User possibly hacked and selling in M1 Garand forum

[longgoldsilverandlead]

Some things that could be done to help this problem:

1. Don't use a simple or predictable password - I would bet the number of people whose password is "garand", possibly with some number, would make a security professional cringe. If it were not illegal to do so, I'd be tempted to write a script to scrape the forum member list and test each account to find out. I'd use a dictionary attack with words that would be meaningful on the forum. The older crowd is more vulnerable to this sort of thing. I bet that's what some of these scammers are doing. Make your password a phrase unrelated to the forum content and you'll improve things substantially.
2. Don't use the same password for any pair of websites. When your account at website A is compromised, the list of compromised accounts gets sold off on the dark web. Others hackers buy the credentials and then try them on other websites - banks, retail, etc.
3. I've used google reverse image search to look for previously posted images since these guys clearly don't have their own inventory to photograph. They'll often also lift advertisement text from previous ads.
4. As demonstrated in several of these instances, the scammers are vulnerable to the shibboleth test - ask them a question that will produce an answer that identifies them as ignorant or dishonest and we can filter these guys out.

[ZvenoMan]

Quote:

Originally Posted by lumpywolf223

Can we post this seller in the BEWARE sticky on the top of the page on for sale parts ?

The guy was hacked.
Seems reasonable to assume he will become un-hacked at some point. So that list is more for names of people who joined TO scam.

The names are always less important than the behavior.

As noted in this thread alone, we see some common clues are:
Use of non-regulated, non-protected payment types. DO NOT use paypal, zelle or similar F&F for commerce with strangers, DO NOT use paypal, zelle…. for their prohibited items such as firearms.
Look for other signs of a scam (rushing the transaction, grammar inconsistencies) and ask a leading question in order to see if they are a fraud.

[Shomway]

Quote:

Originally Posted by ZvenoMan

The guy was hacked.
Seems reasonable to assume he will become un-hacked at some point. So that list is more for names of people who joined TO scam.

The names are always less important than the behavior.

As noted in this thread alone, we see some common clues are:
Use of non-regulated, non-protected payment types. DO NOT use paypal, zelle or similar F&F for commerce with strangers, DO NOT use paypal, zelle…. for their prohibited items such as firearms.
Look for other signs of a scam (rushing the transaction, grammar inconsistencies) and ask a leading question in order to see if they are a fraud.

And too cheap to be true....

[FRODAWWG]

The “seller” is listing items this morning also.

Does someone have contact with a forum moderator so that that user name can be confronted by staff?

[Shomway]

Quote:

Originally Posted by FRODAWWG

The “seller” is listing items this morning also.

Does someone have contact with a forum moderator so that that user name can be confronted by staff?

Already reported one sale item from the hacked account this morning. The one for the flash hider.....

[ZvenoMan]

Quote:

Originally Posted by FRODAWWG

The “seller” is listing items this morning also.

Does someone have contact with a forum moderator so that that user name can be confronted by staff?

Everyone has contact with the moderators.
Use the “report post” icon at the top right of the post.

[Ronwall]

Quote:

Originally Posted by Gewehr43

Yes, But the pictures used could be from anywhere and the "discussion" was the first real clue the sale was bogus.
And it wasn't until this thread started that the photo was researched.
The fact that the photo was from here just made it easy to add up the red flags.

And that is what you (any potential buyer) should be doing, is adding up the red flags.........not just focused on one.

And leaving them up allows that connection to be made..........

I understand your point but personally I would prefer that any pictures I've taken, ads I've wrote and posted or any merchandise I've ever owned to not be used in any kind of unethical dealings so once all parties involved are satisfied with the transaction I will continue to delete my WTS ads. If I need an approximate value on something I can look at GB, Ebay and/or contact connections on a personal level.

[ZvenoMan]

Quote:

Originally Posted by Ronwall

I understand your point but personally I would prefer that any pictures I've taken, ads I've wrote and posted or any merchandise I've ever owned to not be used in any kind of unethical dealings so once all parties involved are satisfied with the transaction I will continue to delete my WTS ads. If I need an approximate value on something I can look at GB, Ebay and/or contact connections on a personal level.

Good point but consider this:
A scammer isn't selling YOUR gun, he/she is finding a pic of A gun and posting it in a scam ad. Probably dozens of times per day. Like fishing, if you have 30 rods constantly being baited and cast you will catch more fish than with 1 rod.

So deleting your pics will maybe keep THAT pic from being used in a scam ad (but if a scammer downloads your pic, not only do they have it to use, but it won't come up in a reverse picture search). No issues, finding pics of stuff (guns, pokemon cards, beanie babies, yarn, whatever) to use in scams takes no effort.

OK, maybe I can't scam a $4500 rare Garand from YOU without pics of a rare Garand, but if I have 3 ads out for $1000 Garands, collector coke crap, stamps, painted duck decoys and whatever and 3 or eleven people bite did I (the scammer) lose?

Scammers don't use "guns" in scam ads, they use whatever they need to use based on the hacked account they takeover. If they hack your account on perverted websites they they will not use gun pics but, well, figure it out.

As I always say, think less about the screen name or the specific picture and protect your self using a secure payment (risk management: more secure for strangers, less secure MAYBE for those you personally know), never use a payment for an item prohibited by THAT payment processor, and then use logic and common sense when reading the ad and asking questions.
If the guy can't articulate properly (yet his other posts that of course you took the time to view do), that is a hint.

A gas trap (repro) for $1000.00, probably a scam, a gas trap (original) for $2500, probably a scam. If you ask if it has the partridge arsenal peacock cartouche and they say "yes", it's probably a scam......
If it is a particularly high dollar item (based on YOUR definition of high dollar) and you want more pics they will send them. If they don't you don't need it.......

[Ronwall]

Quote:

Originally Posted by ZvenoMan

Good point but consider this:
A scammer isn't selling YOUR gun, he/she is finding a pic of A gun and posting it in a scam ad. Probably dozens of times per day. Like fishing, if you have 30 rods constantly being baited and cast you will catch more fish than with 1 rod.

So deleting your pics will maybe keep THAT pic from being used in a scam ad (but if a scammer downloads your pic, not only do they have it to use, but it won't come up in a reverse picture search). No issues, finding pics of stuff (guns, pokemon cards, beanie babies, yarn, whatever) to use in scams takes no effort.

OK, maybe I can't scam a $4500 rare Garand from YOU without pics of a rare Garand, but if I have 3 ads out for $1000 Garands, collector coke crap, stamps, painted duck decoys and whatever and 3 or eleven people bite did I (the scammer) lose?

Scammers don't use "guns" in scam ads, they use whatever they need to use based on the hacked account they takeover. If they hack your account on perverted websites they they will not use gun pics but, well, figure it out.

As I always say, think less about the screen name or the specific picture and protect your self using a secure payment (risk management: more secure for strangers, less secure MAYBE for those you personally know), never use a payment for an item prohibited by THAT payment processor, and then use logic and common sense when reading the ad and asking questions.
If the guy can't articulate properly (yet his other posts that of course you took the time to view do), that is a hint.

A gas trap (repro) for $1000.00, probably a scam, a gas trap (original) for $2500, probably a scam. If you ask if it has the partridge arsenal peacock cartouche and they say "yes", it's probably a scam......
If it is a particularly high dollar item (based on YOUR definition of high dollar) and you want more pics they will send them. If they don't you don't need it.......

I can't stop a scammer from scamming folks and I can't stop someone from being scammed. What I can and will do is protect myself by taking reasonable precautions. If using 10 seconds of my time to delete a WTS ad in this forum helps protect me just a tiny little bit then so be it. Using strong passwords (not my pets name or my wife's birthday), not doing anything stupid and 27 years and counting of banking experience helps too. You'd cringe at the stupid things I've seen people do online. It's an everyday thing in my workplace. No wonder our Information Security Officer is constantly bombarding us with reminders and new procedures.

[ZvenoMan]

Not sure how deleting your completed ad helps you, but of course it is a step.

Passwords are a great step. If you don't have a password manager app (or use one in your phone/browser) then I suggest looking into it.

Don't do stupid things, well speaking from experience, let me know how that's working out for you :-)

Happy Sunday Ronwall