WTB Parts find email scam.

JZ67

JZ67

Well-known member
Site Supporter
Forum Sponsor
So I posted a link on a BMW forum looking for parts. I got a PM from a member with only a few posts but the posts seemed to be specific and BMW related so I didn't think anything of it.

The PM was to an email address to a friend that had what I was looking for. I sent an email and received a response including a photo (.png file) of the part I was looking for. After a few normal texts I agreed to buy and sent funds through Western Union.

A couple of days later, I get an email from the seller saying that my Western Union account was frozen and they couldn't get funds. I called WU and they said the seller's name - SHASTA OSBEY - was flagged and could not receive the funds. They cancelled the wire and are refunding the money. I asked what this meant and all they could tell me is that the named person could not receive funds.

I let the seller know that the issue was on their end and asked why they think this would be. A few BS excuses and the request to send bitcoin instead. Now in those normal messages, I was led to believe I am dealing with a person well into retirement age and didn't know what e-transfer was...now I get email with "LOL" and "bitcoin"?

I decided to google images of the parts I am looking for and I find the exact image the seller sent me. The image was on the beemerboneyard site. Ok, so they liberated an image to sell something...I have done the same when it was too much trouble to take my own photo. So I asked them to send another photo of the parts on a copy of their local paper. I get a response that I am being funny.

So far, I am not at any loss. Seems like a lot of effort to troll WTB posts on a motorcycle forum to try to make $150. Then the tinfoil hat goes on. Was something encrypted in the .png file? Is that even a thing? Did I click on the file, I don't remember as it automatically appears in the email message and I can see the parts. Assuming I am not totally crazy, what is the risk?

9Z8M2YK.jpg
 
Last edited:
JZ67 said:
So I posted a link on a BMW forum looking for parts. I got a PM from a member with only a few posts but the posts seemed to be specific and BMW related so I didn't think anything of it.

The PM was to an email address to a friend that had what I was looking for. I sent an email and received a response including a photo (.png file) of the part I was looking for. After a few normal texts I agreed to buy and sent funds through Western Union.

A couple of days later, I get an email from the seller saying that my Western Union account was frozen and they couldn't get funds. I called WU and they said the seller's name was flagged and could not receive the funds. They cancelled the wire and are refunding the money. I asked what this meant and all they could tell me is that the named person could not receive funds.

I let the seller know that the issue was on their end and asked why they think this would be. A few BS excuses and the request to send bitcoin instead. Now in those normal messages, I was led to believe I am dealing with a person well into retirement age and didn't know what e-transfer was...now I get email with "LOL" and "bitcoin"?

I decided to google images of the parts I am looking for and I find the exact image the seller sent me. The image was on the beemerboneyard site. Ok, so they liberated an image to sell something...I have done the same when it was too much trouble to take my own photo. So I asked them to send another photo of the parts on a copy of their local paper. I get a response that I am being funny.

So far, I am not at any loss. Seems like a lot of effort to troll WTB posts on a motorcycle forum to try to make $150. Then the tin hat goes on. Was something encrypted in the .png file? Is that even a thing? Did I click on the file, I don't remember as it automatically appears in the email message and I can see the parts. Assuming I am not totally crazy, what is the risk?

9Z8M2YK.jpg
Click to expand...

I’d move on. If your spidy senses are tingling then there’s probably a reason. Using a Google image is a red flag if that image is also from another private seller rather than a store. I wouldn’t send bitcoin to anyone especially if a western union place has already flagged them.
 
jc100 said:
I’d move on. If your spidy senses are tingling then there’s probably a reason. Using a Google image is a red flag if that image is also from another private seller rather than a store. I wouldn’t send bitcoin to anyone especially if a western union place has already flagged them.
Click to expand...
I am not proceeding with this unless they drive from 'Spring, Texas' and put the parts in my grubby hands personally. My concern is if there is any risk through the email correspondence. Aside from the photo, it was all text. No links.
 
As an outsider on this deal, the mere combined presence of "scam?", "Western Union", and "bitcoin" would be fatal to me.

A PNG with a malicious payload is not theoretically impossible, but it would have to be targeting a specific implementation of the format e.g. software built on specific versions of libpng, a specific web browser, a specific phone, etc. I would consider it very unlikely - we load many potentially "hostile" PNGs many times a day on our devices, and software is built and scrutinized with this in mind.

In the recent past you would be at more of a risk of having received something that is masquerading as a PNG but is actually something else - but again, in most modern contexts, especially email clients, this would be flagged as highly suspicious if it even made it to you at all.

I don't have a good answer for the question of why they are executing this scam on the premise of selling some old BMW footpegs, but perhaps they just have something scraping forums for wanted ads and then they see if they can catch anything?
 
TwistedKestrel said:
As an outsider on this deal, the mere combined presence of "scam?", "Western Union", and "bitcoin" would be fatal to me.

A PNG with a malicious payload is not theoretically impossible, but it would have to be targeting a specific implementation of the format e.g. software built on specific versions of libpng, a specific web browser, a specific phone, etc. I would consider it very unlikely - we load many potentially "hostile" PNGs many times a day on our devices, and software is built and scrutinized with this in mind.

In the recent past you would be at more of a risk of having received something that is masquerading as a PNG but is actually something else - but again, in most modern contexts, especially email clients, this would be flagged as highly suspicious if it even made it to you at all.

I don't have a good answer for the question of why they are executing this scam on the premise of selling some old BMW footpegs, but perhaps they just have something scraping forums for wanted ads and then they see if they can catch anything?
Click to expand...
Thanks for that. It is reassuring that it is unlikely any real problem.

In this case though, Western Union may have been the one thing that saved the aggravation in the long run.
 
JZ67 said:
Thanks for that. It is reassuring that it is unlikely any real problem.

In this case though, Western Union may have been the one thing that saved the aggravation in the long run.
Click to expand...

I’ve always avoided WU as they are the scammers favourite but it’s good to know they have security safeguards in place sometimes.
 
jc100 said:
I’ve always avoided WU as they are the scammers favourite but it’s good to know they have security safeguards in place sometimes.
Click to expand...
First time using them and it was actually my suggestion. They gave me their banking information the make a wire transfer, not sure a scammer would do that. I just thought WU was easier. I think I was being full on tinfoil hat in retrospect.

Let's see if the seller sends me that photo I asked for.
 
I dont often have issues buying odd stuff through the net, but when I have run up against slight resistance, I move on. A motivated seller will be working with you and be up front .


Sent from my iPhone using GTAMotorcycle.com
 
I received the refund from Western Union today. Someone was looking out for me. I am embarrassed to admit that I let my guard down. I am usually very diligent but this time I just didn't do the homework. Even a little google searching would have stopped this at the beginning. I have edited the original post to add the scammers name so there will be more hits when and if googled by others.
Forum Sponsor
 
You must log in or register to reply here.

Back
Top Bottom