Online Scams and Payment Frauds Explained
In late March, a Russian shopper named Oleg spotted a new PlayStation VR2 headset listed on a popular marketplace for 37 thousand rubles. Other sellers asked for 50-60 thousand. The deal looked tempting, and the buyer proceeded with payment using a marketplace issued virtual debit card. The system promised to release funds to the seller only after delivery confirmation, but that confirmation never happened.
About an hour later, a call came in. The caller claimed to be a store employee from the same marketplace where the PS VR2 was purchased, insisting that delivery details had to be verified per the standard process.
According to Oleg, the call quickly grew suspicious. The supposed courier asked him to re-enter his number to enable delivery and to repeat a code sent via SMS or app notification. Oleg reported that he never received any messages, and shortly after he refused to share further codes, the caller ended the call.
It became clear that the caller was attempting to reset the user’s marketplace credentials. Attaining the verification codes would give the attacker control of Oleg’s marketplace account and, potentially, access to all linked financial options.
Oleg reported the incident to marketplace support. After several hours, the scammer was blocked, and the purchase amount was returned to Oleg’s account. The event underscored the risks of social engineering and credential theft on shopping platforms.
the risk is real
Security experts from the RTK-Solar External Digital Risk Analytics Center noted that Oleg was fortunate to avoid a major loss. They explained that a typical fraud scheme relies on hijacked accounts where the attacker binds a payment method to the account, cancels the order, and then has the funds returned to the fraudster rather than the buyer. This is especially effective on marketplaces that use a buffer or escrow-like mechanism to hold funds until the purchase is completed.
These experts caution that the vulnerability is not unique to one platform. Similar schemes target other large marketplaces where a trusted intermediary handles funds during a sale. The pattern suggests that fraudsters are aiming to exploit the trust built between buyers and the marketplace and to exploit any gaps in verification processes.
Nikita Leokumovich, who leads the response and digital forensics team at Angara Security, points out that online fraud on marketplaces is not new. Yet perpetrators continually adapt, crafting new approaches to steal money, often by leveraging current events and popular products.
Many of these attacks begin with alluring advertisements on social networks or messaging apps that promise heavily discounted items, sometimes for a single ruble. The scam links lead users to a marketplace page, where a bargain sets the hook. Once a payment is placed, the scammers contact the buyer with further instructions that push the user into sharing details or following dubious steps.
Other variants include threats that the purchased item is no longer available, followed by a request to process a refund and then direct the buyer to a message channel that resembles a real store. The scammers may then order more goods or have items shipped to a wayward address, all while the victim bears the loss.
When attackers gain access to another person’s account, they can place orders, pay from the compromised balance, and resell items on a hidden or dark channel. The current schemes cover many popular marketplaces and remain a recurring threat in this space.
Ksenia Rysaeva, leading analyst at Innostage CyberART Center for Combating Cyber Threats, notes that many scam operations begin with a legitimate-looking seller profile. Once the trust is established, a carefully crafted plan accelerates the scheme. Account hacking has gained traction after new payment features launched, enabling attackers to use stolen credentials for fraudulent activities, including unauthorized loans in the victim’s name.
who is right who is wrong
Security researchers say platform operators actively hunt for scammers and frequently block them before they can do lasting harm. The pressure to act quickly is high for fraudsters, who try to maximize the number of victims in a short window. Even when the loss seems modest, like a fraction of a popular product’s price, the potential aggregate gain can be substantial.
Experts emphasize that transferring access to an account to a third party directly violates marketplace terms of use. In such cases, ultimate responsibility rests with the buyer, though platforms are expected to provide clear information about sellers and security measures.
Marketplace operators advise buyers not to share personal data with sellers. They stress that authentication should occur within the platform itself, and that external payment links or requests to provide additional numbers from a third party should be treated with extreme caution.
As the Oleg case shows, social engineering remains a persistent risk. Even when a message comes from a familiar lookalike channel, users are urged to verify the request within the official app or website and to avoid actions that could expose account data.
Commenting on accountability, experts remind that if a fraudster is not registered as a legitimate business on the platform, the marketplace may still bear responsibility depending on the evidence gathered by investigators and authorities. The goal is to ensure buyers receive reliable information about sellers and to provide avenues for redress when wrongdoing is confirmed.