Here is a scam that is showing up in creatives’ inboxes such as video makers, graphic artists, and website developers.
Unlike the obvious scamy letters from the spouses of dead Nigerian princes, it is more insidious because it mimics normal business practices and is designed to build trust that is then manipulated.
This scam requires you to think.
At best it requires spending time thinking before engaging, and at worse, you will be out several thousand dollars.
For me, it started with an email that arrived in my inbox. It had a familiar ring to it.
A potential new client requested a quote on some short promotional videos. It was detailed with the type of information you would expect. It referenced other videos of a similar style, deadlines, and some background information.
Followed normal business practices
They requested a quote, and the winning quote would get the business. Once that was settled, their production manger would send us the graphic material required for the video.
As a rule, we do not take on a job unless we can talk to the new client, not because of scams but because it is good business practice. An opening meeting helps properly define the project.
We sent out an email requesting a meeting.
In the meantime, I did research because I felt uneasy about it. I checked their name and business. Both had a web presence. The email came from a generic Gmail account, not a business domain, but it is not unusual for people to use Gmail accounts for business.
Not an obvious scam
I double checked their IP address. Our online form records the sender’s IP address and it appeared to come from a city not far from here.
Their English grammar was spotty but not horrific. However many new Canadians who start businesses do not necessarily have English as their first language, and even emails from native English speakers are sometimes a challenge to read. It was not a real red flag.
We exchanged several emails, and they’d reply with more details and more questions, but they kept avoiding the subject of a meeting.
There was no clear red flag, I just had a hunch. Furthermore, I could not really see what the scam was, if it was a scam at all.
So, I did a bit more research.
The first red flag
I checked the email address against a blacklist of emails flagged as spam. It was the first time that a true red flag appeared. It was associated with a spammer in Eastern Europe so I was surprised that they were able to mask the IP address collected on our online forms.
After that, I cut and pasted a section of their email – a few choice lines – and placed them directly into Google. Google only produced three exact matches, but each hit was about someone who had been scammed, not video producers but website developers and providers of photographic services. It was a good enough red flag to end any further discussions.
But what was the scam?
How would they make money from it?
Doing some extra research, I discovered it is called a “Third Party scam.”
At some point, the target of the scam, the creative, would invoice the prospective client, the scammer.
The scammer would then pay that invoice but overpay it. For example, if you invoiced for $4,000, they would send you $8,000 by credit card. Then they would make a request that you use the extra money to pay a contractor who would not release the logos etc. until they were paid.
And this is the heart of the scam.
The first payment of $8,000 would be from a stolen card. Once the credit card company catches it, it would be reversed. But once you send the third-party contractor the money to pay for the logo etc., it’s considered a third-party payment and is not easily reversible, especially if it went through a different card.
Therefore, the stolen card payment is reversed but you are left holding the bag for the money you sent to the Third Party who is just the scammer under a different name.
They were willing to invest time to work the scam.
What was so insidious about this, was the amount of time they were willing to work the scam before they got to the heart of it. It was all built on normal business practice and trying to build trust in a business relationship.
So here are my thoughts.
- It does not have to be too good to be true to be a scam.
- You do need solid business practices that that will throw up red flags for you to check.
- Never pay third party contractors unless you have contracted them yourself. Tell the client they need to pay their contractor directly and just reverse the charges back to the original cards.
I am sure there are other practices and I would love to hear about them.