Advertisements

Conversation with an iTunes card scammer | Ben Rothke

Intro

On a community email list I am part of in Passaic, a user had their email account hacked, and the scammer used the iTunes gift card scam. This is a quick article about the scam and how to avoid being a victim.

The scam

In the world of information security, there are many cutting edge attacks. Like the one out of Israel recently, researchers from Ben-Gurion University and the Weizmann Institute revealed a new technique for long-distance eavesdropping they call lamphone

The lamphone attack allows anyone with a laptop, telescope and a $400 electro-optical sensor, to listen in on any sounds in a room that’s hundreds of feet away in real-time, by merely observing the minuscule vibrations those sounds create on the glass surface of a light bulb inside. 

By measuring the tiny changes in light output from the bulb that those vibrations cause, the researchers showed that a spy can pick up sound clearly enough to discern the contents of conversations or even recognize a piece of music. This is straight out of Tom Clancy.

On the opposite end are the low-tech attacks such as iTunes gift card scams. Recently, someone’s email accounts were hacked and the attacker posted on their behalf on a community mailing list I am part of. The scammer asked people to buy iTunes gift cards to which he would pay you back since he said he was away. 

This scam goes back a few years and is in constant use. When the victim’s email account is hacked, the attacker will send a message to everyone in their address book. 

Gift card frauds are so prevalent that the Better Business BureauAARP, and FTC have alerts. As to iTunes card fraud, Apple and the FTC have warnings specifically regarding scams involving App Store & iTunes Gift Cards and Apple Store Gift Cards. These scams have been going on for years where fraudsters request codes from App Store & iTunes Gift Cards or Apple Store Gift Cards.

The scam follows a standard formula where the person says they can’t make the purchase now and says they will pay you when they return. 

Why iTunes gift cards

Apple Music, App Store, iTunes, and related services are major players in the global digital app and music market, with over $10B in annual revenue. With a market so huge, it is ripe for scamming. 

These scams are part of extensive, sophisticated black market efforts, often via the dark web. The low-level scammers do the grunt work of communicating with the victim. Once they get the codes, the network sells them to middlemen, who, in turn, sell these codes to people on the secondary market. This entire exchange is, for the most part, untraceable and very profitable. 

If the scammers try to flip the card into Bitcoin, it makes it even more untraceable. As an aside, Bitcoin is not provable untraceable. As detailed in Bitcoin and Cryptocurrency Technologies: A Comprehensive Introduction, all Bitcoin transactions are stored publicly and permanently on the network, and can’t be considered fully anonymous. 

How do you avoid being a victim?

This scam is so efficient because the source is the victim’s email address book, which often contains thousands of contacts. If these are going to their friends, they will have a desire to be helpful.

Ronald Reagan popularized the saying Trust, but verify, which is the approach one needs to take here. This is especially true when people ask you for money. In this case, the scammer wanted $300 in gift cards. In other affinity scams, people have lot hundreds of thousands, and at times millions of dollars. .

You can avoid being a victim by using both technical and practical approaches. 

  • Read the email does it make sense – is this the sort of email a friend would send? There is nothing it in that makes it seems like it is from an acquaintance. Nothing it is that makes it seem the least bit legitimate. Seriously, he is on vacation in Paris and it is his top priority to get his anonymous niece some gift cards?
  • Use common sense – does the email make sense? If you look at the text of the email communications, the writer answers in short, terse sentences and does not seem to be a native English speaker.
  • Travel during a pandemic – the scammer eventually says he is in Paris. Really, during a pandemic? How did they even get there during COVID? That red flag alone should put the kibosh on this. 

  • Ask a few questions – the person should know some specifics, especially about their own life and family. The entire email chain is below, and I asked the scammer some specific questions he or she never replied to directly. I also used false family member names and a medical condition which he was oblivious to. Since there were no corrections to these, it screams out scam. 
  • Passwords – For your email accounts, use a complex, difficult to guess password. But this is not foolproof is the password itself is compromised.
  • Employ multi-factor authentication (MFA) – this is an authentication method where a user is only given access after successfully presenting two or more pieces of evidence to the authentication system. If you use Google services, you should employ more robust security for your Google account via Google Authenticator
  • Ask why you? – Consider why they are asking for your help – the attacker below is making up silly excuses why he can’t do it himself.
  • Use that even more common sense, and you are much less likely to be a victim.

The email chain with the scammer has been anonymized to protect the victim, and below is the text of the emails. 

Two of the victim’s email accounts were hacked – MSN and Gmail. I refer to these as scammer@msn.com and scammer@gmail.com 

Notice the initial scam email came from the victim’s MSN account. The scammer then moved to the victim’s Gmail account. 

The friend responding is Jenny Smith Jen@mail.com 

On Tue, Jun 23, 2020 at 10:15 AM Scammer <scammer@msn.com> wrote:

Good Morning, How are you? I need a favor from you.

I need to get an iTunes gift card for my Niece, It’s her birthday today but I can’t do this now because am currently out of town. Can you get it from any store around you? I’ll pay back as soon as i am back.

Kindly let me know if you can handle this.

Thank you,

Scammer

On Tue, 23 Jun 2020 at 15:26, Jenny Smith <Jen@mail.com> wrote:

Hi – is this for Tammy your niece? I remember when she was little.

Let me know what you need and we can help.

On Tuesday, June 23, 2020 10:35 AM, Scammer <scammer@gmail.com> wrote:

Thanks. What I need is $300 iTunes gift card($100 denomination. Three $100 cards total $300) you can buy from any store around now. Also, I need you to scratch the back of the cards to reveal the pins, then take a snap shot of the back showing the pins and have them email to me….so i can forward the cards to my Niece.

How soon can you get this done for me so i can give her a definite time to expect the picture from me?

On Tue, 23 Jun 2020 at 15:37, Jenny Smith <Jen@mail.com> wrote:

Anything for your bro!

I can do out and buy them, or get them online….just tell me what to do.

You on vacation now?

On Tuesday, June 23, 2020 10:42 AM, Scammer <scammer@gmail.com> wrote:

Can you get the cards online for me now and have them sent to me my email address scammer@msn.com

On Tue, 23 Jun 2020 at 15:44, Jenny Smith <Jen@mail.com> wrote:

Sure….what is the web site to order them from?

I can do that now….just let me know the web site to order from.

Don’t want Tammy to miss her birthday present. How old is she now?

On Tuesday, June 23, 2020 10:46 AM, Scammer <scammer@gmail.com> wrote:

https://www.apple.com/shop/gift-cards/itunes-electronic?afid=p238%7CsvsraeddR-dc_mtid_1870765e38482_pcrid_267742211676_pgrid_46460974547_&cid=aos-us-kwgo-btb-egc

On Tue, 23 Jun 2020 at 15:49, Jenny Smith <Jen@mail.com> wrote:

Ok…how much do you need?

When are you and Monica due back? We miss you in hot and humid Miami.

On Tuesday, June 23, 2020 10:50 AM, Scammer <scammer@gmail.com> wrote:

What I need is $300 iTunes gift card($100 denomination. Three $100 cards total $300) Have it sent to my email address scammer@msn.com

On Tuesday, June 23, 2020 10:53 AM, Scammer <scammer@gmail.com> wrote:

Paris, Let me know when done.

On Tue, 23 Jun 2020 at 15:52, Jenny Smith <Jen@mail.com> wrote:

Ok, will do that now.

Where are you guys??=

On Tue, 23 Jun 2020 at 15:59, Jenny Smith <Jen@mail.com> wrote:

Ignatz is getting the credit card for me, so will do the order in like 2 minutes.

OMG I love Paris!!!!

Where you guys staying there?

On Tuesday, June 23, 2020 11:00 AM, Scammer <scammer@gmail.com> wrote:

Ok, Let me know when you place the order for the cards.

On Tue, 23 Jun 2020 at 16:04, Jenny Smith <Jen@mail.com> wrote:

He is doing the order now….

He is better with computers than I am.

How are you managing doing all that walking with your cellulitis problems? Must be hard.

Ignatz just said order should be done in 90 seconds.

On Tuesday, June 23, 2020 11:06 AM, Scammer <scammer@gmail.com> wrote:

Ok, thanks.

On Tue, 23 Jun 2020 at 16:08, Jenny Smith <Jen@mail.com> wrote:

Seriously….how are you managing doing all that walking with your cellulitis problems?

I remember when you had to miss Dave Kujan’s retirement party due to that.

On Tuesday, June 23, 2020 11:12 AM, Scammer <scammer@gmail.com> wrote:

I’m getting better now.

On Tue, 23 Jun 2020 at 16:15, Jenny Smith <Jen@mail.com> wrote:

ok….that is great.

Ignatz just finished the order for the 3 gift cards.

Regards to the birthday girl!

On Tuesday, June 23, 2020 11:19 AM, Scammer <scammer@gmail.com> wrote:

Kindly forward the confirmation order to me.

On Tue, 23 Jun 2020 at 16:22, Jenny Smith <Jen@mail.com> wrote:

Did you not get the confirmation?

Ignatz said it was confirmed.

On Tuesday, June 23, 2020 11:26 AM, Scammer <scammer@gmail.com> wrote:

No

On Tue, 23 Jun 2020 at 16:30, Jenny Smith <Jen@mail.com> wrote:

He just resent it to you.

On Tuesday, June 23, 2020 11:31 AM, Scammer <scammer@gmail.com> wrote:

Let me send it to my email

On Tue, 23 Jun 2020 at 16:39, Jenny Smith <Jen@mail.com> wrote:

Can you confirm you got it?

On Tuesday, June 23, 2020 11:40 AM, Scammer <scammer@gmail.com> wrote:

No, I didn’t get it. Can you send it to me.

On Tue, 23 Jun 2020 at 16:44, Jenny Smith <Jen@mail.com> wrote:

Ignatz said he sent it 2 times to your email.

He said he confirmed on the Apple.com web site that it was sent to your email.

I know that the French are notorious for spying on people. Do you think the French government may be listening to our email chat and they may have taken the $300 in gift card codes?

On Tuesday, June 23, 2020 11:45 AM, Scammer <scammer@gmail.com> wrote:

No, I didn’t get it. Can you forward it to me?

On Tue, 23 Jun 2020 at 16:49, Jenny Smith <Jen@mail.com> wrote:

I keep forwarding to you.

Seriously….could the French be hacking your email?

On Tuesday, June 23, 2020 11:50 AM, Scammer <scammer@gmail.com> wrote:

What do you mean?

On Tue, 23 Jun 2020 at 16:55, Jenny Smith <Jen@mail.com> wrote:

Ignatz printed out the the confirmation numbers for the 3 gift cards.

Since email is not working, let me call you and give you the numbers.

What is your cell number there?

Or the number of your hotel.

On Tuesday, June 23, 2020 11:55 AM, Scammer <scammer@gmail.com> wrote:

I don’t have access to my phone here, Email the numbers to me.

On Tue, 23 Jun 2020 at 16:57, Jenny Smith <Jen@mail.com> wrote:

What is the number of your hotel?

I can call you there.

On Tuesday, June 23, 2020 11:59 AM, Scammer <scammer@gmail.com> wrote:

I’m not available on Phone, Send the numbers of the cards to me via email

On Tue, 23 Jun 2020 at 17:01, Jenny Smith <Jen@mail.com> wrote:

It is 6:00PM there in Paris.

When do you expect to be back in your hotel.

I can call you then with the information for the 3 gift cards.

On Tuesday, June 23, 2020 12:03 PM, Scammer <scammer@gmail.com> wrote:

Send the code number of the cards, So i can forward them to her ASAP

On Tue, 23 Jun 2020 at 17:04, Jenny Smith <Jen@mail.com> wrote:

What time are you due back in your hotel?

On Tuesday, June 23, 2020 12:06 PM, Scammer <scammer@gmail.com> wrote:

Later tonight, Kindly send them now so i can forward them to her.

On Tue, 23 Jun 2020 at 17:11, Jenny Smith <Jen@mail.com> wrote:

Let me ask you, if you can email her, why couldn’t you have ordered the gift cards yourself?

On Tuesday, June 23, 2020 12:15 PM, Scammer <scammer@gmail.com> wrote:

I don’t have access to my online banking. If not that i would have bought the card myself for her online.

On Tue, 23 Jun 2020 at 17:18, Jenny Smith <Jen@mail.com> wrote:

You do not need access to your online banking, just your credit card number.

On Tuesday, June 23, 2020 12:24 PM, Scammer <scammer@gmail.com> wrote:

I’m not with my credit card, Did you purchase the cards

On Tue, 23 Jun 2020 at 17:28, Jenny Smith <Jen@mail.com> wrote:

Yes, 3 x $100 cards.

See attached screen shot……

On Tuesday, June 23, 2020 12:34 PM, Scammer <scammer@gmail.com> wrote:

The attachment you sent doesn’t contain an iTunes gift card.

On Tue, 23 Jun 2020 at 17:36, Jenny Smith <Jen@mail.com> wrote:

This is so weird.

I think someone is hacking this account.

Let me call you in the hotel when you get there.

Then you will have the card codes once and for all.

Since Tammy is in California, it is only 9:30 in the morning there and there is plenty of time to get her the codes.

thanks!

Speak later….send me your phone number at the hotel.

On Tuesday, June 23, 2020 12:37 PM, Scammer <scammer@gmail.com> wrote:

Ok, Send the code number of the three cards write them out.

On Tuesday, June 23, 2020 1:10 PM, Scammer <scammer@gmail.com> wrote:

I just did if you can’t reach me through phone then send the PIN number of the cards via email

On Tue, 23 Jun 2020 at 5:39 PM, Jenny Smith <Jen@mail.com> wrote:

ok, what hotel are you at and what is the phone number?

On Tue, 23 Jun 2020 at 18:15, Jenny Smith <Jen@mail.com> wrote:

That phone number still does not work.

Please send hotel number.

On Tuesday, June 23, 2020 1:25 PM, Scammer <scammer@gmail.com> wrote:

That’s weird.

On Tue, 23 Jun 2020 at 18:28, Jenny Smith <Jen@mail.com> wrote:

This happens.

Let me know when you in your hotel.

Send the number of the hotel.

And we can get her the numbers…..

On Tuesday, June 23, 2020 1:32 PM, Scammer <scammer@gmail.com> wrote:

I’m in the hotel already

On Tuesday, June 23, 2020 1:42 PM, Scammer <scammer@gmail.com> wrote:

Send the code numbers of the cards, Kindly let me know if you don’t want to send the code number of the cards to me.

On Tue, 23 Jun 2020 at 18:41, Jenny Smith <Jen@mail.com> wrote:

What is the phone number and what room?

On Tue, 23 Jun 2020 at 18:45, Jenny Smith <Jen@mail.com> wrote:

I have the cards….since you are in the hotel….just let me know the phone number.

I will call you so you do not have to pay for an international call.

On Tuesday, June 23, 2020 1:46 PM, Scammer <scammer@gmail.com> wrote:

I told you earlier the phone is not connecting, Email the cards to me.

On Tuesday, June 23, 2020 1:50 PM, Jenny Smith <Jen@mail.com> wrote:

What is the name of the hotel?

I can use a VPN connection to make a VoIP secure call, guaranteed to work.

On Tuesday, June 23, 2020 2:26 PM, Scammer <scammer@gmail.com> wrote:

Still waiting. For the cards

On Tue, 23 Jun 2020 at 19:19, Jenny Smith <Jen@mail.com> wrote:

Any update?

On Tue, 23 Jun 2020 at 19:27, Jenny Smith <Jen@mail.com> wrote:

Still waiting for your hotel phone number.

On Tuesday, June 23, 2020 2:29 PM, Scammer <scammer@gmail.com> wrote:

I gave you the number already which you said was not connecting. Email the Pin number of the cards to me.

On Tue, 23 Jun 2020 at 19:38, Jenny Smith <Jen@mail.com> wrote:

That phone number is to a cell phone in area code 201,which is New Jersey.

While the Garden State is the Paris of the US, it is not a hotel number in Paris.

Please send correct number so I can get you the 3 codes.

On Tuesday, June 23, 2020 2:39 PM, Scammer <scammer@gmail.com> wrote:

You can’t reach me on phone

On Tue, 23 Jun 2020 at 19:41, Jenny Smith <Jen@mail.com> wrote:

Why not?

Every hotel has a phone.

On Tuesday, June 23, 2020 2:42 PM, Scammer <scammer@gmail.com> wrote:

I don’t know.

On Tue, 23 Jun 2020 at 7:44 PM, Jenny Smith <Jen@mail.com> wrote:

Can I call you via Skype or WhatsApp then?

On Tuesday, June 23, 2020 2:48 PM, Scammer <scammer@gmail.com> wrote:

Ok

On Tuesday, June 23, 2020 2:49 PM, Jenny Smith <Jen@mail.com> wrote:

ok, what is the phone #?

 

 

-------------

This content, and any other content on TLS, may not be republished or reproduced without prior permission from TLS. Copying or reproducing our content is both against the law and against Halacha. To inquire about using our content, including videos or photos, email us at general@thelakewoodscoop.com.

Stay up to date with our news alerts by following us on Twitter, Instagram and Facebook.

Also join the thousands receiving our Whatsapp Status updates!

Got a news tip? Email us at newstips@thelakewoodscoop.com, or Text/Whatsapp 415-857-2667.

There are 4 Comments to "Conversation with an iTunes card scammer | Ben Rothke"

  • Steve says:

    I think I was on the same scam list last week.
    FYI – they did not hack into the other persons GMAIL account. What they do is create a GMAIL account using he same info so that when the person changes their password after the first 100 ppl as them if they were hacked the hackers just continue the conversation on the new mail address.
    Most ppl would not look at the email address domain and would continue the conversation.
    Kudos to you for keeping it going so long. They stopped responding to me once I asked them what they are sightseeing in Calgary!

  • Tzivi Goldfarb says:

    This is helpful. It is so crazy that we have to be so suspicious about everything.

    But I do get lots of emails that are close to being scams, and often are.

    The yeshiva world needs to know about these things, as these scam artists exploit the chesed that a yid naturally want to do.

  • Garden State says:

    Scammer should have realized Jen was playing him when she referred to NJ as the Paris of the US.

    • Pinchas A. says:

      Many of these scammers barely know English.
      They use Google translate a lot.

      Shows that you dont even need to know the language to rip people off.