So you have been scammed

a small guide on how to strike back and be a bad scamee

Posted on 2018-08-31

Get new posts by email (~ one email every couple of months & no spam)

So you have been scammed

It's okay, it happened to the best and even large companies aren't bullet proof when it comes to scammers.

I myself was scammed out of 500$ but I fought back and in the end got my money back by sending facebook messages to his mother who was unaware of the fact he was a scammer.

Since the BBC and other major news sites have written about my journey I'm getting dozens of messages a week where people seek my advice or help to find out the real identity of their scammer like I found mine. I can't possibly help all people who ask me this is why I wrote this post.

This guide should help vicims of scammers to become a scammers worst nightmare. The best case scenario is that the person who scammed you is not a professional but a casual scammer. Professional scammers are way harder to track but you should always try.

Step 0: Report them

This goes without saying. If you have been scammed via a service like Airbnb or in a forum. Report them there. This will probably not give you your money back but maybe it will help others.

Now.. for the real steps

Step 1: Collect everything you can

There are many ways to get scammed: Skype, Facebook, Forums or plain old letters.

Doesn't matter how you were scammed the important thing is when you realize that the person you trusted is a scammer you have to save everything you have about them. Law enforcement calls this kind of research "Open source research". Because you are only legally available and public sources.

Create a spreadsheet and document everything including:

  • Nicknames
  • Messages or Emails including the date
  • Email addresses
  • Facebook profiles
  • Websites they sent you (phishing sites maybe?)
  • Phone numbers
  • Profile pictures and other photos
  • Make and save Screenshots of their profiles and accounts because they might be deleting them soon. Label them with the date you made the screenshot

This will not only help you if your case leads to an investigation by the authorities but also will help you keep track over everything.

Step 2: Deep Google searches

People are lazy and many scammers are too. They re-use usernames and emails, fail to cover their tracks and ideally you can use this to your advantage.

The first thing to throw at Google is the name or nickname. The guy who scammed me re-used his nicknames a lot and I found multiple links to profiles of his on platforms like Steam, a job website and eventually Facebook.

Don't be afraid to go further into Google than the first page! The holy grail might be just one click away.

And again save everything useful you find in your spreadsheet and make screenshots.

Step 3: Usersearch.org and haveibeenpwned.com

One of the most awesome search engines besided Google is usersearch.org. On this search engine you just enter the username or email address of the scammer and it looks on various sites where this username is taken. Why do we want to know? To strike back in Step 4

Troy Hunt has created the awesome website haveibeenpwned.com/ On this site you can enter an Email address and it tells you if it has been in a databreach. Why is this important? Because this will give you a nice overview on where this user is registered but don't go further than that. It might be illegal in some countries to download the actual breaches and look for their passwords in there, so don't do that.

When you know other platforms where they are registered you can write them there as a new user to get even more info. Which brings us to.

Step 4: Getting their IP Address

This is where things get technical. Feel free to skip this step but it might be the most promising step if it goes to court or even for a police investigation.

Have you ever wondered how hackers get caught? Most of the time it is because they leave traces. Most hackers use VPNs or other tools to anonymize their public IP address. Sometimes the VPN fails and they (unknowingly) connect to a target using their real public IP. The police can now take this IP address and go to the Internet Service Provider (ISP) with a court order and get the name and address of the person who was using this IP at the time.

So our goal is to get the IP address of the scammer.

There are services which can help you with that:

  • http://whatstheirip.com/ (You get a link that you send to the scammer and hope they click it. Maybe tell them it's a photo of a transaction statement or something)
  • http://www.whoreadme.com/ (A service that sends emails with trackers inside and if the scammer opens it and their client downloads supports it, you have their IP)

If you already are an IT wizard

My advice would be to rent some cheap virtual server for example from Digital Ocean (they have some for 5$ a month which will be good enough) and install a webserver or some free image hosting software on it. Maybe also get a domain that sounds like some image hoster so you won't have to send them an IP address (which nobody will click on). Then send the scammer a link and check your servers log files for their IP adress.

Getting their IP address is very important if you are going to press charges since the IP address is the main identifier for online users. But if the scammer is a professional they will most likely use a VPN or proxy server. In this case all you get is the IP of their VPN.

Step 5: Use the info you gathered

If you feel that you have enough information about your scammer you have a few possibilities.

Drop it on the scammer

Write your scammer and tell them SOME of the things you know about them. Never give them everything you have. For some scammers this might be enough to give you your money back.

Drop it on their surroundings

This really depends on what you found out about them. Found out where they work? Call their company. Found out names of friends or family? Contact them.

I actually got my 500$ back by writing my scammers mother and brother on Facebook. The chances were not good but if it's a young scammer from a somewhat stable family this might work for you as it did for me.

Give it to the police and "lawyer up"

In some scenarios this would not be possible. For example if they're from a country where you have no chance to file a police report. But if you do have the chance: DO IT

Print out everything you have collected and take it either to the police or to your lawyer.


I hope this short guide can help a few of the poor souls who write to me in hopes of justice


Comment using SSH! Info
ssh f057c@ssh.blog.haschek.at


    Tags: scammer | guide

    1ChrisHMgr4DvEVXzAv1vamkviZNLPS7yx
    0x1337C2F18e54d72d696005d030B8eF168a4C0d95