Identity Verification Scams

Good morning members! Welcome back to Fraud Fridays! Today, we will be covering Identity Verification Scams (sometimes referred to as Age and Date Verification Scams)! A small content warning, Identity Verification Scams are another type of online dating/sex scams. I would also like to add that this is a very convoluted and complex scam. I will link a video explanation at the bottom of this post, so I would urge everyone to check that out. As a bonus, the next four paragraphs are serving as my TL;DR (Too Long; Didn't Read) which hopefully puts into account exactly how complex this scam is.

Romance scams certainly have a way of pulling on our heartstrings. They are one of the most prolific scams and anyone in marketing can tell you why. Simply put, sex sells. Of these many sex scams, I believe that the identity verification scam is of the most pervasive. This scam is attempted thousands of times per day with an unknown number, likely hundreds, caught by it daily. So that's all unwell and scary, but what's the scam?

Well, dear reader, that is what I'm here for. While searching through "personal websites," or on common dating websites, you receive a message from a user. They ask you to verify your identity for their safety. Often stating that they don't want to be catfished, or otherwise tricked (ironic). They then send you a link to a “date verification” website. This website, along with the user have clearly stated that there is no charge for the service. Okay, seems relatively trustworthy.

Behind the screen: The website has a purposefully hidden or hard to find bug (feature) that signs the victim up for a rotating set of dating and/or pornography sites. The victim is generally not aware of the charges until the $40 to $170 per month charges appear on their next statement. (This is why you should sign up for our virtual services if you haven't already. Monitor your accounts in real-time!!)

The scenario above is, unfortunately, a very common dating/hookup scam. It is very important to note that these scams are all over online dating sites and applications. You could have been on Plenty of Fish, Tinder, Baddoo, KiK, or wherever. Even apps like Snapchat and Facebook are known to be popular hunting grounds for these scammers. Truly, even the most reputable dating sites have scammers lurking there.

So, let's jump back to the beginning and explain the happenings.

You find a person that interests you and send them an email, text, or other instant message. In response, your "date" provides you the best way to contact them. Most commonly, this is an email address. This will force a venue change. Making you contact them off the platform you contacted them through initially.

Why would they bother? That's simple, to put you into an email correspondence with a robotic (Bot) script. It is true that occasionally, the person on the other line isn't a bot, but who and where they claim to be is generally far from the truth. Usually though, there is not a person on the other side. It is a simulated conversation. If you pay close enough attention, it is always a little off. The bot won’t quite answer questions or, at times, takes the conversation in a different direction.

The bot will create artificial banter to express interest. After a few emails that include suggestive pictures, your date gives you a link to a website with “their” profile. The suggestive pictures are often taken from the internet, or sometimes obtained through a different scam.

***Don't click the link they sent you.***

***Again, do not click the link they sent you. ***

If you clicked the link they sent you, here's what you would see. The website landing page shows fake information about a woman, whom it claims you can meet only after verification. Alongside this, you will see the mention of this being a "free" service. This, and hormones, are what this scam largely relies on. The, in your face, repetition of "It's free" makes the site feel safer. The site will also often include some sort of sob story. "I met a murderer on tinder," type of stuff. It may be more generic but always with the implication, "I've had a bad experience."

Below that, a page full of information such as:

"BECOME A PART OF OUR HOOK-UP COMMUNITY.

REQUIREMENTS FOR DATER'S SAFETY PASS: FULL NAME, FORMAL PHOTO (SELFIE), AND DATE OF BIRTH."

After sending your verification, you will receive an email or pop up. This will state something along the lines of "Thank you (Your Name) for your cooperation and giving your information to us. Kindly wait for instruction where to pay."

Email #2 will arrive shortly after.

Saying something like "Here is information to send payment on our behalf."

They will list your information, and a payment method. Finishing off with "THANK YOU FOR TRUSTING US, HAVE A SAFE DATING!" Following through with the payment would bring you to a web page to put in your card information. This is generally claimed to be "further authentication" or something of the sort.

Who caught those red flags? We've hit at least four! The three common tells, requesting personal information, too good to be true, and information mismatch are the common tells displayed above. Along with this, how many times have you heard "kindly do xyz" in a scenario that isn't a scam? That's the fourth tell.

So, that's what you see. Let's go behind the screen again, and cover that in detail. Through a web program like iFrame, you have entered your credit card information on a different website without you ever knowing. In "fine print" this dummy website will say something like, "Your access to Dates.Hookup includes a 2-day free trial promo to Go Find Dates. If you choose to remain a member of Go Find Dates beyond the trial period, your membership will renew at thirty-nine dollars and ninety-nine cents."

The way that the scam site uses the iFrame command, you cannot see the fine print, you have no ability to see it – unless you go to the source code and click on the iFrame link. This is something that the average consumer could not know how to do. I don’t want to get too technical, so for further information, please view the video linked below. For a minor explanation of the coding though, the “width” and “height” (number of screen pixels) shows only a part of the target page. Another line of code, “scrolling=no” prevents you from scrolling to the part of the page that you cannot see. This allows the scammer to put the above disclaimer on the very bottom of the page and make it impossible for a regular user to ever see the message.

So, that's all questionable at best. How does this begin stealing your funds?

In this, we come to focus on a specific line of coding on the website linked in the emails. SRC (System Reference Code) is the line of code preceding the scroll lock. This determines the website that you are actually inputting your personal information on. Effectively, the site you were sent to is strictly set up to send information to a legitimate dating service and automatically sign you up for recurring charges.

Why would the scammer set this up? Simply put, money. What they've sent you to is known as a "click generator" and is how you get from "free verification" scam site to the dating website. Often, the dummy site has a pay per click or per action aggregator - a click generator that sends you thru other sites that select the dating sites where your information is actually going. These dating sites will rotate. The click generator connects to a different dating site each time someone uses the date verification site.

Eventually, the click generator will land on a branded (or private label) dating site. That site will usually target a specific demographic or theme (e.g., farmer'smeet-n-date or trueloveneverdies).

This landing site is a facade for a White Label Dating Service Company. The way it works is that the White Label company is a service business that empowers brands, marketers, and affiliates to run their own online dating sites. White Label Dating companies provide the dating software, payment processing, customer support, and much more. The white label company collects the payment from new members as they sign up to the website. They take their service charge off the top and pass the remainder to the branded site owner (i.e., the scammer).

Each of these Branded Dating companies, will have two sites. The click generator directs you to the billing site sign-up page. This site has a seemingly gibberish name, for example, Stgved-dotcom is the sign-up and billing website for Strong Love Never Dies; frmrsmt-dotcom is FarmersMeetandDate. When it appears on your credit card bill, it will use the billing site, followed by a toll-free number. These gibberish-named sites serve as both the billing, as well as the customer service web page, where you can cancel the subscription.

The worst part, there are a lot of these sites. An investigation done by Ronin Eternales (Banking professional), whose videos will be linked below, found more than 500 branded dating sites. The click generators used can also route you down a pornography path that brings you to a branded pornography page rather than a dating site. Ronin cited more than 900 of these branded pornography websites. The billing sites are fairly innocuous, with URLs such as: billkrew-dotcom or createpmt-dotcom. The corresponding pornography sites are of course explicit, so I will leave that to your imagination.

The branded billing site with the gibberish name is a webpage targeted towards handling the disputes of the charges. Based on what we see in these sites, it is clear that they know people are being charged without their knowledge. They will discourage you from disputing with your bank, rather convincing you that they will help you themselves. This is largely for two reasons. 1) To convince you that you are responsible for the charge. 2) Avoid having their merchant account suspended.

So, then what happened? A few things will follow from here. If you sign up for the site, you will not meet the girl. There was never a girl. Instead of the meeting, you receive several sign-up emails for a variety of similar services. Generally, this is a series of hookup sites that are running the same con. Then, the scammer will sell your email and personal information to other scammers who will proceed to target you further.

Sometimes, the scammer will send an email with a credit card number and CVV (Card Verification Value). I don't know exactly what happens when you try to use it, but we have a general idea. Using a credit card that you are not an authorized user of is a felony offense. That means that the usage of this card will absolutely open you up to blackmail.

What if you signed up for farmer's meet and date? You will begin seeing a monthly subscription charge. This price could be anywhere from $40 to $170 per month. Often, "bonus offers" are hidden with other charges. They follow the same pattern of a free trial period, followed by an expensive monthly subscription.

Some of these sites will have you check your email, stating that they've sent a breakdown of the charges to your email. These emails generally never arrive, but even when they do there are several issues. Any email from these sites is likely to end up in the spam folder.

The customer, unaware there would be charges, might not even open the email -or- might see it as spam and just delete it.

There is no confirmation of the email in the sign-up. A typo would prevent the email going to the right person.

Now, let's talk a little bit about the charge on the credit card. Before I dive in, a general reminder, it is important for you, as a consumer, to monitor your accounts. We at SD3FCU offer Virtual Banking via our website along with the apps touch banking, Card Valet, and SecurLOCK plus for these purposes. If you need assistance in setting these up, contact our institution via Facebook messages, email staff@sd3fcu.org, or call (719) 392-8439 during business hours.

Now, with that reminder out of the way, back to the credit card charges. The average unsuspecting customer opens their credit card statement and sees a $39.99 charge from a strange website. The charge, at this point, could be 30+ days old and is unfamiliar to them. They may not be able to go back in their browser to see where it might have originated – the Date Verification site would be recorded but if the customer doesn’t keep more than 30 days of history, it's gone, leaving the customer befuddled. The gibberish site will not appear in their history at all until they visit it, and officially, your computer never landed on the site. That's that fun little bit of coding we discussed. It fed the gibberish site information so that the site's name never shows in your history.

So, who runs these sites? They are generally operated from outside the US. Up until 2019-2020, we saw many of these sites running out of Bangladesh. More and more, we now see these sites operating anonymously. Though there are ways to track down names and locations, that is best left to counter-fraud professionals.

Why/How do they succeed? Firstly, it’s in how they are displayed online. If you search up Match.com on google, you will find them at the top of the page likely with “Ad” written underneath. They do this by putting program code on their website that helps the search engine understand what it is seeing and provide the most valuable results to the user. Match.com also specifically pays google to put their name up top. On the other hand, websites like hotfarmers4u go out of their way to not be found via google searches and the likes. Again, I will avoid getting too technical, but effectively, the bot website asks Google to not be show in search results.

The other reason they are so successful is simply because these websites are built to deceive. From the iFrame coding in the webpage you type your information into, the hidden websites that they are sending your information, to even the adamant claims that you will not be charged. It is all built to look trustworthy enough to drag you in. That’s just the start. They will use several different tactics to gain your trust. Ip spoofing is a common tactic. For spoofing, check out our Spoofing Master Post on 11/25/2022. They will disguise hyperlinks for terms and conditions in small print. On most sites, you cannot see this link. When you can, it is very small. Sometimes they take overt actions so it doesn’t look like something you can click on. A hyperlink appears in blue text by default, but these sites will override that and make it blend into the surrounding text. Even checkboxes will be disguised. These sites sometimes have a checkbox that is pre-checked for you to sign up for their premium service that does not look like a checkbox. That checkbox for the “premium” service is the justification the site uses to sign you up for the trial period offer and charge your credit card. Additionally, they will often spell out the cost of the charge to make it less recognizable. Spelling out thirty-nine dollars and ninety-nine cents, blends in and you don’t notice it. Numbers, like $39.99 are easy to see in a paragraph of text. Again, on most sites, you cannot even see this part of the page.

The worst part is how widespread these scams are. Each of the sites individually, only have a small amount of traffic. Luckily, Ronin Eternales had diligently assembled the website traffic of many known billing sites. Through this, we now know that these sites can receive more than 55,000 clicks per day. These clicks can be broadly categorized in two kinds of traffic: people being directed to sign up and victims investigating the strange charge on their credit card statement. Though we can’t figure out an exact number of people falling victim to this scam from this information, we can make a rough estimate based off data from other websites. This would put our estimate at more than 100 a day. Now, that may not seem like much, given the figures I quoted earlier. This is, however, the lowest estimate for how many people fall for this each day. The real number can be much larger, though with a lot of confidential information around this subject, it is difficult to get a definite number.

Why can't we get ahead of this? There's quite a bit of legal whack a mole going on with these scams. They are easy to replicate. All you must do is copy and paste the website to remake it. Alter a few words in the URL, and that's enough. They can make more of these sites, faster than we can take them down.

So, what does any of this jargon mean? Simply put, there is no spoon. There is no age or date verification. The “woman” is a bot with a stolen picture. Using a program like Tineye or Google’s reverse image search, will often pull up several sources with the same exact photo. The site that purports itself as a date verification service, is nothing more than a shell of a web page that redirects you to a Branded Dating or Branded Pornography site. The dating websites do not state that they perform a background check. In some cases, if you dig deep enough you find that the sites have specific terms that state that they do not check the backgrounds of their members.

If you have been a victim of this scam, you are not alone. Fraud analysts agree that there are thousands to tens of thousands in the same situation. So first, let's summarize what happened.

Someone you met online pretended to be interested in you.

Most of the conversation was probably with a bot.

The website states repeatedly that it is a free service.

There is no verification.

The Date Verification scam website sent you to a different website without you knowing it.

The website hides the credit card charge from you. Some unknown entity has your credit card and personal information.

A reasonable finding of facts would conclude this is fraud.

What to do now? Tips here are provided by Ronin Eternales.

1.) Call your financial institution. Cancel the credit card.

2.) Ask your financial institution if you are in the card updater service and tell them you want to opt out.

3.) If you have a credit card bill, go to the site on your bill, cancel the service, and tell then you want your money refunded.

4.) If the site will not refund your money, call your financial institution, and tell them you want to dispute the charges.

5.) Finally, sign up for an Identity Theft Protection service

Well, ladies and gentlemen, this was again a long one. I hope that I was able to put all this jargon into human words, but alas, I cannot be the judge of that. If you stuck around to read this all, thank you very much.

Come back next week for another dose of Fraud Fridays! Keep yourselves and your accounts safe!

Previous
Previous

Influencer Scams

Next
Next

Drop shipping