Once someone is emotionally invested in purchasing a new pet, it’s easier to be manipulated and defrauded. We want to share ways that you can be sure not to get scammed. Today’s guest is Jack Whittaker. Jack is a PhD candidate in Criminology with published works in the field of online fraud. He has presented at several fraud conferences as well as has done expert interviews for both national and international news outlets. Jack also helps run a voluntary counter fraud initiative called PetScams.com and occasionally teaches cybercrime awareness to school children.
“At what stage does bad customer service turn into systematic fraud?” - Jack Whittaker Share on XShow Notes:
- [1:04] – Jack shares how he became involved with PetScams.com.
- [2:00] – Pet scams are very unique to certain countries including the United States.
- [3:25] – Pet scams originally come from Cameroon.
- [4:46] – An offender will create a website and set up Google ads. They spend tons of money to start this sometimes with stolen cards and reinvestment.
- [6:56] – There are fake sites listed on Facebook, Twitter, and Pinterest to generate more traffic.
- [7:59] – Victims of these scams tend to be people who are very vulnerable.
- [9:32] – After the victim pays a deposit, the offender then contacts them as a fake shipping company to charge them more.
- [10:44] – These scams are social engineering at its finest.
- [12:04] – If the person building the website is skilled, legitimate websites can be copied as a fake.
- [13:02] – For now, the best advice is to video chat with the breeder to see the pet. And even better than that, visit the breeder in person.
- [14:20] – Chris shares the story of almost being scammed when purchasing a pet.
- [15:30] – Scammers use an address they find of a property that is for sale somewhere. It has caused problems for the buyers of that home later.
- [17:50] – International scams make things very tricky.
- [19:54] – Jack explains the different kinds of money mules.
- [23:32] – Once things are figured out, scammers have adapted. Offenders are always two steps ahead.
- [25:10] – There is a minimum threshold for crimes to be looked into.
- [26:12] – Non-refundable payment methods are a huge red flag.
- [27:49] – Pet scammers often run other types of scams simultaneously and typically follow trends.
- [30:01] – There are scams that target victims who are in a place where they will not report the crime for fear of their own arrest.
- [32:14] – Jack describes the hierarchy of scams.
- [34:08] – Some scammers also torment their targets.
- [35:43] – Once someone is scammed, their information is shared to other scammers.
Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.
Links and Resources:
- Podcast Web Page
- Facebook Page
- whatismyipaddress.com
- Easy Prey on Instagram
- Easy Prey on Twitter
- Easy Prey on LinkedIn
- Easy Prey on YouTube
- Easy Prey on Pinterest
- PetScams.com
- Pet Scams on Twitter
- Pet Scams on Instagram
- Scam Directory
Transcript:
Jack, thank you so much for coming on the Easy Prey Podcast today.
Thank you very much. A pleasure to be here.
Glad to hear it. Can you tell me and the audience a little bit about your background and how you got started with petscams.com?
Yeah, of course. Actually, at the moment, I'm a doctoral researcher at the University of Surrey in the United Kingdom. My background with pet scams goes way back, maybe four or five years now. I wasn't the original one who started that, I should say that. It’s run by a lunatic Irish man who's very good at what he does. He's one of the most selfless and friendly people I've ever met. He brought me on board because I was looking for something a bit different to do in my free time. It grew from there and now it has taken up my whole life.
We were talking before we hit record that pet scams are something very unique to the US.
Pet scams, generally, they're very unique to the US, to Canada, to Australia, and to South Africa. The reason why is because consumers in the US will go on websites and select a pet, but they don't like the idea of traveling across states to visit that pet. For example, if you're in New York and you really want an American Kennel Club Chihuahua, for instance, then the breeder is in Texas, so you're not going to travel that distance.
In effect, me and my fellow volunteers at petscams.com have identified that, as a result, there's a booming economy for pet scams, which has become obscene now to the point where millions of dollars every year is being lost.
We're differentiating between puppy mills, which actually have pets that are sick, versus ones that there is no dog involved whatsoever, there's no cat, and there's no pet involved whatsoever.
Yeah, 100%. There's a massive difference with the pets that are there—you saw it arrive and looking at its own eyeball. That's a pet welfare issue, whereas what we're dealing with—the seller of the animal actually has no intention of delivering it. They're based in West Africa, which I can talk about in a later bit.
Let's talk through who runs the scams, who they are targeting, and what you've learned over the years in dealing with them.
That's a really good question. Sometimes the simplest questions are the most complex to answer, so this might be quite a long-winded response. In effect, pet scams originally come from Cameroon in about 90% of cases. I've actually spoken to some of the offenders that run these scams and effectively, from what I've been told, it could be a complete lie because criminals lie.
Some of the excuses behind it was it comes from the Ambazonian Region of Cameroon, which is the English-speaking region and it was effectively Nigerian—419 guys in the ‘90s—that brought cybercrime with them. The Cameroonians ran with it and decided, “Well, actually, what can we defraud people in the West for? Pets might be a good one.”
In effect, it's diffused outside of the country. And also, what's interesting is as these offenders move abroad for things like study or work opportunities, they also take their cybercrime activities with them. Some of them are successful and prominent money mules operating in the US, for example, are Cameroonians, and they receive stolen money and send it back to their fellow colleagues back home.
In terms of how the scam operates, it's a very interesting story and one that is so simple, but it's done to perfection. What effectively happens is an offender will create a website, which is a very easy thing to do in this day and age. They will find a domain name registrar who sells the domain name. It is usually a registrar who is friendly towards scams. I won't say the names of companies because I don't like being sued. But what we found in our research at petscams.com is that the offenders actually congregate towards a certain input, certain infrastructure that is friendly towards scammers.
We got a domain name now, so what the scammer does is they might decide to build a website themselves or they'll actually go to a colleague who might be a friend of theirs down the road in Douala, Bamenda, or wherever they’re based. These guys specialize in building pet scam websites. They'll pay them a fee and hey, presto, we have a website now.
We got a website at this stage, but unfortunately, that website isn't going to generate any visitors unless we market that website. What they then do is they set up Google ads. They just blast Google with advertisements and they spend insane amounts of money to the point where some of the actual losses from victims are being reinvested into the Google ads on new websites. I've actually found that some of the websites are spending over $10,000 on Google ads, which is phenomenal.
Are they doing it with stolen credit cards?
It's a mixture of data trading and reinvestment of previous victims funds’ that are lost, which creates something quite interesting along the lines of there's a lot of companies that are profiting off the victims of cybercrime, which is the ugly part that never gets discussed.
We’ve got a website at this stage and we’ve started marketing it. Now we have someone who's interested in pets who has found it on Google ads. I should also say, too, that there are countless Facebook groups, Pinterest groups, Twitter pages, et cetera, that are advertising these fake pets at this stage. They can't advertise on platforms such as Amazon because buying and selling animals isn't allowed in their terms of service.
Someone then contacts the website and says, “I want to buy your really fluffy-looking pet. Bella the Cavoodle puppy looks really cute.” They all say, “Yes, that's very nice. We're selling at 50% off.” What they are doing is appealing to what's called visceral appeals, which evokes an “I like that” response from the victim. That will be things like the very cute pictures, the 50% off, et cetera. That gets the victim hooked at that stage.
It's also worth mentioning too, it's not just greedy people that are hooked into these scams. It is people who are suffering from cancer and need a pet to get them through it. It's veterans with PTSD. It's children who might be bullied in school. It's also vulnerable and elderly too, so the AARP, for example, we've done work with in the past and my colleagues just on a podcast with them.
On top of that, too, you've got, unfortunately, people that are greedy and they're looking for a […] pet at a massively discounted rate. At that stage, the victim is hooked. They really want these pets. They've opened a correspondence with the offender at that point and they'll pay the deposit fee. The deposit fee will be paid. It used to be Western Union, MoneyGram. That's dying now because they keep getting sued.
These days, it is primarily Zelle and also the criminals tailor-make the payment process depending on the country. In America, it's also Walmart-to-Walmart transfer. In Australia and South Africa, it is bank accounts which are used. I have a feeling that's because of the money laundering regulations aren't quite as tight there. That's a general hypothesis at this stage.
At that stage, the victim has paid for the pets and the offender at this point has realized we can defraud them for more at this stage. This is great because they're really hooked into it. What the offender does then is they own a shipping company website and they will recontact the victim under the guise of being a shipping agent. They'll say, “Oh, by the way, we're going to charge you for what's called a temperature-controlled shipping crate,” despite the fact that airplanes are already pressure-controlled environments.
This is where the prices actually increase now. They charge more than a regular shipping company would because the consumer is, at that point, hooked. The story narrative continues and continues and it just snowballs until the victim realizes that they are being defrauded or they essentially run out of money in some very sad cases that I've come across, so they'll charge for things like vet fees. They've adapted to coronavirus, so they charge for COVID vaccine fees, quarantine fees, the whole song and dance really.
One really exceptional case I came across—a woman actually lost $15,000 because the offender claimed there had been a plane crash and he introduced the lawyer's narrative of, “I'm suing you.” It's about 15% technology here, 85% social engineering, and it really is social engineering at its finest.
Do you see issues where the scammers are cloning legitimate breeder websites?
All the time. It is so easy to actually clone a legitimate website and there is very little that can stop it. Effectively, you can use a program such as HTTrack and it will download the whole website's contents. Then you just slap a domain name and change some of the pictures. Also, you can use the thing called […] on the text so you can rip off someone's websites and stop consumers from doing stream searches. It will spill out the sentences rearranged to prevent plagiarism checks.
However, that does create some very unusual situations. One of them, I think, was a commodity scam. They nicked it from a cow farm. It's like, “We milk our peanuts twice a week.” I was like, “You can't milk peanuts.” It creates quite a bewildering situation, but in reality, if the guy who's building a website knows what he's doing, it can be really, really good. Also, they lock the website sometimes so you can't actually do a direct copy and paste. You've actually got to go into the source code to get the good stuff out.
A little bit of JavaScript to keep you from being able to do a grab.
Exactly. In effect, it's a very elaborate process, but it's something at the same time that's really cost-effective and very simple to do.
What are people supposed to do to make sure that they're dealing with a legitimate, real breeder as opposed to a scammer?
Have a video chat with a legitimate breeder. Make them show you the mother with the pups. -Jack Whittaker Share on XIt's incredibly simple. Have a video chat with a legitimate breeder. Make them show you the mother with the pups. Scammers will adapt to that in the future. One thing that we've learned from doing this for five years is that every time we say something, they adapt to it very quickly, which is very, very annoying. I'm sure they're going to find a way around it, but for now, the best advice is to video chat, or the golden rule, of course: go and visit the breeder in person. Maybe all for that matter change the circumstances. Maybe you don't need that pedigree puppy. Go to the pound, see what's there. It's quite simple things.
There's no really technical stuff that needs doing like going into WHOIS, the name servers, the IP addresses, and fishing around. It's all very basic things, and it's one thing that frustrates me the most about infosec in general. There's always a lot of people splashing jargon around and scary words to make themselves feel clever, like the word phishing, for example, when in reality, it's just very simple things.
When my wife and I were looking to buy a dog, we had started looking at breeders for Schnauzers and we found one. If it came time to pick up the dog, we could drive there, but it wasn't close enough to drive out to do a visit. My wife had been emailing the person back and forth. I think they've even had a couple of phone calls and I was like, “OK, the prices were within the normal range for the breed and everything kind of seemed right.” My wife goes, “Hey, I’d love to have my aunt come out and just visit.”
My aunt was 50 minutes away from where this person claimed to be. Once coming out to visit was said, they went dark, they never picked up the phone, they never responded to emails, they didn't respond to text messages. It was a scam.
Exactly. You've actually come across a Cameroonian pet scammer then. Also, in that story as well, what's really interesting too is that there are innocent third parties who are being damaged by the scam. Not many people think about them and it's just starting to gain a little bit of traction. Quite often, I should say as well, that scammers will find houses for sale and claim that they're from there on their addresses. It will always be where you're not from so they'll change it. If you're from New York, they'll be from California and vice versa.
What's really interesting is once those houses are actually sold, we speak to people who've just moved in and they've got 50 very angry people turning up at their houses. In some cases, it's gotten to the point where they think they're a criminal and they’re getting death threats and bricks thrown through the windows type thing. It's really quite scary, some of it.
We ultimately did end up buying a dog from a breeder, and I watched her posts on Facebook. She's had similar issues where people have used her name, the pictures of her dogs and are trying to sell them, and when something goes wrong they come after her, not the scammer.
Exactly. There are a lot of knock-on effects that people don't really consider. Some of them are quite ugly, as I've talked about, and they're not going to be discussed openly. For example, certain companies that profit from the lax registration process and domains. For example, what is the role of ICANN in all this, the Internet Corporation for Assigned Names and Numbers? Are they the regulator of the […]? Can they do more about this crime? They're saying they're not, but actually, they've got a job to uphold WHOIS.
Again, it's quite an interesting dichotomy going on there. You've then got the hosting providers. Are they bulletproof hostesses, for example? On top of that, there are all sorts of checks and balances in play. Then, of course, you've got the direct and indirect victims. You've got the legitimate shipping companies whose websites are being ripped, IPATA, the pet transport association. Their logo is just being abused to death now. It will get to the point where effectively, if things continue as they are, their logo as a trust on a website might not be worth much in the near term.
Finally, as you've just pointed out, you have pet sellers and people who have Instagram pages of their pets who are just getting them ripped constantly. There are a lot of implications for these people, which is quite scary.
I think it's one thing if you have a purely domestic scam where the victim, the platform, and the scammer are all in the same country. With the challenge that I see so much is, with the international scams as well. The domain was registered in Slovenia with a stolen credit card. The hosting was run out at Romania with a stolen credit card. The victim’s in the United States. There’s a money mule in Canada, and the scammer’s somewhere else. Pick the country and it's like, “OK, so do you want to spend $100,000 trying to get your $1000 back?”
Exactly, yes. A really interesting one, as you said about this sort of dispersed network of infrastructure. I remember there was a big thing going on at the moment because a pet scammer got arrested in Romania. There was a lot of song and dance around it and clearly a lot of back-patting going on where they’re saying, “We won't tolerate COVID-19 scams in the US.” I was just sitting there thinking, “OK, great. We've got one pet scammer now. There are probably about 30,000 that are set in Cameroon, but let's give each other belly rubs and say it's all great.”
Yeah. So much of it is a whack-a-mole game. Just because you shut down this one website, even if you get that one scammer, it's not like the whole cottage scam industry is now, “Hey, we've shut down the entire industry because we arrested this one person and put them in jail for 30 days.”
Exactly, but they're all there. At the same time, there are some really, really good takeaway points for US law enforcement to focus on. One of them is definitely money mules because, in a sense, there are so many different ways that money mules can be recruited. Some of them, for example, aren't even actually offenders themselves. They are direct offenders, but they're unaware of what's actually happening.
The different types of money mules are so-called mystery shopper or payment processing assistant money mules, which are recruited via job scams where you get taken on and you get paid $22,000 for three or four hours of work a day. Eventually, what will happen is you'll walk up to Western Union, the bank has locked your account, and then you'll go, “What's going on? Why can't I send this money to Cameroon for my job?”
Western Union will laugh and they will say, “Oh, by the way, you should only be sending in money to friends or family here.” He will say to them, “Oh, I do know them. I actually work for this company.” Western Union will then raise their eyebrows and laugh even more because, at that point, they'll say you shouldn't be doing employment work through Western Union. That's one side.
The other type is romance scams where they can recruit money mules. “Hey, baby, do you fancy sending me $3000 from one bank account to another” type of thing. Then the third is sort of the knowing mules, the people who are actually in on the scam. I've noticed with pet scams, Cameroonians actually use these types of mules a lot more whereby a student from Cameroon goes to the US, probably gets there and realizes it's more expensive than they thought, and then they're offered some cheap money, which involves picking up Western Union payments and then sending them via bank wire to Cameroon.
What was really interesting about that too is we did a thing with a news company from Indianapolis recently where we found out who our money mule was and we managed to get him pulled over on a traffic stop. He had 13 fake IDs in his car at the time, which was really quite phenomenal. It just gives you a sense of the scale. If he's got 13 fake IDs for 13 different pickups that he does, there's probably quite a lot of money that goes through this process.
I've seen a number of scam baiters and whatnot who have helped facilitate the takedowns of the mules and the amount of cash that they have on them at any one time is staggering.
Some of it is a bit iffy, though. There are some types of muling that I'm personally still learning about. For example, we did a news interview with Atlanta recently and we found that there was a really shady syndicate of strippers who were all working together and they were all money laundering for Cameroonian pet scammers.
The money was being sent to this stripper's payment accounts—Venmo or something. I can't remember. In the end, they called her out and said, “What's going on here?” She said, “Oh, I think my account was hacked,” despite systematic payments, which we tracked through our websites going there. I'd really be interested to see how she got involved in that because I enjoy stalking people sometimes and I went through all of her social media followers. I couldn't find a single link to Cameroon because, with money mules, there's always that one person that you can pin it to. Nothing, so there's a lot to learn still.
I think the challenge is as soon as you figure out how it works, they've pivoted on to some other technique.
Yeah. There was a criminologist- he said we're constantly—in technology crime—in an arms race with offenders, whereby crime prevention does one thing, offenders are always two steps ahead, which is just the law of things.
I don't think that's unique to internet crimes. That's just the nature of crime in and of itself. We don't want to get caught so we have to do something the police can't figure out.
Yeah, exactly. It's a bit like if I wanted to go and rob a bank and I use some high-powered cutting tool, then the bank installs some better volt that can repel it, and then I go out and buy an even better cutting tool. That's the type of thing.
I should also say, with pet scams, one thing that's really interesting about it is that despite the emotional impact it has on people, no one really cares about it still because it doesn't make anyone any money to actually tackle it in cybersecurity. It's left for volunteers like us.
I was speaking to my colleague the other day and he said, “We shouldn't be doing this.” We don't want to be doing it, but we feel we have to, if that makes sense. Not because we're sort of Batman-type people, but just because we're quite good at it, even though we make not a lot from it. Secondly, there's also an issue with monetary thresholds here, which is that if you're a fraudster committing an internet crime, you managed to set up a scam defrauding everyone in the US for $1, you have a perfect crime because it will never get looked into.
If you’re a fraudster defrauding everyone in the US for $1, you have a perfect crime because it will never get looked into. -Jack Whittaker Share on XYeah, that's the way things are in some US states right now. They've raised the minimum threshold for a crime to go from a misdemeanor to a felony, so it's, “OK, we'll just keep the crime right under the felony amount.” Even if the person does get arrested, it's a citation. They're released and they're back out, committing the same crime the next day because there's no cost to them. You haven't put a barrier up to them being able to perform the crime.
Exactly, yeah. Even in the case of Atlanta that I was just telling you about, the victim was actually suing the woman in civil courts. I was just screaming going, “It's not civil, it's criminal. It's not a trade dispute.” There has to be more education in terms of what you're dealing with. It's the tip of the iceberg in terms of what stage does bad customer service turn into systematic fraud.
It's the tip of the iceberg in terms of what stage does bad customer service turn into systematic fraud. -Jack Whittaker Share on XYeah. I think the one thing I always tell people is to watch out for the non-refundable payment methods.
Yeah, a big one, especially things like Bitcoin and Zelle. Zelle even has a payment policy now on the website saying, “Please don't buy pets using us,” because the problems got that bad. Then, of course, Western Union, MoneyGram, and Walmart-to-Walmart transfer—all that sort of good stuff consumers should never ever use to pay for things.
Yeah, I'm surprised in a sense that Western Union can actually remain in business. I don't know anybody who has legitimately used Western Union to send or receive money. Every time that I've heard of someone that I know who has used it, they have been a victim of a scam.
Yeah, exactly.
I can't imagine how the platform can exist when, from my perspective, I'm sure there are legitimate uses, but it seems to only exist for the benefit of fraud these days.
It was also the case with, I think, drug cartels as well that were using money-transfer officers. It's a real mind-puzzler because, as you just said, there's always going to be a Western Union. If we shut one method down, there will be another one that pops up. Bitcoin seems to be one of the main proprietors or the main enablers of cybercrime in this day and age.
A really interesting example of that is—I should note as well that pets are one of a very small proportion of scams that these offenders run. They are running marijuana, drug scams, pharmaceutical scams, cancer medication, and opioids. It's all being reflective to what's going on in different countries, mostly in the States. They started running opioid scams once the opioid crisis got big. Private healthcare, it means people are going online to look for their own cheaper medication. That gives the boys in Cameroon a good opportunity.
Marijuana legalization means that people are more willing to buy online. Guns are a massive one at the moment that we're seeing after Biden won the election, but I'm not going into politics. PlayStation 5, and there are some other ones out there that are a bit weird that I don't know why they're being concentrated upon, but it's happening. Some of the weird ones are human organs. I keep seeing hearts, kidneys, and lungs for sale. I think they might be targeting people in India and China. Also, sex dolls is another big one with suspiciously looking aged doll.
No one's going to report that crime.
Yeah, exactly. Pinball machines. […]. Yeah, exactly. Again, I should just say, with drug scams, for instance, no one is going to report it if you take the chance of buying crack cocaine on a website and you're an addict whose dealer can't get you the usual supply. A website says, “same-day delivery. Bitcoin me here,” and you're desperate for your hit. Then who are you going to tell? That famous quote: criminals have no recourse. If you can victimize others—I'm saying criminals in a very loose way because I think people who are suffering from drug addiction, they can be, but usually they're not their victims.
It's people who are in a circumstance where they're not going to report the crimes for fear of reprisal.
Exactly.
That is the politically correct way of saying it.
Exactly, yeah. I'll just wait for the death threats to come in now for the prior comments, but yeah, exactly. It's all to do with things that people cannot or do not want to report.
I started logging on the second site called scam.directory and it made me realize that pet scams really are the tip of the iceberg. I'm hoping, with my academic work, I can call it a portfolio crime, and that could be transferable to things like phishing BEC. For example, I'm well aware of a […] who does fantastic work on BEC. I remember reading one of their reports recently, which was a case called exaggerated line and it was a BEC gang. That BEC was also tied to romance fraud. They were using the romance victims as mules in that case.
I'm hoping, even with these seemingly insignificant websites that, as you say, are defrauding people who cannot or do not want to report a crime, there might be other aspects that are worth exploring, which I think is very important to document everything. The reason why me and my colleague have built that second website is because if law enforcement came to us and we had pets listed next to cocaine websites, they might be less inclined to work with us then.
Yeah, it's applying what you've learned in the pet scam trade to, “OK, how do we apply those to other illicit trade?”
Yeah, exactly. Definitely. Also, what I've learned from speaking to offenders is firstly, there's a hierarchy of scams, I should say, and this is something really interesting that I wasn't aware of until I started speaking to them. At the bottom you've got drug marijuana scams and at the top you've got what's called company fraud. That doesn't explicitly refer to as BEC or defrauding an accounts department or an executive. It's actually wholesaling commodities, usually. If you can claim to sell that in bulk, then you can make an incredible amount of money doing it.
I was speaking to a business owner recently who was defrauded in a […] scam from Ukraine and he's in Germany. It took him €8000. It shows different cheese that they can put on the mousetrap.
The second thing I should also say, too, is just the web devs over in Cameroon, they absolutely hate their clients from what many of them have told me. The reason why they've been willing to speak to me might sound a bit corny or cheesy, but they don't actually like what their clients are doing but they are doing what they're doing as a way of making a living, which is quite a sad thing, I suppose.
Yes. I've heard that a lot when talking with people who've interacted with the scammers directly. It's like, “I don't want to do this, but I'm trying to put bread on the table. I'm trying to feed my kids, and this is the only option that's available to me.”
Yeah, definitely. That being said, I do consider the web devs to be offenders themselves because they are providing an integral service for scammers. What I do find pretty sickening though is how some of the victims are effectively tortured after the scam takes place. I've already talked before about how some of the victims will be sent by a scammer on a wild goose chase, maybe for six hours to meet the breeder halfway to pick up a pet that doesn't exist.
Another way of tormenting a victim is through blackmail. If you're importing a monkey, for example, Arowana fish, which is protected under CITES, or anything that's restricted in the US. They will then claim to be from a US agency and say, “Hi, we want you to pay a fee or bribe,” as it were, and they'll claim to be law enforcement. They'll say, “Yeah, we're going to come in and arrest you.” Also, the same with puppies. They'll say to the victims, “We're going to charge you with animal abandonment if you don't pay the quarantine fee.”
Then the last one is just incoherent threats, which I've seen some pretty shocking stuff. Once I had a woman who was just absolutely crying to me on Skype saying, “They've threatened to come to my house and rape me in front of my daughter whilst my husband watched.” There's some pretty horrendous stuff going on, really.
Yeah, I think that's one of the challenges of these things. Once someone has been victimized by a scam, their name, their contact information gets passed around these groups of scammers and they become this big target for anything and everything.
Yeah, exactly. I completely agree with you, and then you'll have recovery scams. What's really interesting is unlike in other types of cybercrime, the recovery scam actually happens as part of the initial hook phase where the shipping process starts. In a sense, that's why I consider pet scams to be quite clever because they'll do it whilst the victim is already being defrauded.
Just to add that little bit of a sweetener onto the scam itself and to prevent the victim from reclaiming the money, they will create fake trackers on the shipping page and give the victim a code. It will show two weeks, for example, or however long it takes for the gang to reclaim the money just to give them enough time that the victim has no chance of getting that back.
Yeah, the things that people will do to separate other people from their money. It's sickening.
Yeah, it's a very scary world.
If people want to find more about the pet scams as well as your scam directory, where can they find you and those sites?
The first one, petscams.com, is as it is. Scam Directory is scam.directory. If anyone wants to get a hold of me, I'm on LinkedIn. You can also contact me through my email, which I'll share with you afterward. Lastly, as well, if you want to use our data, we're more than welcome. We want as many people to use our data as possible.
It's just starting to be used by university students now. I've got colleagues that are using it and they're doing some really terrific stuff with our data, which really can give some love to what is an under-loved type of cybercrime. If law enforcement, IT devs, or InfoSec professionals want to use it just get in touch with me, please.
That's awesome. Super appreciate you making that all available, and it's a service that you're not charging for, I assume, correct?
Yeah. We only accept donations, and even then, we make just enough to keep the server running. Just to feed that little hamster going around in the ball.
Poor little hamster.
Yeah, exactly.
Jack, thank you so much for coming on the podcast today.
Thank you so much, and it's been a pleasure to be here.
Paul Handover says
I have only listened to the first few minutes of this interview with Jack Whittaker. I wanted to say two things. The first is that I was scammed in August, 2021 and lost $9,500. The second is that I am giving a presentation this Saturday on the dangers of scamming. I also run a blog called Learning from Dogs and would love to have your permission to republish what you have here on LfD? Thank you.
Deb Eskew says
You can republish. Thank you!