eBay Fraud

Keep up the good fight. This kind of fraud is much worse than it looks, because it undermines the trust necessary to a functioning profitable market which gives us(the consumer) unprecedented choices at fair prices. We can do our part to combat these scum bags by making the question, "Is it too good to be true?" into a kind of mantra. This helps when the greed monster pops up and whispers into our ears, "There IS a free lunch. Maybe we can't clean up the world, but I think it's possible to improve our (woodworking) community.

Unfortunately, this behavior is not limited to ebay. Last year I was the unwitting buyer of a knife sharpener on Amazon's Marketplace at a great price, only to be confronted 2 mos later by the legitimate vendor who shipped it to me but who never got paid. The true vendor had been supplied with a bogus card by the scamming Amazon marketplace partner. It took quite an effort to get Amazon customer service to take this story seriously and take corrective action.

It isn't just with eBay, either. I recently had a new debit card a few weeks, the old one expired, but I monitor my debit account activity on my bank's online banking website. My bank is local, too, which also helps. So I saw a charge for sports clothing and sports equipment from some store I never heard of. I went to my bank to declare the charge a fraudulent purchase. My card was instantly canceled, got a new card right at the bank. The bank gave me the phone number for the merchant, turns out it was on the other side of the country in Portland, Oregon... I live in Massachusetts. I told them what happened, that my bank was reimbursing me, and that I definitely did not make any purchase and in fact never heard of the store before. They had already efficiently shipped the merchandise. I asked who the shipper was... UPS. I explained how to contact UPS and suspend shipment if not already delivered and to request merchandise return to their store. Frankly the first reaction I got from the store customer service rep was that it was a done sale, goods shipped paid for, and basically my problem. I politely but firmly insisted it would be their problem soon so they better be interested in following my directions for their own good. This is what finally happened. I was immediately reimbursed by my bank for the full amount, the store succeeded in halting delivery. UPS charged the store $6.50 to halt the deivery and return it to the store. The store charged me $6.50 which they deducted from the purchase amount and they reversed the charge, returning the money they had received to me, crediting my now canceled debit card. My bank reduced their provisional reimbursement credit to me down to $6.50 so that in the end I was fully reimbursed with returned money from store and the bank covered their rather rude charge of $6.50 of sticking me with the cost of UPS to cancel and return the order to the store. If you followed this you can see that even this store did not behave well. Money drives the world regardless of which side of the law the players are. This makes me appreciate even more when I find a person or business that actually has scruples, ethics, sincerity, honesty and a firm sense and conviction to always do the right and fare thing. I have found over the years of my experience with TFWW to be in this "good guys and gals" category.
Steven W.

Don't forget that if the actual retailers have to pay they will have to raise their prices to cover the loss. The credit card companies will do the same. We call this fraud or scams but it's just another kind of theft ultimately spread out over all of us in the market whether buyers or sellers.

Information security researcher and writer Bruce Schneier wrote a great article some years back related to this topic, which I'll summarize as "Make the banks liable for all fraud, period. They're the only ones in a position to fix the problem, and if they hold all liability, they'll do so post-haste." This would include both short-term fixes to fraud detection and prevention, as well as much longer-term solutions which would mean entirely replacing the existing US ACH (check) and credit card infrastructure.

Credit card issuers dumping the costs fraud like this on small retailers is a terrible externalized cost, right up there with major polluters. Small retailers have zero data, expertise, or energy to identify fraud of this kind. By contrast, the banks have all of those necessary elements and already utilize them in their fraud detection systems. But they lose incentive to continue investing in fraud prevention when they're allowed to leak those costs onto their retailer and cardholder customers.

Always someone looking to make a quick buck without working for it.
Curious, what is the container(?) from which the change is spilling in the photo?

Jim,
I had originally wanted to use a dented paper cup as the container but I didn't have one last night when I took the picture. What I did have was this giant copper thimble that I seem to have inherited - no idea what it was originally for. I normally use it for holding misc. change.

Interesting. There really should be a third option for credit card transaction response along with making the banks liable for all fraud. We have "Approved" and "Declined", and they should add "Delayed for fraud checking". Retailers who get that know not to hand over goods, and they'll stop, or at least much reduce, annoying customers when legitimate transactions are declined. Once the transaction is settled they send the merchant a notice, which can be one of three options: "Approved" "Legitimate but canceled" (perhaps they used a different card to avoid waiting) or "Fraudulent".

These days, most people in nearly all cases can receive and act on fraud check notices in seconds anyway, so it's not like it needs to delay even time-critical notices such as a supermarket transaction too much.

A guy on the east coast (Austin something IIRC) has been running a similar scam on Festool stuff for a number of years. I smelled a rat and tricked him into providing shipping information (that he fabricated but UPS denied) and when I confronted him he said he should have known I was a scammer.

Unfortunately, greed is some people’s motivation. However, good guys like Joel keep us going. It is a pleasure doing business with you.

I’ve been reading the CC, EBay scam comments. I recently ordered a Robert Lasrson hard Arkansas stone from an eBay seller with 3k positive feedback. He showed a pic of the stone in the distinctive Robert Larson green packaging and used the correct part number. He was about $9.00 cheaper than anyone else, on a $35 item. I received a cheap piece of poorly made ceramic half the dimensions and none of the distinctive angles that the stone is known for. I initiated a return, I chose item not as described. I received my refund, but then realized, most people wouldn’t know the difference, this guy is selling miniature chips of poor quality ceramic chunks to unsuspecting inexperienced woodworkers, for $26 a pop. I had to call eBay three times, they couldn’t understand why I was bothering, I was refunded, and the vendor let me keep the junk he sent me! I finally got a supervisor, this guy still running the bogus add weeks after I got my refund. I should have known the price was too good to be true!

The banks are not _entirely_ at fault, as much as the banks behave like money-grabbing thieves. How do the people on the "Dark Web" get hold of stolen credit card numbers anyway? They certainly aren't breaking into people's houses at night and looking in their wallets to grab credit-card numbers.

In the past, some credit-card numbers would have been stolen by people at "point of sale" -- especially when manual credit card transactions (imprints) were commonplace, since they had a copy of the credit-card imprint. The potential for this only seems to exist in "over the phone" orders these days, since the card rarely leaves the customer's hand for electronic transactions (ie. face-to-face, not internet).

These days, some businesses are not adhering to the PCI DSS credit card data security standards, and hacking of these business' computer systems is resulting in mass numbers of credit card numbers (plus other valuable info) being stolen when a breach occurs. For example, it is an absolute no-no to store someone's credit card number "on file", particularly if it is not encrypted.

If you're a hacker, you don't target the behemoths like Amazon for this kind of info, you target the businesses that might be just large enough to have a good source of CC numbers, but perhaps small enough to not have PCI DSS compliant systems.

These businesses are often the "ground zero" for any fraud that goes on, but I've never really heard of them being accountable to any degree. I guess that's because whilst we know that any given breach will contribute to the "mass" of stolen credit cards available, no one can necessarily prove a particular breach revealed the details of a particular card.

The other problem is that those companies that do suffer a breach are very, very reticent to reveal it, obviously because it makes them look bad (incompetent even).

My point, however, is that if you tighten up the "source" of stolen credit cards, then you indirectly reduce the amount of CC fraud.

Perhaps the silliest thing with all this is that a solution is already available that's pretty damn effective. A simple SMS phone message with a challenge code to the customer's mobile phone will pretty much kill any opportunity for fraudulent use. Obviously you'd only use that if the card was not a "direct read".

Also, watch out for internet shoplifters who give you their credit card information over the phone. You enter it into your system and the payment is accepted. You send the merchandise. The delivery agent (UPS, FedEx, USPS . . .) delivers it to the shopper's address. If you don't require signature delivery, the shopper can tell their credit card company they never received the merchandise. 9 times out of 10, the credit card company will reverse the charge and you have no recourse other than filing a lawsuit to recover the money. The only evidence you have is the delivery notification from your delivery agent. Good luck with that . . . and why would you bother filing a lawsuit. Bottom line, if in doubt, pay for signature delivery.

All that has been said in other comments is why I buy all my tools from reputable and reliable dealers like TFWW, or sometimes from craftsmen that make specific unique tools. I learned decades ago, and I have lived many, that if it sounds too good to be true, it is just that. Hope you sleep better Joel.

Here's one on E-Bay right now:

https://www.ebay.com/itm/Campaign-Furniture-by-Christopher-Schwarz/263188279282?hash=item3d473e6ff2:g:GZoAAOSwAQBZroB~

They are asking $137.00 for a used copy of Campaign Furniture from Lost Art Press.
New the book is $47.00 (with free shipping) from LAP.
I asked the seller why they are asking so much but they did not respond.
LAP got a laugh out of it. It's why I usually go straight to the main company if buying new.
Thanks Joel. Your company is a good one.

Following up on the story from Eric Brown, I see "deals" like this on Amazon all the time. An item will have a listing with the option to buy 1, 2, 3, etc. and sometimes there is the expected price reduction for "buying in bulk" but other times there is an increase in price, sometimes more than 10x. My only guess is they are hitting the uncaring corporate buyer who is not concerned about the value only fulfilling the order. Definitely take the time to verify your purchases. I had a "sale" offer from that company selling custom red aluminum tools and their sale price was still 10% higher than the every-day price here at TFWW.

Thanks for doing the job you do. I know I appreciate it- and I think of you guys every time I use my awesome tuned Baldor grinder.

I just found your site, good. I have a woodworking tool shop in England and similar frauds happen here. I've avoided some of it by not accepting card payments, OK does cut out some sales but not as many as might be expected from drop in customers.

Mail order I accept cheques (checks) and can wait till they clear before sending items. Our banks now have to clear cheques in 4 days after which they have to take responsibility if they bounce. Kevin Frey mentioned SMS messages to verify a card perches, but here fraudsters have found ways to spoof phone numbers and also ways to send SMS messages which seem to come from banks. So be careful even on this.