whatever other name they’ve used.
Same scammer pretending to be on different platforms with unique usernames in order to fool more number of people can be detected with this but if they are using similar attire to carry them.But it can still be verified through Google images if they are using this method:

legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
(1) Using Google Images is a good way to find that Mark Smith is also Brian Coleman, but also Will Brown, John Brandel, Philip Johen or whatever other name they’ve used.

An excellent tip! If the name appears on several different sites, on subjects that have nothing to do with each other, and with other contradictory information, it is clear that it is a generic name.
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
Some of the crypto site that people come to the forum with, allegedly stating that they’ve been scammed on, are clones or near clones to other sites. Besides the logical factors that are all red flags (dazzling ROIs, sloppy site finishes, missing links or links that point to other domains, fake photographs (1), etc.), it’s often easy to detect these families of clones by selecting parts of the page’s text and/or TOS, and simply googling it between quotation marks.

(1) Using Google Images is a good way to find that Mark Smith is also Brian Coleman, but also Will Brown, John Brandel, Philip Johen or whatever other name they’ve used.

legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
In that, find .css or .js file.
If they have attributes of a different author than the team member of the project, it's surely a free template website which is more likely to be a scam.

It's an interesting tip, and it's one more help to try to understand better what's going on.

But, even when I use Bootstrap templates, I don't always change the author information. I don't feel that need, even though it's a legitimate project. Therefore, it cannot be assumed that just because the names do not match, the project is not valid.
copper member
Activity: 1470
Merit: 1609
Bitcoin Bottom was at $15.4k
Let me help you by adding one more tip.

Most of the scam websites are just templates built in Bootstrap.
Go to website's homepage, press CTRL+U as it will open the page source in HTML in new tab.

In that, find .css or .js file.
If they have attributes of a different author than the team member of the project, it's surely a free template website which is more likely to be a scam.

legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
Yeah, domains change hands constantly. I've never really understand why domain age contributes to measuring trust on certain domain valuing sites. Anything that hasn't just been created should be alright, you don't need a twenty year domain. Besides, new websites aren't automatically a scam.

It is true that many times the age of the domain does not mean anything to determine whether a project is reliable or not.

But this information can be useful for cases of companies/projects that are already a few years old. For example, imagine that you want to buy Nike shoes, the Nike domain must have been registered for several years, already a scam site, imitating the original site, the domain will be much more recent.

Basically, it can be a tool that can help in cases where the person finds the site strange.
staff
Activity: 3304
Merit: 4115
That's true. That's why we always have to be careful, whether the site is beautiful or ugly.

But I think that even if you don't hire a designer to make the site, use pre-made templates. I think that any credible project should spend some time, to at least remove irrelevant information and add minimal information about the project.

But I understand that for some people this is not always easy.
Yeah, I'm also conflicted while I do appreciate websites which have gone into the effort to look nice, I'm kind of a sucker for plain HTML sometimes. For example, resumes. Also, I prefer functionality over beauty, if they're providing a good service I could care less about how it looks. Its a bit like how fancy restaurants dress up your food, but all I want to do is have nice food.

I think the rest of your points are decent. The thing is Bitcoin is a little more riskier to use than fiat, not because there's more scammers, but because you are responsible for your Bitcoin, and there's no way of getting that back once its been broadcast, and confirmed via the network. Unlike Paypal, and other fiat payment processors, which do allow chargebacks. Although, this doesn't mean that not allowing that is a bad thing, that's one of the better features of Bitcoin in my opinion.

I saw a lot of very well designed and coded scam websites, there are also plenty of very skilled designers who will make a solid looking site for $40-$50. without design errors with colours.
Domain age is also can't be fully trusted, there is a market of aged and expired domains. So it's possible to buy an aged (5+ years) domain for $100. this can create the illusion of years of consistency if someone follows that parameter.
Yeah, domains change hands constantly. I've never really understand why domain age contributes to measuring trust on certain domain valuing sites. Anything that hasn't just been created should be alright, you don't need a twenty year domain. Besides, new websites aren't automatically a scam.
legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
I saw a lot of very well designed and coded scam websites, there are also plenty of very skilled designers who will make a solid looking site for $40-$50. without design errors with colours.
Domain age is also can't be fully trusted, there is a market of aged and expired domains. So it's possible to buy an aged (5+ years) domain for $100. this can create the illusion of years of consistency if someone follows that parameter.

That's true. Appear is less and less bleached, because it also has increasingly affordable costs.

Perhaps what is still lacking is the desire in the texts and information presented. Often the information ends up not making sense, but to understand this it is necessary to be very attentive and search the site deeper.

The important thing is that we are always very attentive to various details on the sites we visit. And if it sounds too good to be true, it probably isn't.
legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
unfortunately, both scammers and their ways are evolving, just like a real business. sometimes basic parameters are not sufficient.
In most cases, a little more experienced eye can recognize the scam already on the first impression of the site. but there are things that don't have to be a sure parameter that it's a scam. For example, whois privacy is now free on almost all domain registrars, it is enough to check options through registration. It can't be considered a valid point.

I saw a lot of very well designed and coded scam websites, there are also plenty of very skilled designers who will make a solid looking site for $40-$50. without design errors with colours.
Domain age is also can't be fully trusted, there is a market of aged and expired domains. So it's possible to buy an aged (5+ years) domain for $100. this can create the illusion of years of consistency if someone follows that parameter.
legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
However, back to the point most people starting out might actually offer a legit service, they just haven't got the funds for a proper developer, and therefore resort to commonly used themes, with most resorting to using WordPress.

Unfortunately, there's no real black, and white approach there's only indicators, and your gut instinct. Although, every legitimate business should be looking to make the process as trust less as possible, whether that's using a escrow, or providing a ways of verifying claims.

That's true. That's why we always have to be careful, whether the site is beautiful or ugly.

But I think that even if you don't hire a designer to make the site, use pre-made templates. I think that any credible project should spend some time, to at least remove irrelevant information and add minimal information about the project.

But I understand that for some people this is not always easy.
legendary
Activity: 1288
Merit: 1081
Goodnight, o_e_l_e_o 🌹
In as much as scammers are not static. You cannot have a 100% laid down rules in bursting them, but this article is a very good guide.
I once involved in a scam project, I looked up for WHOIS and the domain information was cool. Having extended upto 10yrs and yet it was a scam project.
Some scammers are professionals and very smart.
Method of deposit and withdrawal is a very big flag, kudos for pointing it out.

Though some projects might be real from start and later becomes a scam due to some circumstances or when leadership is changed.
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
In 2018, during the ICO boom, the forum was full of scammers. But some of them were so inventive that they did not spare money for the colorful design of their scam. They rented an office, made a high-quality website, so it was difficult to find a fake white document there, there were no signs of copying, and, importantly, they hired actors who allegedly covered this project on all news channels. It was beautifully framed enough that people who wanted to invest did not doubt that this project would be legal.
But here on the forum, they were exposed.
I all this to the fact that fraudsters are quite difficult to identify by all known patterns. Sometimes they go beyond, and that is what helps them to deceive people. It’s hard to say exactly what kind of things help them deceive since this is where their quick wit and cunning work. Therefore, before investing your money anywhere, a thorough analysis is necessary, after passing which, there should still be more distrust than confidence.
staff
Activity: 3304
Merit: 4115
Scammers aren't always incompetent, and legitimate users aren't always competent. So, while judging a book by its cover can prevent you from getting scammed, it definitely isn't to say that someone who has a poorly designed website is automatically a scammer. I think that's important to note. The thing is most people want to make money, and in this day, and age the internet basically allows them to reach more people than they ever could, which theoretically means more more since there could potentially be more customers. However, those people might not be web designers, developers, and instead might resort to using a template which is either terrible or used on mass.

I think the better indicator would be if they've taken time to fill in the details of the website, for example I see this a lot, websites which haven't bothered to even fill in their team or staff, and so they just have stock images. While, again this doesn't automatically scream scam to me, its particularly concerning if they're using those pictures, and they don't come with the theme they're using itself, since it means they've made the conscious decision to get stock images, upload them to their website, to basically appear legit, without actually revealing themselves. I'd rather them stay anonymous that using this trick.

However, back to the point most people starting out might actually offer a legit service, they just haven't got the funds for a proper developer, and therefore resort to commonly used themes, with most resorting to using WordPress.

Unfortunately, there's no real black, and white approach there's only indicators, and your gut instinct. Although, every legitimate business should be looking to make the process as trust less as possible, whether that's using a escrow, or providing a ways of verifying claims.
legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
Small Guide - How to detect a website scam
Although there is more and more information on how to avoid falling into online fraud, every year millions of people continue to fall for online store/service scam's, which apparently offer fantastic prices, but in reality only have the objective of stealing the data of the credit cards and victims' money.

With more than 15 years developing websites, and understanding how they work, allow me to present some tips, which can help you understand if a website is a fraud or not. To be able to understand if you are on a scan site or not, it is important to observe and act, to avoid falling into a scam.



--- OBSERVE ---

1. Website design
A reliable company seeks to have harmony in the website design, and that reflects the "spirit" of the company and that becomes appealing to the target audience. But, usually a scam site has a basic design and not very elaborate. Often the logo has nothing to do with the rest of the site design. There are different types of letters (fonts) in the middle of a text. The colors of titles, links, menus, do not create a logical harmony (for example, the main color is red, and menu buttons are blue).

This happens because the criminal's objective is to have the site up and running as quickly as possible and easy to replicate, so he uses the base templates of the program he is using on the site. As a rule, these templates are very basic, because their purpose is to be used in test platforms. A graphically appealing template always forces you to spend more time to get it operational. For the criminal this is a waste of time, he wants something simple and easy, to create 10 identical websites at the same time just with different names.


2. Website structure
Another point that can easily be seen is how the site is organized, its structure. On a reliable site, the menus are usually clear and have several options that help the visitor to navigate the site and find what he wants. It also has pages like "About Us", help shopping with "FAQ", with a contact page, and legal information on how to use the site. On the other hand, scam sites have extremely basic and unclear menus. And many times doesn't have any of the common pages or when they do they are not easy to access or with unclear content. Or buttons on the menu that just don't work.

This happens because organizing all this structure involves several hours of work, so that everything works well. The criminal doesn't want to waste time, he wants to have the site up and running as quickly as possible, in order to get victims.


3. Content of information pages
A company wants information about you to be as clear as possible, and that's why it tries to tell its story, explain clearly how the site works, how the person can make complaints, how orders are sent, among other things. As for a site scan, it is normal not to display this information. And even if it does, normally the content is very vague or has a very poorly constructed text or with errors, and it is sometimes possible to notice that an automatic translation system was used.

This happens because the source content of the templates and programs used is used. Usually they already include a text for the usage policies, for the company's history, among others. Remember, this content is for testing purposes, so if the information contained is extremely basic or vague, something is wrong. Also, normally this content is in English, so if the site is not in English, you can easily see if it was automatically translated or not. For a criminal, these things don't matter, he wants the site to work.


4. Contacts
Companies want to communicate as best as possible with their customers, this is a golden rule for business. That is why it is concerned with having several ways to communicate with customers: email, telephone, store address, chat, etc. But a criminal wants to talk to people as little as possible. Usually has no contact information, having only as little as possible as a contact form. No email, phone or addresses. And when you have that information sometimes it doesn't make sense, like phone numbers 123 456 789 or 222 333 444; contradictory addresses, US-based type and only have stores in London.

This happens because whoever builds the templates already puts this contradictory information on purpose. First, because a template is just a template to be edited for the store that will use it; second because it helps to facilitate when it is a fraud site or not. A criminal will not waste time changing the content, he limits himself to changing the basics and he notices the most common pages, hence the information becomes contradictory when browsing the site.


5. Prices
If it's too cheap... it's not (or hardly) true. There are actually outlet stores that offer branded products at more affordable prices, but the reasons that lead to these prices are always very well explained, so that the customer can understand what he is buying and the reason for the prices charged. In the case of a site scan, normally the prices shown have an extremely low value compared to the common value of the product. This usually indicates two things: fake content or site scan. As the criminal does not change the content of the site, he also does not explain the reason for such low prices.

This happens because this is where the criminal will lure the victim, try to get the person to buy a very expensive product at an extremely low price.


6. Payment methods
A reputable store offers several forms of payment, usually the most common in the country of origin and globally accepted. Usually, in addition to the traditional credit card, it is possible to use PayPal, and possibly another payment method. On the scan sites things are different, as a general rule only accepts payments by credit card or bank transfer, and sometimes even Western Union. And never use PayPal or similar.

This happens, because the only ways for the criminal not to be caught and to be able to steal the victim's money is by using the credit card (to keep the data of the same) and by bank transfer (which normally, when the person discovers that it was deceived, there is no way to get the money back).


--- HOW TO ACT ---

1. Confirm you are on the real site
Often scan sites are built to look like a brand's original sites. But usually the only way for the person to reach these sites is through some social network or in an email (never click on links in emails coming from people you don't know). So, if you find something strange in the website address, or in the points mentioned above, go to Google and search for the brand. Then open the official site, if the other site is almost a copy it is almost certainly a fraud.


2. Idade e dono do site
The address of all sites are registered in someone's name and have an expiration date. The contact information and name of the holder is not always visible for privacy reasons. But usually a reputable company presents this information without any problems. Regarding the validity of the domain it is always possible to know. To find this information, just look for sites that provide the WHOIS of a domain, such as www.who.is . But there are other sites, and usually country-specific domains, this information can be accessed from the company/organization that manages those domains.

Usually, reliable companies register the domain for several years, they are not limited to just 1 year, because the more years they register at the same time, the cheaper it is. In the case of a site scan, it is normally only valid for 1 year. The criminal knows that the site will only work for a short time and the domain owner's information is hidden or is only from the company where the domain is registered.

This can be a very simple way of figuring out what kind of "person" is behind a site and whether it has long-term reliability. Of course, a domain registered only for one year does not automatically indicate that it is scan, but the combination of the factors already mentioned, maybe it is.


3. Seek the opinion of others
There are many sites on the internet where you can report your experience with a site. So, a good way to know if you might have problems with a site is to look for the experiences of other users of that site. This can be a good way to find out more about both a scan site and a trusted site. But remember the opinion of others, it may not reflect 100% of reality, you should always assess the situation for yourself.

One way to find reviews about a site is to Google something like: "xpto-xpto-xpto.com reviews".


--- TRAINING ---
How about doing a little exercise and checking out these tips for yourself?
Here's a scan site and a reliable site that you can compare and understand the differences. For safety, I will indicate what is scan and what is not.

SCAN - www[.]marmotaushop[.]com (do not shop on this site, do not download any files - the site may stop working at any time)
TRUE - www.marmot.com



End note: Remember that these are just a few tips, and they don't always apply. There are schemes that are very well designed and more difficult to detect. Always evaluate carefully when using an online store/service that you have never used before and that is new.
Jump to: