When hundreds of thousands of people were losing their jobs each month, UI freshman Tim Riphagen was offered one that contended it could pay him several hundred dollars per week.
All he needed was a computer with Internet access.
“I’ve been told by lots of people to be aware of making money off the Internet,” Riphagen said. “But I decided it’s easy money, and I will try it out.”
Now, he wished he had just hit the delete button.
Riphagen is not the only one who got this job offer. On Jan. 11, an estimated 21,000 UI students received the same letter through their university e-mail accounts, offering them a “challenging and well-paid employment opportunity.”
Ostensibly coming from someone called “Carla Baker” and addressed to each recipient’s first name, the e-mail said students could earn $300 to $550 each week by participating in online surveys.
Out of the 497 respondents who replied to this reporter’s questionnaire — which was sent out to more than 30,000 UI students in March — nearly 40 wrote back to Baker in an attempt to learn more about the job.
“Oddly enough, I did reply to that e-mail — which is very uncharacteristic of me,” said Michael Place, a sophomore in computer science. “I am pretty good with computers and technology and do not normally fall prey to such traps, but for some reason, this one got the better of me.”
The e-mail tricked more students than Place.
At least four students paid a $30 membership fee to Baker’s company, and three more had paid to similar companies, the questionnaire shows.
But no one received a cent.
“It is definitely a waste of the $30,” said Erin Carney, a freshman in informatics. “I thought I could trust it because it came to my university e-mail.”
But the university Hawkmail system isn’t a perfect filter.
The questionnaire shows UI students receive an average of five spam/scam e-mails per week and dozens in a three-month period.
Although the UI uses the commercial software PureMessage to filter spam and tag suspicious e-mails, the software cannot recognize all junk mail, employees of Information Technology Services said.
That’s what happened with the Baker e-mail.
In an effort to find out who sent the letter to thousands of UI students, this reporter tracked the scam back to Sofia, Bulgaria, locating a business executive who said he had been unknowingly victimized by the fraud.
Various Internet blogs and discussion boards reveal that “Carla Baker” sent identical e-mails around the same time to California universities and to Melbourne, Australia.
The Internet Crime Complaint Center received 275,000 fraud complaints nationwide last year — a 33 percent increase from 2007. Of those complaints, more than three-fourths of fraudulent contact took place via e-mail.
When the scam came to the UI
For the student victims, the e-mail trail started shortly after they responded to “Carla Baker” and received a reply thanking them for their interest and directing them to a website — KTY Research.
KTY Research describes itself as a leading marketing-research organization. To become a member and receive payment for taking online surveys, people are required to pay a $30 one-time membership fee to access a “database” of KTY’s “partner companies.”
After gaining access, members can register with KTY’s “partners” by filling out profiles. They then need to await e-mail invitations to participate in online surveys, each worth $5 to $100, KTY says.
Carney and her friend paid the $30 fee but never earned any money.
Riphagen arguably had a worse experience. After paying KTY, he signed up with many “partner” companies. On one survey site, he had to pay a $4 shipping fee to get a free sample product before receiving $10 for a survey he took. Two weeks later, he found an unsolicited charge of $87.13 on his debit card by the survey site.
“I was pissed,” he said. “It’s a whole scam thing.”
Approximately 1 in every 100 American adults fall victims to fraudulent work-at-home programs in which the purchasers earned less than half of the promised amount, according to the Federal Trade Commission’s latest Fraud Survey in 2005.
The chain game
Many students who responded to the questionnaire wondered how the scammer obtained their university e-mail addresses and first names.
“[The Baker e-mail] looked legitimate because it was sent to my university e-mail address,” Place said. “Very few people outside the university would know this address.”
But that’s not the case for scam artists.
Student e-mail addresses are listed in the university’s online directory, and scammers have special computer software that can simulate a person accessing the directory and copying it onto an e-mail list, said Jane Drews, the UI’s information technology security officer. The software can even generate customized e-mails addressing to students’ first names.
“You can write a program to do anything,” she said.
E-mail lists can also be traded numereous times on the black market and online hacker communities. To make money and combat the often-low respondent rate, scammers need to send mass e-mails to millions of people, Drews said.
But sending mass e-mails was only the first step of the Baker scam. The game started at KTY’s website, which the e-mail job offer directed people to.
Although the site indicates it was established in 2003, a domain search through the web tool whois.com showed it was created on Jan. 1, just days before thousands of UI students got the mass e-mail.
However, the search could not reveal the website’s owner because all the contact information was provided by a third-party registration service, Privacy Protect, which works to conceal KTY’s identity.
A call to Privacy Protect initially led to an answering machine in Denmark. Moreover, an executive at one of KTY’s listed partner companies said he had never heard of KTY.
But this was a key part of the trick.
John Murry, a UI associate professor in marketing, said most survey websites are middlemen: market research companies paid to recruit survey takers, and the survey websites then pay individuals to complete questionnaires for the original research companies.
KTY Research, however, secretly joins the chain, charging a “membership fee.”
“You should never pay to take a survey,” Murry said. “The money flows the other way.”
Tracing the scammer
Upon learning of this reporter’s findings, Privacy Protect disabled its privacy service for KTY Research. Contact details for the website then became searchable on the Internet.
A second domain search revealed KTY’s owner to be Lyubomir Lalev in Sofia, Bulgaria. The website was registered under the company Goton Ltd., which sells health and sports products in the country.
However, Lalev, reached by phone in Bulgaria, denied knowing about KTY Research.
“I’ve never worked on a computer,” said Lalev, the manager of Goton Ltd. Sounding nervous as he spoke through a translator while driving, he said: “I have no idea what’s going on.”
Lalev said he has three employees and doubted they could design a website in perfect English.
“This is too much for me,” he said, his voice trembling. “I have to pull over my car.”
Lalev vowed to investigate the situation. In a phone call one week later, Lalev said he suspects the person who designed the Goton, Ltd. website stole his identity. However, he said, he never made any direct contact with the site’s designer because his employees handled everything via e-mail two years ago. Since then, nobody has updated his company website, he said.
Although unable to identify the culprit, Lalev said, he asked KTY Research’s hosting service to clear his name, which worked.
A following domain search showed KTY’s owner to be “James P” in New Belgrade, Serbia.
Who can catch the scammer?
Although there are relevant anti-spam laws, it’s hard to enforce them, local police officials said.
“The victim may be here, but the crime is virtual and generated elsewhere,” said Iowa City police Sgt. Troy Kelsay. “We just don’t have the resource to investigate across the country or the ocean.”
Lt. Jim Steffen, the Iowa City police investigation commander, agreed.
“The law has no problem,” he said. “It’s just the Internet that shrinks the world.”
But the Internet in different locations is not necessarily the same.
Before Sara Hawley transferred to the UI for her junior year, she never had any spam problems at her previous school, the University of Northern Colorado.
And students from Iowa State University and the University of Northern Iowa said they rarely receive any spam e-mails.
The UI has a mass e-mail policy that requires anyone who wants to send a message to more than 1,000 UI recipients to go through an official review process, but scammers simply go around this rule.
In the end, many wonder who can, or should, catch the scammer.
“If the [criminal] action goes on long enough, it will get caught,” said Eunjin Jung, a UI assistant professor of computer science. “But at this point, and as an everyday person, the best thing to do is to get educated.”
Fortunately, Riphagen’s bank helped him get his $87 back. He has since withdrawn his membership from all of KTY’s partner companies.
“I screwed up,” he said. “I’m glad my experience can tell other people not to screw up.”
