Inside a Wine Scam: Email Order Fraud

Last year a local winery couple was stung for $40,000 by an internet wine scam. I found out completely by accident and we were able to save them after the money was transmitted to the scammers’ bank! It was close, though. They are a hard-working, ‘advanced middle age’ couple who do not spend much time on the internet, and they did not realize that this order for two pallets of wine was completely fraudulent. This led me to research and write what turned out to be a 5-part series on how these scams work, how to find out if an order is fraudulent, and how to protect yourself.

I am still getting hits, emails, and phone calls regarding the series, so I would like to post a link here for any wineries/shops that are trying to research questionable orders.

Inside a Wine Scam
Introduction
Part I: How the Wine Scam Works
Part II: The John Nelson Letters
Part III: Law Enforcement, ‘It Ain’t TV, Lady’
Part IV: Who’s in Your Wallet?
Part V: The Worm Turns
Follow Up: Money Orders

Please feel free to comment or ask questions here.

Hey, this is pretty cool - thanks for the links. Haven’t read them all yet, but I plan to.

The law enforcement officer I interview in Part III is a San Francisco detective and one of our friends from eBob. He had some amazing stories to tell about finding wall-to-wall caches of stolen wine and champagne, much of it in wood boxes. He asked not to be named though because he was helping out without prior jurisdictional approval. Very kind of him to answer my questions.

I used to get a lot of the “I want to buy your product” emails (apparently oblivious to what it is I actually sell), and asking if I would accept MC or Visa. Lately, they are “I am having a birthday and my agent will pick up the wine”…

Here is what I wrote in response to one of these guys asking to buy my “product”:

Dear Mr. Bola:
Thank you for your kind inquiry regarding our product. Your timing is most fortuitous, as we have been actively discussing an effort to open the very markets you describe! As you already know, we export a wide range of products around the globe, but we have not met a person in whom we can repose the requisite amount of confidence and trust in your area. However, your very professional inquiry leads us to believe you may be that man.

We are interested in selling our full inventory of Kickapoo Joy Juice, which you probably know is manufactured by L’il Abner in Dogtown, USA. This product, which is known to increase vitality, renew hair growth and slow the aging process is in high demand world-wide, but we think we can sell even more of it in your market.

Our plan, if you are able to confirm that you can effectively distribute this product through the appropriate channels, would be to deliver to you three full shipping containers of the product. Your people would need to take delivery at the nearest seaport, and handle the matter from there.

This product is quite lucrative. Although the cost to you is only $3,790,000.00 (3.79 million US dollars), the value at the retail level is approximately $9,680,000.00 (9.68 million US dollars). As you can see, there is much money to be made!

Upon a showing of good credit and suitable references, we could extend you credit terms of 90 days after our delivery to you before payment is due. It would be our hope and expectation that you and your associates could sell the product before payment is due, and be enjoying the comfort that the financial security of our business relationship can provide.

We are ready to load the containers onto a ship as soon as we can finalize our relationship and any necessary terms. Please let me know if you are interested in working with us.

With best regards,
George Custer, US Army Colonel (retired)


Didn’t get any phishing emails for a long while after that…

Classic John. I wouldn’t expect anything less from you.

John, you should print that as a brochure and sell it on eBay for $5. Come to think of it, you could sell it to the scammers and the victims!

Classic, John! [good.gif]

Oh man!! John, that is absolutely awesome! Hilarious. Good job.

This needs to be Holdredge’s avatar:

Mary, thanks for posting those links. I was just telling someone about that scam the other day since we get those emails as well. I remembered reading about your experiences before but couldn’t remember the details on how the scammers supposedly made any money off of this.

We still get the occasional request for twenty cases of Dom or Cristal. Carrie takes joy in getting the names of the cardholders, card number and addresses. Then she tracks down the card holder and calls them. About 90% of the time the card holder didn’t know their card was being used. She started doing this because she couldn’t get any credit card companies to even notify the card holder. A couple months ago, kept emailing the crook saying the card was declined asking if he had another card. This bozo gave her six different cards, including the different names and addresses, which Carrie located and contacted. Only one knew their card was compromised.

Carries is doing her part to rid the world of evildoers!! [berserker.gif]

A faster alternative is to look up the card number in the Mars Bank Base and call the main bank number. But on the other hand, calling the individual card holders is a personal touch and who knows, it may build good will for your business.

Usually if they give you four stolen numbers, they all begin with the same bank identifiers. The first 12 digits are always identifiers, easy and free to obtain, and then the scammers use a software that spins through random numbers for the rest of the credit card equation until they get a ping for a number that conforms to the Luhn algorithm. Then they know they have a potentially issued number, but they can’t know if it is activated, or compromised, or protected by Fraud Alert systems, which is why they usually split their order among four or more cards. On behalf of “friends” of course.

After a few days, John sends his credit card information. He provides no less than FOUR Mastercard numbers, with instructions in ALL CAPS to divide the charges equally. The first 12 digits of each card are identical. The first six digits of every credit card is a BIN—bank identification number. Rather than deal with a generic Mastercard phone number, I look up the BIN—512107—using a free shareware program called > Mars Bank Base> . The issuer is Sears National Bank, and a contact phone number is provided.

I am fortunate to speak with Angela at Sears Bank, who is friendly and professional. Although she cannot reveal who the real cardholders are, she checks each number and assures me that the owner of each card is NOT a Mr. John Nelson. She will immediately lock each account, notify the real cardholders of the attempted fraud, and issue new cards.

Okay, Ms. Mensa - I’m way smarter than your average bear, but would you translate this for me, please? [tease.gif]

Bob, think of the first number as the routing number on your checking account. The last digits are created using a complex algorithm that takes the first numbers and crunches on them. The last digit is typically a check digit. The back of the card that has the three additional numbers for security are randomly generated separate from the front.

The first number tells you the Major Industry player. All Mastercards start with 5, Visa 4, Amex 3.

The next five numbers tell you the bank (Bank of America, Wells Fargo, etc) and the region. With just the first 6 numbers you can look up the issuing bank and their direct toll-free number–you don’t have to try getting through to someone at say, Visa, for help.

The next 4-6 numbers are a part of your account number.

The final number is a check sum, and if you play all the numbers backward slowly at 33 rpm, they total God.

The numbers on the back are just random stuff.

Where’s the moon emoticon? I’m just not happy with this selection at all … [cheers.gif]

Well played, Mary. Very well played. Backatcha.

Mary, this is a great series of articles, and very helpful, especially the tips and tricks for tracking IPs and verifying credit cards.

I’ve passed the links around up here a bit. Kudos, and thanks from up north. [notworthy.gif]

Thank you, thank you,

Hi Mary, Great series, well written and presented. I see this type of stuff often working in Finance and IT, and where ever there is an angle, there will be fraud. Its amazing how its evolved into being so much more business like, simply amazed that they have considerations on front man turn-over.

Mary:

I just received an alert from a local colleague. At least two big name wineries have had this scam attempted very recently. I just forwarded a copy of your post to our local group, along with links to your series of articles.

I wanted to thank you again for the service you have done for the wine community by making this info available.

[good.gif] [ok.gif] [thank_you.gif]