Scam and Circumstance

If a burglar breaks into your home and steals your TV, the first thing you do is what was taught back in kindergarten: call 911. Within minutes the authorities will arrive at your doorstep and work tirelessly to resolve this. In the digital world, if someone hacks into your computer and steals your login information to your bank account, then what? Today, online crimes are occurring at an increasingly higher rate in comparison to physical crimes because of the low barrier to entry. Online crimes pose a far lower rate of risk since they can originate from all over the world, where the authorities near you have no jurisdiction, thus posing less significant risk and producing more petty con artists than ever before.

Not too long ago, I was a victim of a phishing attack. I Googled ‘Pug Puppies for sale’ and clicked on the first Google link that appeared, which was the one advertised. I assumed this meant it was the most popular or most credible site. After filling out a form, the seller contacted me regarding one of the dogs listed. I paid $750 for the initial purchase of the dog. After that, I received another email from the alleged shipping company saying I needed to pay an additional $1,000 for pet insurance. After spending that, I got another email requesting $2,300 for renting a shipping crate. I was assured by the seller that I would get a full refund upon the delivery of my pet. I received yet another email saying I needed to pay $3,200 for the dog's vaccines the next day. After that email, I contacted the seller about my skepticism, and they assured me it was a legit business. It wasn't until I shared my skepticism on Circle and a user sent me a link to petscams.com that I realized this was a scam, and I had lost $4,050.

After getting scammed, I had no idea who to talk to to figure out what to do. I didn’t want to share it with my family. As a recent college graduate who had only been on her own for a couple of months, I imagined the scrutiny I would face from them as they snarked that I couldn’t make it on my own. After all, all the warning signs were there, so why didn’t I pick up on it? The typeface of the email was odd and the tracking website wasn’t working when I entered my tracking code. The Circle community seemed like the only reasonable solution. It’s a group of some of the most accomplished and intelligent cybersecurity professionals who I knew would guide me in the right direction. What invited me in and allowed me to feel comfortable sharing my story was the nature and desire of this community to share best practices with one another. The goal is that if criminals target one area, we have a way to quickly share it with our peers so that they can be aware of the issue in their own domains.

The reason why myself and so many others fall so far down the rabbit hole of a scam is because of the notion of sunk cost fallacy. I could have saved myself so much time and money after the second request for money if I said no and listened to my gut. So what was it that made me spend $2,300 on the thermo-electric crate? Well, the person on the other end of the text conversation said it was to keep the puppy warm while traveling in the truck. The thought of my future dog freezing during his transit from Utah to Seattle was heartbreaking. If this turned out to be true and I didn’t pay, I would never forgive myself. After I had sunk about $3,050 on this, when the third request for more money came in, I felt that I had no choice other than to keep going or else I would never get the dog.

For a criminal to be convicted of a crime, a testimony from the victim is needed. In most cyber-crime cases, many victims don't have a good grasp of what has just happened. After the attack I faced, I had no idea who to report this to. In all honesty, I didn't understand whose responsibility this attack was. Was it me, the consumer, who fell for the malicious attack? The web browser Google that had this site listed #1 in the search results? Venmo, the platform used to initiate a transfer of funds? The nature of modern cyber-attacks means that various players share some responsibility in the matter.

40% of fraud victims don't tell anyone, not even family or friends, because of their regret, shame, or guilt. Only 20% of fraud victims report it to the authorities because they figure if they aren't going to get their money back, then why take the time out of their day to report it. For justice to be served and these criminals to be apprehended, we need customers to take the time to file a complaint. Some of these scams are made up of more extensive, more sophisticated networks. What may seem like a small operation is likely a sizable criminal operation of various websites.

The cybersecurity community, especially the one on Circle, helped me immensely in spotting the fraudulent activity, providing suggestions on next steps and overall support. This is a community that you can lean into for support and prevention. While you may not get the retribution that you were hoping for, exposure is the first step. If you don’t ever come forward, then the scammer will never get caught. So, while not as easy to remember or catchy as, "In case of emergency, dial 911," the following resources can be used to help law enforcement locate the scammers and expose the extent of scams:

Federal Trade Commission: Report fraud or identity theft

Better Business Bureau: File a complaint, describe a misleading advertisement, or report a scam

FBI Internet Crime Complaint Center: File a complaint or read about other scams and alerts

Petscams.com: Report a pet scam, search their database of pet scammers, or read the latest news about pet scams