On the Nextdoor app, a fake account succeeded in getting some personal info from me before I realized they were a scammer. I discuss how that scam went down, share an audio call I had with the scammer, and give some tips for spotting online scammer behaviors and traits. These tips are focused on online marketplace scams but should be applicable for a lot of online scammers in general.
Episode links:
- YouTube (includes video, recommended)
- Apple Podcast (coming soon)
- Spotify (coming soon)
Other resources:
- A previous episode about scam strategies and spotting scams
- Crime- and investigation-related episodes
TRANSCRIPT
Welcome to the People Who Read People podcast, hosted by me, Zach Elwood. This is a podcast aimed at understanding people better; the things people do and the things people say. You can learn more about it at behavior-podcast.com. If you like my work, please hit subscribe and share episodes you like with your friends; that’s how you can show your appreciation for my work and encourage me to do more.
I was trying to sell some rollerblades on Nextdoor and a fake Nextdoor account succeeded in getting a few pieces of personal information from me: all in all, they got my name, my physical address, and my phone number. They tried to get my email address but I wised up at that point. Scammers can use this personal information in various ways; they can sign up for an assortment of things in your name, including credit cards or government benefits; or they might just sell your personal info on the black market to other more specialized scammers.
So I wanted to make a video that examines this phishing attempt and then gives you some pointers for how you can quickly spot such scams on your own before sending information to them or worse.
Just a note that if you’re listening to this on audio, it includes video on YouTube so that might be a better way to consume this one.
So first I’ll do a quick description of my interactions with this person and you can see what red flags stand out to you. Then afterwards I’ll talk about what I saw as the red flags.
On Nextdoor I had put up some women’s roller blades for sale for $40 and immediately got a response from an account in the neighborhood named James Harry. Our convo on the app went like this:
James Harry writes: Hi, is this still available?
Me: yeah
Him: Alright I’m currently at work now text me on my number so we can text each other much better +1 (332) 284-7946
Without thinking about it, I texted him. This was our text convo:
Me: Hi there. I had the roller blades.
Within a minute he replies: Ok… Where are you located for pick up?
Me: (I give him my address)
Him: Oh, ok. Actually I’m not available in town right now but could tell my brother to help me pick it up with his truck! If don’t mind and for the payment I’ll be willing send the payment through Zelle if that ok.
Me: Sure. And no rush, I’ll hold them for you
Him: When will you be available for the pickup…? He can pickup anytime before 7pm tomorrow.
Me: Any time is fine
Him: What’s your Zelle payment so I can add you as a new recipient and send from my business account?
(So this is when I first stopped to pause and realized that he was really rushing this so I got suspicious and assumed he was just phishing for my email address. I texted back): I’ll wait until you pick them up first then you can pay. What do you think of that?
Him: Ok no problem
At this point i was a bit curious what he’d do next so I asked: When could I expect your brother?
At this point he called me. I’ll play that conversation:
[Audio recording]
Him: Uh, I was just thinking maybe I could just pay you now so my brother can come over tomorrow by 12 to pick it up. Is that okay with you?
Me: Oh, sorry. You said your brother’s gonna come over?
Him: Yeah
Me: Yeah. Anytime.
Him: Okay, so you got Zelle right?
Me: Oh, you want to pay me via Zelle?
Him: Sure. I got Zelle to my Bank of America.
Me: I was gonna wait until your brother picked it up.
Him: Okay, no problem then.
Me: So when do you think he’s showing up?
Him: By 12 tomorrow.
Me: Well, if you could pinpoint it to a better time, that’d be great.
Him: What time are you gonna be available?
Me: I’ll be here, so you just let me know when he’s gonna show up.
Him: Okay. I’m gonna call you. Because I’m out of town for business. That’s why I can’t pick it up myself.
An hour later I texted him the following: Hey dawg, any news on that? I got someone willing to pay me $85 who’s ready now. Any thoughts on that? If you can do $90 maybe we can Zelle now.
Basically I was just curious if he’d jump on the Zelle opportunity even though him going up to $90 for the rollerblades, up from $40, would be a bit absurd. At this point, a few hours later, he hasn’t replied.
It’s a pretty common phishing attempt; this stuff is pretty common on online marketplaces, whether it’s Nextdoor, Facebook Marketplace, or Craiglist. When selling things online, I regularly interact with accounts I think are fake; when I see some of the more obvious red flags I just ignore their messages, and that’ll be the main way these tips will help you: if you get a sense someone is fake, you can just ignore their messages. Or else, if you’re not really sure, you might just take a more cautious approach; like telling them you can meet them somewhere and do the payment then. When you see signs of a scam, you can just decide to back off entirely or approach things more cautiously.
So let’s go into detail about a few of the red flags that stood out to me, and these are red flags that are common in many online scams. Just as with the art of reading poker tells, there’s a lot of power in seeing multiple indicators pointing the same way. None of the red flags I’ll mention, on their own, are surefire signs an account is fake or scammy, but when you start to see two or three or four, then you can start to get real confident in your read.
Speed/rush of reply and interactions:
When I put up the roller blades for sale, he sent a message immediately about them. The speed of reply on such platforms is often related to them trying to get maximum return on their investment before their account gets shut down. They’re trying to work as fast as possible.
It’s also true that real people on these apps tend to take a while to reply, in general. People are quite busy and it’s quite rare in my experience that someone replies immediately. It can happen of course, but again, these are just clues you can piece together.
Then, a day later, when I texted him, he replied immediately via text, also. Honestly the quick reply on Nextdoor should have clued me in, but the quick reply on Nextdoor coupled with the immediate reply via text really should have set off my radar.
An empty, new, or generic-seeming account
Something I usually check first but didn’t in this case is the person’s account. The account for this person was completely blank. No posts, no information, no picture. Often on Nextdoor people put something about themselves or have had a few posts. So the account being blank and empty is one sign.
Another clue here is the generic name: James Harry. Just two common American names strung together.
One of my most popular things I’ve written online was a piece about how to spot fake Facebook accounts. https://apokerplayer.medium.com/top-7-signs-a-facebook-account-is-fake-1eb942591887. I wrote that after a lot of research I did into fake foreign accounts that were posting political propaganda; my work on that was featured in the NY Times and the Washington Post. https://www.nytimes.com/2017/11/03/technology/facebook-fake-accounts.html https://www.washingtonpost.com/technology/2020/04/19/pro-gun-activists-using-facebook-groups-push-anti-quarantine-protests/ amongst other places.
Depending on the platform, there are all sorts of clues to fake accounts. For example, on Facebook, one clue is that there can sometimes be a name in the URL that’s very different from the displayed name.
Nextdoor apparently still requires people to verify their in-person address before they can create an account, so I’m not exactly sure how all these fake accounts get on there. But there’s a lot on there. Whatever they’re doing isn’t enough; just as Facebook’s policies aren’t enough to prevent a bunch of fake accounts.
Long story short: Before starting to do a transaction with someone online, it’s worth it, at the very least, to check out their account and see what you see.
Switching communication methods
When I replied on Nextdoor, he replied two minutes later and said he wanted to switch to texting. He said “Alright I’m currently at work now text me on my number so we can text each other much better”
This should have been another obvious clue to me; it’s related to the rushing aspect of this; he really seems in a hurry to get these $40 used roller blades. But switching channels is mainly about getting more personal info from me; by getting me to text him, he gets my phone number. Now clearly this isn’t a big sign by itself, as often you’ll switch methods of communication to text if you’re closer to a deal. But the fact that this happened so early on in the sales process, and also that he wants to switch to texting even though he clearly is able to respond to me fine via Nextdoor; again, he replied to me within two minutes. All in all, just various clues adding up to be fishy.
Unusual language choices
Often these scamming accounts are in developing countries, like various countries in Africa, or in the Philippines, or in Thailand. This means the language they use is often awkward and stilted in various ways. But even more valuable sometimes is just people using unusually detailed language in a way that is abnormal.
Let’s look at some of the language in the texts he sent me.
For one thing, he referred to the skates as “it,” which is a kind of unusual language choice. He writes “I could tell my brother to help me pick it up with his truck!” Most people would refer to the skates as “them” in the plural. Also, he mentions that his brother will use a truck; that’s also an unusual bit of detail, in that obviously you don’t need a truck to transport roller skates.
These choices are likely due to the scammer having a templated boilerplate response that he just copies and pastes in as a multi-purpose response.
Another weirdness is when he wrote this: “ What’s your Zelle payment so I can add you as a new recipient and send from my business account?”
There’s a formal aspect to this language: “add you as a new recipient” and the inclusion of “business account.”
Now the weirdness here is likely related to bad English skills and also just using some of the Zelle app terminology without knowing it sounds weird. But some of this seems a bit related to what happens in interrogations when guilty people give way too much information about things, and elaborate on things, in a way that innocent people are unlikely to do. Innocent people will tend to just answer things straightforwardly, with minimal words, whereas for some sensitive questions, people who are guilty or who have something to hide can feel compelled to include all sorts of extraneous details; for example, the fact that this guy wants me to know he’s sending this from his “business account”.
I’m a big fan of statement analysis; deducing things based on the words and phrasings people use. One of my more popular episodes was one of my first ones; a talk I had with Mark McClish about analyzing written and verbal statements. (And an interesting trivia maybe: McClish’s book I Know You Are Lying was the inspiration for me writing my book Verbal Poker Tells, which of my three poker tells books is the one I’m most proud of.)
Use of Zelle
I’m usually pretty good about quickly spotting these tells. But in this case, there were a few factors that lowered my guard. For one, I’d been doing quite a few sales online in the past few weeks, so I was used to going back and forth with people via various channels and platforms. Another thing was that I was working online and so was distracted; and that’s how a lot of these things happen; our guard is lowered for a moment, so we give someone some info or click a suspicious link.
In this case, my suspicions would have usually been tripped at his bare Nextdoor account but in this case I only got suspicious when he was rushing to pay and wanted to send his payment via Zelle. That’s not a common app to use for payment, at least in my experience. I’ve used it with a few people I know but have seldom been asked to use it. I’d assume that he wants to use Zelle because your Zelle is associated with an email address, so that’s another piece of personal info they can get; versus using Venmo, which can just be a handle name.
And another red flag to me was again just the time pressure thing; he’s clearly in a hurry to get this minor deal done, and wants to pay me immediately, whereas most people will just pay when they show up. So that combined with the Zelle thing was when it finally tripped my sensors.
Again, I want to emphasize that none of these things on their own are highly reliable tells. But they can be clues to take things more slowly and be more cautious.
Hopefully this was helpful to you. I’m going to share this video with my Nextdoor community and maybe you can do the same.
If you enjoyed this episode, you might enjoy checking out some episodes in the People Who Read People back catalog related to investigations and crime. You can find episode compilations at behavior-podcast.com.
Thanks for the interest.