Phony Online Buyer Scam

Modified on Fri, 21 Jun at 10:00 AM

Scammers pose as “buyers” and approach victims via in-app messages on Carousell or Facebook, expressing interest in the listed items. After agreeing to the sale, the victims receive a malicious URL link or QR code through email, in-app messaging, or WhatsApp, under the pretext of receiving payment or paying for courier services. When victims click on the links or scan the QR codes, they are redirected to a spoofed website where they are prompted to provide their internet banking login credentials, credit card details, and/or One-Time Password (OTP). Victims realize they have been scammed only after discovering unauthorized transactions from their bank accounts or cards. 


Sample of scam attempts:

 

A screenshot of a phone 
Description automatically generated
 

On another circumstances, buyer deceives the seller into believing that payment for goods has been successfully completed by issuing a cheque. The seller, not realizing the payment is via cheque and still pending clearance, releases the item to the buyer. However, the cheque later bounces due to insufficient funds or other issues. 


Things to keep in mind: 

  • Verify Links and QR Codes: Be extremely cautious with any links or QR codes sent by buyers. Avoid clicking on any links or scanning QR codes that you receive from someone you do not know or trust. 
  • Stay Within the Platform: Conduct all transactions and communications within the platform’s secure messaging system. Avoid moving to external channels like WhatsApp or email where phishing attempts are more common. 
  • Use Secure Payment Methods: Opt for secure payment methods that are integrated into the platform itself that reduce the need for external links or QR codes. 
  • Check Website URLs: If you do click on a link, double-check the URL to ensure it is legitimate. Look for slight misspellings or unusual domain names that indicate a spoofed site. 
  • Educate Yourself and Others: Stay informed about the latest phishing tactics and share this knowledge with others in your network. Awareness is a key defense against phishing scams. 
  • Report Suspicious Activity: If you encounter a suspicious buyer or phishing attempt, report it to the platform immediately. This helps protect the community and enables the platform to take action against scammers. 


To report this issue, please get in touch with us here.


Rest assured that CelcomDigi is actively taking measures to ensure our customers do not fall prey to such scams.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article