The Belgian internet marketplace site 2dehands.be has warned users of a case of internet fraud targeting sellers who use the site.
The scam works as follows, De Morgen reports: the seller of an object is contacted by email by someone offering to buy the object for sale, sometimes offering an extra 10 euros to secure the sale. The buyer offers to transfer the money via the German packages company DPD, which will also come and pick up the object. The seller then receives an email link to what purports to be the site of DPD, where they fill in their bank details to receive payment.
However the site they land on is a clever fake, and their bank details have been harvested for future fraudulent purposes, a practice known as phishing. The sale, of course, never goes through; the scammers already have what they came for.
The sales site is now warning users to be wary when a customer suggests completing the deal outside of the 2dehands site itself. They also point several warning signs: the fake buyers are often French-speakers on a Dutch-speaking part of the site; they address their target as “beste” without using a name, and speak of “your product” without specifying, suggesting the use of a pro forma communication.
The site also has a button to click to report suspected fraud. Meanwhile delivery company DHL, which has also been used by phishers in the past, has placed a warning on its Belgian site: www.logistics.dhl/be-en/home/footer/fraud-awareness.html.
According to the Belgian banking federation Febelfin, in the first nine months of 2018 there were reports of 3,350 cases of fraud in internet banking, for a total value of 5.5 million euros.
More broadly, the federal government’s Centre for Cybersecurity receives some 2,000 notifications every day of suspect web links or transactions, made by sending a report to [email protected].