I was contacted the other day by a gentleman called Mr. Timothy Williams who wished for me to book a two week prepaid vacation package for him and his family with hotel and tours included. Mr. Williams was formal and very polite, as well as fairly well-situated, since renting three rooms at an exclusive hotel at Easter Island is quite costly.
The customer found my offered price satisfactory. It struck me as rather careless of him though when he sent me the credit card details by e-mail, his address, as well as a scan of his passport, before giving me a chance to send him the payment link. He looked like a very likeable guy in the passport, although a bit too naive for his own good. You never know if the person sitting on the other side of the computer is as likeable as Mr. Williams himself.
Sunrise at Rano Raraku – the volcanic quarry where virtuall all of the moai statues were carved.
It turned out neither of the two VISA cards he had sent me worked. One had the wrong credit card number and the other incorrect CVV-code according to our payment service provider.
I called Mr. Williams to sort out the problem, but there was no response. It seemed he and his family had already left for his trip while waiting for my confirmation of his stay at Easter Island. This would explain why he sent me the credit card details. Still being a reckless action, perhaps he knew he would be somewhere without internet access to complete the payment himself. I sent him an e-mail instead, letting him know how the transaction hadn’t completed and gave him links through which to pay.
Two days later I received an e-mail response from Mr. Williams. He apologized for giving me wrong card info, writing that he had spoken to his banker and then sent me two new credit cards – this time two MasterCard cards. He didn’t even mention the payment link I had sent him.
When trying to charge these cards, both gave me the same message – they had been blocked. This was very strange and suspicious. One should be well aware that one’s cards are blocked, since they can only be blocked by the owner himself.
Giving this person the benefit of a doubt, being a potential customer, I wrote to him about the outcome, pointing out that he should better try completing the transaction himself through the payment link. He responded shortly, sending me two new cards which he told me to charge instead.
That night I told my wife: “This guy is a thief. I cannot seem to understand what he gains from making me charge these cards… but I know it – he’s a thief!”
I took action the next day, calling the local police station of the area in the country where the real Mr. Timothy Williams lived, as well as making my web host company and Google (the thief used a Google e-mail account) track this guy to report to the local police station in the area where he’s from.
I was sure he was a thief, but I didn’t understand why he wanted me to charge these robbed cards. That’s what he should be doing himself. What could he possibly gain from this?
A while later I understood the mystery behind his dark, cunning plan.
I would receive the payment and send the money to the corresponding hotel. He would then call the booked hotel, claim that he was Mr. Timothy Williams, say that he was robbed of his credit cards and ask the hotel to send him back his money. In the end, the one who would look like the thief in this drama would be me, since I would have been the one to charge the credit cards. Luckily, the real Mr. Timothy Williams was quick enough to block his cards first.
There are masterminds not only on the good side. They are called con artists, because it truly is like an art how they scheme plans of how to in the end make you look like the bad guy… and I was walking right into the trap.