Ways of protection, identify and catch the scammers
Index of course
1-) What’s scam?
2-) What are the most effective scam methods?
3-) How does a scammer think?
4-) Methods of protection from scammers
5-) The danger of social media tools including telegram, whatsapp, viber etc
6-) How do you know if someone is a scammer?
7-) What to do if you have been scammed by someone?
😎 What should be done to identify and catch the scammer?
9-) How to catch a scammer by contacting the police?
10-) Scheme of Scammers
11-) A true scam story
1-) What’s scam?
Scam is the general name for ways to steal people’s money. People who want to earn money in an easy way prefer this way. These people have no sense of morality. They believe that they can do anything according to their own desires. Because of the desires of these people, scammers have been pop up. And these scammers have started to think about how they can scamm people. Identifying people’s desires and weaknesses, scammers began to work accordingly.
2-) What are the most effective scam methods?
There are many different scam methods. The most commonly used among these are phishing and keylogger methods.
a-) The keylogger method: It is basically tracking everything you type on the keyboard through a trojan that scammers have infected your computer. Trojans can infect your computer in many different ways. Especially the files you download are infected. In this way, when you run the downloaded file, the trojan automatically runs and infects your computer. After that, everything you type on your keyboard without your knowledge is sent to the scammers. Scammers can use this information in many different ways. For example, scammers who collect personal information about you can send you a telegram message. And in this message, they present themselves as someone they are not. For example bank manager. And they tell you your personal information. As soon as you realize that these people have the information, you think they are really who they say they are. And after that, you’re completely at the mercy of scammers. And dont forget the scammers obtain your credit card information with keylogger method. Scammers who introduce themselves as a bank manager and make them trust themselves log into your bank account with your username and password. Then they ask you to tell them the sms confirmation code of their expenditure. But don’t worry, I will explain to you in article 4 that will help you get rid of such scam methods.
b-) Phishing Method: The biggest difference of this method from the keylogger method is that it does not appeal to individuals but to the general public.In other words, in this method, scammers generally target the entire group they are trying to defraud. And they scam anyone they can. In this method, as in the keylogger method, scammers try to present themselves as someone they are not. This method usually targets you to click on a link that comes via mail or telegram. Scammers who present themselves as someone they are not, thus steal your personel information. Let us explain this with a more detailed example. Scammers aim to present themselves as a bank. And for this purpose, they prepares an exact copy of the bank’s website.
And the design and domain address of this website they have prepared will be almost the same as the design and domain of the real bank.
As you can see, the domain address and bank design are quite similar. In this case, an uninformed person can easily mistake the fake for real. And then scammers send you the fake address via telegram or mail. In the message they send, they can talk about things that will attract you, such as a loan from the bank with a great advantage. And then you think it’s real and write your personal information on the form on the site of the scammers. After that, the system is almost exactly the same as the keylogger method. Scammers do whatever they want using their credit card information or your bank username and password.
3-) How does a scammer think?
As I said before, a scammer has no moral value. That’s why they wants to make money the easy way. For this purpose, it first detects people who have Money. Then, if they find a person with a lot of money, they uses the general-targeted Phishing method if it can’t find the keylogger method. Scammers using the phishing method also do this via telegram. For example, scammers who can take your trust in any subject will send you a link. And through this link, scammers collect your information. As in the screenshot below, scammers send a link to a person they have gained their trust. And through this link, they collect the relevant person’s information through a form.
Can you see how ridiculous the link is, as I explained to you earlier? Domain addresses that are not official extensions such as com net or ru should not be trusted. Since I will give detailed information about this, I have made this much explanation for this article for now. This is the basic thinking of a scammer.
4-) Methods of protection from scammers
The most basic method of protection from scammers is to be informed. Domain extensions should be noted. Scammers do not prefer extensions such as com net org. Because these domain extensions have already been taken by the places they imitate.
These domain extensions are frequently preferred by scammers. And that’s why you should not click on any link where you see this domain extension. Let’s say you clicked on such an extension without realizing it. In this case, you should be suspicious as soon as you see something different from the design of the bank or a different site they are imitating. And you should immediately check by going to the website of the real bank.
Another method of protection is antivirus programs. Some antivirus programs, such as Kaspersky, give you control change of scammers websites through their own browsers. Especially Kaspersky antivirus program easily detects scammers. And as soon as it detects a scammer, it immediately alerts you. And it tells you that it is not safe to enter that site. It also recommends using their own browser on every site that pays by credit card. If you use the Kaspersky browser, even if your computer is infected with a keylogger, then they cannot steal your credit card information.
And as I mentioned above, if you are using the kaspersky browser, kaspersky automatically checks for scammers websites. And when it sees a danger, it warns you as you can see in the photo below.
What about on your cell phone?. Actually it’s exactly the same as computer. First of all, as I mentioned above, you should be very careful with non-com net org domain extensions and changes in website design. These are the most basic protections in identifying the website as a scammer, and they certainly apply to mobile as well. After paying attention to these, it is very important to have kaspersky antivirus installed on your mobile phone as well as on the computer. Kaspersky already sells licenses so that you can use it on 2 or 3 devices at the same time. In this case, you can easily protect your mobile phone with the same license.
In addition, it is very important to use a VPN, especially to protect your mobile phone. If you ask what a VPN is, in short, it means that you go to the internet not through your own IP address, but through another secure IP address that you connect to. In this way, you connect to the Internet via a secure IP address. And that gives you protection. Because scammers cannot track your IP address. They may not even know what country you are in. When using VPN, you can use the IP address of the country you want. This ensures that you cannot be tracked by anyone. Here is the Kaspersky VPN service that we can recommend to you. In addition to being safe and fast, it will also offer you a 30-day trial period for trial purposes.
5-) The danger of social media tools including telegram, whatsapp, viber etc
Social applications such as Facebook, Instagram, Telegram, WhatsApp, viber etc. are one of the most common methods used by scammers. First, they capture the passwords of these accounts or send viruses to account owners. After that, they send a scam message to anyone who is on that account’s list. Because scammers know that people on this account’s list are likely to trust it. After all, you are likely to open a link from your friend without paying attention, right?
Therefore, no matter how close your friends are, you should be very careful with the links in the incoming messages. Because the message may not be from your friend, but from a person who has taken over your friend’s account or infected with a virus. So, what should you pay attention to before opening these messages? You can find the information you need to pay attention to under this heading >> Methods of protection from scammers
And there is another social media scam method that is widely used in the world. In this method, scammers especially target mothers and fathers with babies. They follow their personal social media accounts. And they collect photos and personal information that families share about their babies. After collecting the necessary information, the scammers use this information to open social media accounts.
Scammers who open their social media account and share using the necessary information, then send these shares to the friends of the baby’s parents. In these posts they use lies like their babies are very sick and they need money. Their close friends, who know this family, fall for this scam and send money via the link sent by the scammers. This scam method should also be very careful.
6-) How do you know if someone is a scammer?
First of all, even if the other party is your close friend, you should examine their behavior thoroughly. People who display hasty, enthusiastic behavior are dangerous. Especially if you sense something like this in the message from your close friend, you should be very careful. Afterwards, you should pay attention to the techniques in the Methods of protection from scammers title that I mentioned earlier. If you see even one of these things I mentioned, that person is definitely a scammer. You should block it immediately and try to reach the real owner of that account. If you do not do this, someone else who is not as careful as you may be scammed by these scammers. It can even cause trouble for your friend who owns the account. Because the friends of that account may think that the message came from the real owner of the account.
7-) What to do if you have been scammed by someone?
First of all, you should not forget the possibility that scammers can access your infected computer or phone at any time. First you have to call the bank and tell them to freeze your accounts. With this, even if the scammers want to do something with your bank account, they cannot do anything else. And then you should not take any personal action from the related device and disconnect the related device from the internet. Then you should record the necessary evidence to catch the scammers, as I will tell you in the next topic. You can do this through the police, or sometimes you have to do it yourself. Because sometimes the police can be very indifferent. In fact, they may not even have any information or resources. By registering, you should especially take screenshots of the messages you receive. Because, as I just mentioned, these records will be very useful for both the police and the scammer finders you will do. Afterwards, you should transfer the records to another computer that you are sure is clean. While doing this, you can use the cables you use while charging your phones, such as a usb cable or lightning cable. You must connect the infected device to the clean computer via these cables. Then you should copy the necessary screenshots from your device to the computer. You have taken all the records you have received so far for yourself. I’ll explain how to find the scammers with this evidence in the next topic. However, if you have contacted the police other than that, you should continue to wait. Because the police will demand the relevant device from you and want to collect the evidence. After all the police work is done and you get your infected device back, you should format it. For this, if you are using an iPhone, you should use the settings / general / reset all content and settings option. But if you are using an iPhone, sometimes such a reset may be insufficient. There is a software called itunes produced by Apple company. With this software installed on the computer, you can do hard format to your iPhone. I can explain how to do this, but it is a detailed process that requires some technical knowledge. Therefore, it would be in your best interest to have it done by someone who knows how to use itunes software. If you do this, you can be sure that there is no virus left on your phone. If you are using an android device, you should use the settings / reset / factory reset option. After this stage, scammers will not have any access to your phone. From the next step, I will explain all the detailed techniques you can use to catch the scammers yourself.
😎 What should be done to identify and catch the scammer?
First of all, you should legally contact the police resources. The police will take all the necessary evidence from you. However, as I mentioned before, sometimes the police can be quite inadequate in these matters. In such cases, I will now explain everything necessary for you to take care of yourself. First of all, I will talk about website links, which is one of the frequently used scam methods. By adapting the techniques I have described here, you can identify the scammers and catch them. For example, let’s say you click on a link that comes to you through telegram or other social media applications and you are scammed.
We get the address of the sent website from here. https://inpost-hms.id-5936.com
The part that is seen on this address and that says inpost-hms is not important. Because this is a subdomain address. The main domain we need is id-5936.com. What you need to do to find the main domain is quite simple.
You need to get the part before com net org or other domain extensions and not take that range if it doesn’t start with www.
We have to take this part.
And now we will start to investigate the id-5936.com domain address in detail. First, we need to collect all the information about this domain and the hosting provider it serves. We will use https://whois.domaintools.com for this. After entering this address, we start the search by typing the domain address that the scammers sent us.
First of all, I would like to say that it is important to be quick in such scam matters. Because scammers will delete these domain addresses immediately to avoid being caught. The places I marked with numbers are the parts that are important to us and that we will use to catch the scammers. As you can see from part 1, this domain address was registered by the scammers on the same day. The screenshot we have shown you as an example above was sent on 05.09.2021. And in the section you can see in part 2, DNS addresses are the DNS addresses that serve the scammers website.
And as you can see, 9 different websites serve over this DNS address. And all of these 9 websites belong to scammers. And now we come to the part that will help us the most in identifying the scammers. The information and IP address of the hosting company used by the scammers’ website are as you can see in the photo.
We detect that the scammers receive services through the Red Bytes LLC company located in St. Petersburg. And their main service provider is HOSTWAY-AS, a hosting company in Russia. First of all, we are researching this firm called Red Bytes LLC in St. Petersburg.
As you can see on the relevant page, here we access the information of the company that belongs to the scammers named Red Bytes LLC. We found things such as the tax number of the company, the date and how much money the company was founded, the address information of the company, the information of the owner of the company. You must first give this information to the police. The police will take legal action and catch the scammers. After all, we have provided all the necessary information. What more can we do? Right? However, if you say I can’t leave my job to the police, I have to investigate myself, you can go after the fraudsters with this information. Apart from these, you can contact them by entering the website of the service provider HOSTWAY. You can ask them for help by sending them a message and providing these screenshots and information.
And now we move on to another topic that will help in detecting and catching scammers. After detecting the IP address of the scammers website, we need to examine the websites that use this IP address. In order to do this research, we first enter this address. https://reverseip.domaintools.com/search/
Then we search the ip address of the scammers website through this address.
And if you couldn’t reach a result with the information I explained before, you can try again using the sites you reached here.
9-) How to catch a scammer by contacting the police?
First of all, you should not forget the fact that the police may not have enough information and opportunities. That’s why you should do the research for them and give the evidence you find to the police. You can deliver all the documents to the police after you find the scammers using the information I have explained above. That way the cops can take care of the legal side of things.
10-) Scheme of Scammers
- card numbers
- car accidents
- lost documents
11-) A true scam story
In this title, I will tell you the story of a scam that very popular these days in Poland. The user seen in the message wants to sell sheets.
And these people, who are originally Russian but are also scamming in Poland, reach out to her. They ask the price of the sheets and if they can send with cargo or not. The person who wants to sell their sheets says they she send it.
And scammers send her this link telling her to fill in her information and they will check it. And the poor woman, who does not understand that she has fallen into the scammers’ network, clicks on the link of the scammers and sends her information.
And as I told you before, scammers are hasty. They want to finish their work as soon as possible and get lost. And as you can see in this photo, the scammers are hastily continuing to defraud the poor woman. The scammers, who call the poor woman to send her information, are trying to finish the job by calling the poor woman on the phone.
And the scammers manage to scam the poor woman. And after that, they are starting to show their real faces. And the poor woman realizes that the scammers are not actually from Poland but are Russian. As you can see, the scammers know that they have nothing to hide anymore because they have already finished their work.
And the poor woman, who does not know what to do, immediately writes a petition to the bank and says that she was scammed. The woman who thinks that the bank will solve this problem doesn’t even realize how big of a scam it actually is. Because the scammers not only emptied the poor woman’s bank account, but also took out a loan.
The poor woman who wrote her petition submits her complaint to the bank.
The poor woman, who can’t get a positive result from the bank, goes to the police. But the Polish police say they don’t have enough experienced staff and resources for this scam.
While the poor woman is wasting time with these, the scammers have already disappeared by deleting the website. If the poor woman had the information described here, she probably wouldn’t have been scammed. Even if she got scammed, she would still have a chance to catch the scammers. That is why it is very important to have the necessary technical knowledge and to act quickly about this scam.