On the night of 16th May 2020 I got approached by a person online (as I do
freelancing so I often deal with international clients), he was from Morocco
he asked me that he wants me to make a bank transaction to one of his clients
in Pakistan of 50,000PKR and for that he'll pay me 550$, when I asked the
reason that why isn't he paying his client himself, he said that the client
needs money instantly but client's Payoneer is not working well so he wants me
to send his client money through the bank that's the reason he is ready to pay
some extra bucks so that his client receives the money on time, that was a
pretty good deal for me. I obviously asked him that first, you'll send me 550$
once I receive money from you I will make the bank transaction, he instantly
agreed and asked me for my Payoneer ID.
I gave him my Payoneer ID, he asked me to wait for 5-10 mins to receive
money in my Payoneer and well right after the mentioned time, he sent me a
screenshot from his laptop, that was a legit Payoneer page, with the current
transaction with my email and 550$ mentioned on it. But when I checked my
email and Payoneer I had not received even a single penny. When I asked him,
he said that it's Saturday so transactions take time, look it's completed
from my side and I shared the screenshot with you as well.
The screenshot he shared looked original, but I asked him to wait because I
have received nothing, now he started to get violent that he wants the
transaction to be done immediately that's why he trusted me so I should
transfer 50000PKR to his client residing in Pakistan as well. Meanwhile, I
received an email from Payoneer that I have received 550$ in my Payoneer
account, I took a sigh of relief. But to double-check the case, I opened my
Payoneer, and strangely enough, there was no amount in my Payoneer. I was
confused about what is going on with me.
It was pretty normal, that Payoneer takes time to load balance in your
account but it appears in transaction pending section anyways, but there was
absolutely nothing there. On the other hand, that person consistently asked
me to make the transaction because now I have received the email from
Payoneer as well.
I along with my brother decided to check the mail I had received from
Payoneer just then if it looks fake or some phishing mail. and compared it
with the previous emails I have had received from Payoneer in the past. Look
at both of them yourself. Both were received from NoReply@Payoneer.com, both
were encrypted and secure. Both were 99% the same in the layout as well. I
couldn't find anything suspicious in the email I received from Payoneer. So
I thought that I have received a mail from Payoneer's valid email ID and
that should be enough proof. Payoneer itself cant do fraud its a big company
and I should now make the transaction to the client as promised.
|
| 550$ Email |
|
|
Email Header of Legit Payoneer Mail
|
|
|
Email Header of 550$ Email
|
|
100% Legit Email (Received in Past)
|
I opened the app on my mobile to send money and was about to send but my
brother persisted that I should look at the email once again and not send
the money now. Well, it was a weird and stressful situation with that person
constantly calling me to make the transaction, I receiving a legit-looking
mail from Payoneer and no money showing up in Payoneer. It had happened with
me in the past when Payoneer took some time to show balance in my Payoneer
account so I thought this situation same as that. But upon a final
investigation of the email, we found something bit unusual in the email I
received from Payoneer stating 550$ money.
|
Original Email
|
|
550$ Email
|
The 550$ Payoneer email had a question mark logo on it with a message
showing up "Gmail couldn't verify that Payoneer.com actually sent this
message (and not a Spammer)", I checked all the previous emails I once had
received from Payoneer but none of them had this message on them. Woah, just
when I was about to lose 50000PKR, by the grace of God, somehow I peeked
onto this message by Gmail, (I don't know if Gmail was doubtful about the
email then why it ended up in my inbox and not spam folder).
I asked the person that the email I received from Payoneer looks suspicious
and now he got absolutely furious, trying to put on pressure and threatening
me that he'll report me to the freelance community and Payoneer as a
spammer, and then he blocked me.
To summarize it, I have never experienced such a real-looking social
engineering attack before, as you can see yourself the two emails look
exactly the same. There was just a minor difference between the emails which
a person might ignore and not consider. If that message wouldn't have
appeared from Gmail then I might also have ignored the Question Mark and
made the transaction.
I intentionally have not blurred the email address of that scammer to expose
him. I have contacted Payoneer on this and will update this article once I
hear from them. Thanks and stay safe from such frauds.
