Skip to content Skip to main navigation

Lifestyle

Get RSM on your side at tax time.

How not to get scammed on Tinder

By Chris Mordd Richards - 10 May 2016 23

Internet Dating Scam

And how to get back at the bastards if it does happen to you.

Part 1 – The victim is ensnared

A few weeks ago I started using Tinder for the first time. Got some matches, had a few fairly non-eventual conversations, until that is I met Shaniqua. She seemed interested in me, we had some stuff in common, but she told me she didn’t like Tinder much and was going to delete her profile soon, so could we chat on Skype instead? Now while that might seem innocent enough – this is actually Step 1 in the scammers playbook. For them to properly ensnare you, they can’t do it on Tinder chat itself – it makes it too easy for Tinder to ban them later when you report the user. more on that in Part 2 – Getting Revenge.

That is when she laid the trap – to meet up, first all I had to was verify my age using a free website. At this point I should have realised something was up, but I am naive in love and I let myself believe that everything was normal. So I went to the site, http://www.verify2meet.online/ (also http://www.verify2meet.site/) – do not try and go there, it has since been taken offline, more on that in Part 2. So I checked out the site, it clearly proclaimed itself as a Free Age Verification site, all you had to do was enter you credit charge and you would be approved. I carefully checked the T&C’s on the site, and it clearly specified no charge would be made to my card, etc … It was all very legitimate looking and I let myself be taken in.

So I entered my credit card details and clicked accept, and it immediately redirected me to a porn website. This is where the alarms bells finally went off for me. I tried messaging the girl I had been talking to and of course got no response. I was already on the phone with Westpac 24 hour card services waiting to be connected as well. I told them what I had done and asked them to put a block on my card, but it was too late. A charge of US $39.99 had been made to my card, which was $51 something out of my account. This was actually good news, at least it wasn’t a massive amount, I could deal with losing $50 temporarily while I sorted things out, but a bigger charge would have wiped me out. I had them block the card anyway and have since had the card cancelled and replaced with a new card with a different number, so it’s useless to the scammers now.

Part 2 – Getting Revenge

So how was I going to deal with all this? I wasn’t taking it lying down, so I swung into action. First I checked my email, and sure enough I had an email from a website called IDreamofPussy.com – NSWF – do not visit, I have not linked it for a reason. They were the ones who had charged my credit card. So I tracked down contact info for them. First I sent an email demanding a refund. This bounced back undeliverable due to my email server IP being on a scam blacklist – something my host later confirmed to me was a scam in and of itself. Next I found a phone number for them, and calling got onto a 3rd party operator in the States. I explained what had happened and demanded a refund, and he assured me he could process this for me. So that was reassuring, but I still wasn’t sure he wasn’t just lying to me, I would have to wait and see.

Meanwhile I got to work on dismantling the network the scammers had used to target me with. First I reported the user in Tinder and fired off an email to Tinder customer support. I debated doing the same with Skype but realised they were unlikely to act, so I left that alone and moved on to the next target.

Some googling led me to the information that the website they had used was hosted by Amazon Web Services. So I sent off an email to ec2-abuse@amazon.com outlining the situation and asking them to look into it. At first they ignored me and said there was nothing to look into, but I wasn’t taking that for an answer, and kept sending them more emails with more evidence and demanding they escalate the investigation to a senior representative.

Today my persistence with Amazon finally paid off. The website the scammers used has been shut down. Yes they will move to a new host sooner or later, but for the moment they have been reminded that legitimate hosting services like Amazon will not facilitate illegal scams like this being carried out on their service and for the moment are offline. I would like to commend Amazon for acting (in the end) to do the right thing.

Dear *****,

Please accept our apologies for the long delay in responding to your last emails. We have done additional research into this issue. Our privacy policies do not permit the discussion of our mitigation strategies, but you may be pleased to know that the site reported to be hosted on AWS, verify2meet.online, is no longer live. We hope that this addresses your concerns. Please let us know if we can be of further assistance.

Warm Regards,
Amazon Web Services

So far so good. However the Tinder profile that started all this is still online. Although their ability to scam people for the moment just got cut off at its knees with no website they can use to harvest CC information via. I have sent off yet another email to Tinder support outlining Amazon’s actions and requesting again that they ban the user and ban their IP address. Hopefully now that Amazon have acted Tinder might be willing to take me more seriously. Frankly I am disappointed that when you point out to them that someone is using their service to scam their users, they don’t seem very interested in doing anything about it, which is a shame. However I am not giving up yet, and with persistence I’m confident I can get Tinder to act.

So the lessons here are, there are scammers on Tinder. If someone asks to take the conversation off Tinder – be very very wary, you are much safer as long as you keep using the Tinder platform until you are really confident about who the other person is. If you really must take the convo off Tinder, insist on Facebook chat not Skype or something else, this makes it easier to report it if something goes bad later as Facebook safety team are pretty good. Last lesson is if they link any website to you to visit – do not do it. Age verification websites are mostly a scam, if you get asked this end the convo and report the user and keep yourself safe, learn from my stupid mistake.

Note I have used the real Tinder and Skype username in this piece as it’s important to know they are not who they say they are if you come across them yourself. Shaniqua is still showing up in people’s matches in the ACT using Tinder, so watch out for this profile if you match with it.

Just remember though, scammers like these rely on their victims being too ashamed to do anything about it. But you can do something about it, even if its nothing more than report it to ScamWatch – https://www.scamwatch.gov.au/report-a-scam – (which I did as well, although I can’t update them now about Amazon taking the site down so there’s probably not much they can do anymore with my report). I wasn’t willing to just be a victim though, so I acted and got the site shut down. That is the best outcome I can think of. I also got the credit card charge refunded, so I am not out of pocket either.

I was naive and made a mistake, I am hoping that by sharing my story with you all I can help prevent scammers like this from taking other people in. Internet dating has changed things a lot for our generation, and we need to be aware of scams like this that prey on hapless lonely singles. Share this with your friends and make sure no-one you know ever falls victim to a scam like this. As a last note, if you google “verify2meet scam” it becomes very obvious that it is indeed a scam. Just a pity I didn’t do this myself at the time.

Update: The sites they use are back online, they have signed up another Amazon hosting account and put them back online. I have emailed Amazon again alerting them to this and to take action on this new account. The game of whack-a-mole begins. I have reported it again and it has been taken back down. They again signed up another AWS (Amazon Web Services) account and put the site back online again. I reported it to Amazon again and it was taken offline. I have requested that they look into some way to block the domain name from ever being added to an AWS account again and they are looking into it. For the moment I keep reporting them every time the site goes back and Amazon takes it offline again. They will get bored eventually and change hosts, im just curious to see how long that will take at this point.

What’s Your opinion?


Post a comment
Please login to post your comments, or connect with
23 Responses to
How not to get scammed on Tinder
Citizen Phil 9:09 am 11 May 16

You use WHOIS tools like [https://who.is/] [https://whois.icann.org/en] [https://www.whois.net/] which will tell you a bit more about who setup a domain. Mostly the information is private but you can find out some information of where the domain was originally registered.

Apologies as I missed yesterday the information from WHOIS regarding Namecheap being tied to those sites as domain registrar, that’s who I should have mentioned yesterday. I just posted the name servers which in full are dns1.registrar-servers.com up to dns5. My bad for missing that and the fact you’d already posted the scamwatch information.

But I’ll echo Miz and say good work and keep at em. I’m keen to read your updates now and if I can offer anything else I’ll pipe up. Good luck 🙂

miz 8:55 am 11 May 16

Mordd said :

Could have been worse. There is a far more insidious scam going around online dating services, from what I understand it goes something like this:
1) account user makes contact and agrees to meet up in person with the unsuspecting target
2) after a few dates, usually paid for by the unsuspecting target, account user demands to know where relationship is going, at which point the unsuspecting target is coerced into a shared living arrangement
3) unsuspecting target takes on increasingly larger proportions of living expenses
4) account user demands increasingly expensive gifts, ultimately seeking a diamond ring
5) account user takes half of the unsuspecting target’s assets

Hahaha, good one!
Or, in the alternative scenario, ‘unsuspecting target’ racks off with another ‘account user,’ leaving the original account user in difficult financial circumstances – though I guess they still have the diamond ring to hock

Mordd 10:25 pm 10 May 16

Servers.com says they have nothing to do with the sites:

Hello,

None of the websites http://www.verify2meet.com, http://www.verify2meet.site & http://www.verify2meet.online is hosted in our network.

Where did you get the info from that they did?

Mordd 9:30 pm 10 May 16

madelini said :

The name Shaniqua wasnt the first tip off that something was amiss? Shaniqua is a go to name people rattle off when using a typecast “typical ridiculous black girl” name in jokes/memes etc.

I wasn’t aware of that until know, thanks for the tip!

rosscoact said :

Thank you Mordd for having the courage to share your experiences and the persistence to sic the perpetrators at least temporarily.

You’re welcome, it is embarrassing for me to admit publicly (even under my pseudonym) that I got taken in like this, I consider myself very web savvy and this is the first time i’ve ever fallen victim to an online scam, but this just shows how insidious they are getting and how even smart people who know better can still be taken in with the right set of circumstances. I sincerely hope that by sharing what happened to me I can help stop it happening to someone else.

Neil34 said :

Both sites are registered with https://www.servers.com, they’ll have more bite then AWS in this situation. But you’re going at this from the wrong angle, they have hundreds of domain extensions to keep changing to, .cloud, .club, .life, .online, etc. before they even have to think about changing the actual name of the site and just redirecting their traffic all around the place. No offence but your game of whack-a-mole with them will just make them better at their scam.

Try http://www.scamwatch.gov.au/ or http://www.ic3.gov/default.aspx and have them properly investigated. You’ve been scammed, got lucky because you were quickly onto it, but there will be hundreds if not thousands of others getting scammed like you and not reacting like you did. Help them by taking the scammers down properly.

Think about it like this, if you got robbed and the robber jumped in an Avis rent-a-car to escape in, you wouldn’t ring Avis and say please don’t rent them any more cars, you’d ring the police.

If it wasn’t AWS it would be Google’s or Microsoft’s or some other cloud platform out there. It’s not their fault, this is the price we pay for having freedom to publish whatever we want on the internet.

Sure hit the scammers hard if you’ve been ripped off but do it properly, and maybe be a little more careful online as well. Remember it’s always your fingers that punch in your credit card details.

I had already reported it to Scamwatch as I advise to do in the article. I have now also reported it to the IC3 website. I looked up Servers.com, and while I can’t quite figure out exactly what they do for these guys, nor was I able to actually confirm they are customers of Servers.com (how did you work that out? i’m keen to know!) I did however send off a polite email to them on the basis of your post informing them of what the site is and that they are apparently customers of their and asking them to look into it and take any appropriate action. Will see what happens with that. Thanks for the information. And yes I realise my “game” with reporting them to Amazon is somewhat pointless, as you say there are now hundreds of domain name extensions they can potentially use and plenty of places for them to host, including ones that wouldn’t shut them down like Amazon. I am determined however to make life as annoying for them as I can in whatever way I can at the moment, so that’s what I am doing.

Mordd 9:23 pm 10 May 16

deleted – when trying to edit it destroyed the layout and made it unreadable, posting again.

Bolbi 6:59 pm 10 May 16

Not sure why you didn’t think you would get any response from Skype. My experience with Microsoft (their owner) has been that they have been very good at addressing this type of thing.

Roksteddy 6:42 pm 10 May 16

They should be reported to the Australian Cybercrime Online Reporting Network
http://www.acorn.gov.au

dustytrail 3:48 pm 10 May 16

Thankfully, I am way past seeking a partner. Not sure I would want to hook up with someone via the mobile phone!

However… probably nobody on here remembers the early 1980s in Canberra when advertisements in Saturday’s Canberra Times for a “singles party” at people’s homes was all the go! I even had one at my place. All above board but “somebody” stole my Kenny Rogers (“Lady”) cassette.

Those where the days. One left the front door open in Summer to let the cool breeze through. I felt very safe in Canberra having moved here from Sydney where my place was like Fort Knox!

madelini 2:16 pm 10 May 16

As with any website where you converse with strangers, you need to keep your wits about you. Basic rule of thumb is that if someone you don’t know is asking for your credit card details, probably don’t give them (and especially not through a random website).

If a real person on Tinder wants to move the conversation away from the app, the usual course of action is to swap mobile numbers – or suggest that you will swap numbers if you get along in person.

HenryBG 2:08 pm 10 May 16

Mordd said :

Could have been worse. There is a far more insidious scam going around online dating services, from what I understand it goes something like this:
1) account user makes contact and agrees to meet up in person with the unsuspecting target
2) after a few dates, usually paid for by the unsuspecting target, account user demands to know where relationship is going, at which point the unsuspecting target is coerced into a shared living arrangement
3) unsuspecting target takes on increasingly larger proportions of living expenses
4) account user demands increasingly expensive gifts, ultimately seeking a diamond ring
5) account user takes half of the unsuspecting target’s assets

That scam’s been around since about 40,000BC. I can’t believe nobody’s shut it down yet.

dungfungus 12:45 pm 10 May 16

Anyone who has an account with GoDaddy may get an email from them which appears to be very genuine (even has the correct phone support number and customer number).
The email address: notice@e.godaddy.com is false.
The body of the email invites the customer to “set up auto-renew now” which is the “baited hook”.
When I phoned the real GoDaddy they confirmed it was a scam but couldn’t explain how the scammers had obtained customer numbers.
This is nearly as good as the regular “Australia Post missed delivery scam emails”.

devils_advocate 11:55 am 10 May 16

Could have been worse. There is a far more insidious scam going around online dating services, from what I understand it goes something like this:
1) account user makes contact and agrees to meet up in person with the unsuspecting target
2) after a few dates, usually paid for by the unsuspecting target, account user demands to know where relationship is going, at which point the unsuspecting target is coerced into a shared living arrangement
3) unsuspecting target takes on increasingly larger proportions of living expenses
4) account user demands increasingly expensive gifts, ultimately seeking a diamond ring
5) account user takes half of the unsuspecting target’s assets

Citizen Phil 11:00 am 10 May 16

Both sites are registered with https://www.servers.com, they’ll have more bite then AWS in this situation. But you’re going at this from the wrong angle, they have hundreds of domain extensions to keep changing to, .cloud, .club, .life, .online, etc. before they even have to think about changing the actual name of the site and just redirecting their traffic all around the place. No offence but your game of whack-a-mole with them will just make them better at their scam.

Try http://www.scamwatch.gov.au/ or http://www.ic3.gov/default.aspx and have them properly investigated. You’ve been scammed, got lucky because you were quickly onto it, but there will be hundreds if not thousands of others getting scammed like you and not reacting like you did. Help them by taking the scammers down properly.

Think about it like this, if you got robbed and the robber jumped in an Avis rent-a-car to escape in, you wouldn’t ring Avis and say please don’t rent them any more cars, you’d ring the police.

If it wasn’t AWS it would be Google’s or Microsoft’s or some other cloud platform out there. It’s not their fault, this is the price we pay for having freedom to publish whatever we want on the internet.

Sure hit the scammers hard if you’ve been ripped off but do it properly, and maybe be a little more careful online as well. Remember it’s always your fingers that punch in your credit card details.

miz 7:37 am 10 May 16

Thank you Mordd for having the courage to share your experiences and the persistence to sic the perpetrators at least temporarily.

K_c 7:09 am 10 May 16

The name Shaniqua wasnt the first tip off that something was amiss? Shaniqua is a go to name people rattle off when using a typecast “typical ridiculous black girl” name in jokes/memes etc.

Related Articles

CBR Tweets

Sign up to our newsletter

Top
Copyright © 2017 Riot ACT Holdings Pty Ltd. All rights reserved.
www.the-riotact.com | www.b2bmagazine.com.au | www.thisiscanberra.com

Search across the site