
It's All About Fraud
We recently encountered a significant problem with a long-term client. We received a text message stating that they overpaid and that we need to Venmo them the money. The next morning, we received a voicemail from an unknown number before we opened. The voicemail was from someone claiming to be the client, who said they had overpaid and asked us to Venmo them the money back. This went on for several days, both via text messages and early-morning phone calls. The name left on the voicemail didn’t match our client’s name, nor did the phone number. When we called the number, it dropped straight to a full voicemail box.
After the first day, we checked the books and found no record of the client overpaying. We did reply to the SMS message with a short and straightforward:
We have attempted to reach you. Your voicemail is currently full.
~Simply Web Services
After the second day, we attempted to contact the client. Our first attempt was via email, since that was the client’s preferred method of contact.
On day three, the issue recurred, with them claiming two overpaid invoices and threatening chargebacks. We then attempted to contact the client again.
This is now getting serious and is affecting our daily operations. We were about 95% sure this was a scam and that all signs led to someone pretending to be the client. The problem was that the client wanted us to work with his assistant, whom we were very familiar with. We knew the client and recognized his voice, but the voice on the voicemails was not his.
It was around this time that things got strange, and the scammers showed their hand. The client self admittedly isn’t very technically savvy and the scammer was asking for us to setup and manage an email campaign for them (which is something we can do) and then they asked us to setup a dedicated email server for them with certain requirements, and they included the good old phrase of “I have consent to send emails to these people”, which means, I’m going to use the email server to send SPAM.
It was also at this time that we decided to no longer respond to these text messages and voicemails, and to tell the client that he needs to call us ASAP, that we recognize his voice, and that his email account has been compromised. The client called us in about 10 minutes; he wasn’t aware of any of this, and he obviously wasn’t seeking a chargeback or looking for an email server. We told him that it looks like his Comcast email account has been compromised and that he needs to change his password first to lock out the scammers. He or his assistant needs to go through his email inbox and figure out what other businesses they might have been able to contact and try to scam.
How This Scam Works
The bad actor gains access to your email account, likely through shoulder surfing (looking over your shoulder) or by hacking into it. In this case, the client was traveling in the same locality from which the phone calls originated. Once they have access to your email, they rummage through your emails, looking for potential payments that you made that they might be able to get the money back from. They will contact the companies and state that they overpaid or that they don’t know what this charge is for. The hope is that the company will avoid chargeback fees and simply refund the money via a service like Zelle or Venmo. They get the money, then run to the next victim. In this case, they hit up a technology company, and we recognized this as a possible scam. Hopefully, we were able to save our client a bunch of headaches.
In the near future, Simply Web Services will implement a PIN code for all clients, enabling us to identify the person we are communicating with, whether that person is an employee or a client’s representative.
Is Your Business Protected Against Fraud?
Scammers are getting smarter — and small businesses are prime targets. Email impersonation, fake chargeback threats, and Venmo/Zelle refund scams are on the rise. If it can happen to us, it can happen to you.
At Simply Web Services, we don’t just build websites — we help protect the businesses behind them. From cybersecurity awareness to secure client communication protocols, we’re here to help you stay one step ahead of bad actors.