ProZ.com series on Risk Management: Scammers who steal translations

By Enrique Cavalitto | Published  07/5/2012 | Business Issues

Contact the author

Quicklink: http://www.proz.com/doc/3613

Author:

Enrique Cavalitto
Argentina
English to Spanish translator
Became a member: Mar 4, 2006.

See this author’s ProZ.com profile

They offer you work. They take your translation. They disappear.
Three categories of evil and two basic rules
There are three basic categories of scams targeting the translation industry:

  • General, rather silly scams common to all areas of activity, such as Nigerian and Dating scams. At this level you should be protected by a reasonable amount of common sense. Just remember that if it looks too good to be true, it probably is.
  • Scams from outside the industry aimed at stealing money from us using translation as an excuse. Examples involve sending fake checks to translators and asking them to wire good money back (such as the overpayment and the Secret Shopper scams) and several pay-to-work scams. Reasonable risk management policies should be enough protection at this level.
  • Scams from inside the industry aimed at stealing translations. These scammers are by far the most dangerous, as they know about translation and can sound very credible to both clients and translators. To be protected at this level you need solid risk management procedures and information sharing with the community.

This article will describe some typical scam mechanisms in this third category, targeting both translators and translation clients. Some notes on risk management will be analyzed in each case, based on the first two (among many other) risk management rules for translators when contacted by a new potential customer:

  1. Rule #1: Get verifiable contact information AND verify it to be sure that the persons contacting you are who they say they are, and that they really represent the company they claim to represent.
  2. Rule #2: Check the creditworthiness of the potential client using the ProZ.com Blue Board and other similar tools available in the market, by Googling the outsourcer name and other similar tools.

Sharing information with the community and learning about the methods and styles used by scammers are powerful tools. ProZ.com provides a dedicated forum for scams and translator scam alert reports. ProZ.com members can subscribe to these messages.
Impersonating existing institutional outsourcers
This is the case of scammers who impersonate an existing agency or end client and ask for translations just like any outsourcer would, looking for translators in professional directories, hiring them, negotiating rates and conditions, managing the project and getting the deliverables and the invoices. At this point they will vanish, and if you pursue them you will discover that the real outsourcer you thought you were working for has never heard of you before.
This kind of scam will overcome rule #2 above, as you would be checking the creditworthiness of an outsourcer you are not dealing with, and of course you will not be able to leave bad feedback for a client you did not really work for.
Your protection here lies in rule #1. In this particular case, the main challenge is to make sure that the person contacting you on behalf of a company is entitled to represent it.
Checking email and IP addresses is a valuable source of information. An alleged PM of a London-based firm sending an email from Nigeria is a bad sign. A PM from the agency ‘BigCompany’ using a free email (for instance big_company@gmail.com) should set off alarms. More difficult to detect are email addresses where a small change has been made to the web domain (for instance @big_company.com instead of @bigcompany.com).
In the case of new corporate clients, you should always investigate their web page and check their contact information. There you should find the web domain for their emails (the text after "@" in their email addresses). Sending an email (to the address found in the web page) or making a phone call to ask for confirmation about the job opportunity is a good precaution and, assuming your request is courteous and professional, should be considered a good working practice by any serious company.
You can find examples of this kind of scam here, here and here.
Impersonating existing freelance outsourcers
Sometimes the impersonated outsourcer is not an agency but a respectable translator. Serious freelancers using Gmail, Yahoo or similar email addresses are commonplace and it is not simple to know what is the real email address used by a translator (for instance, ProZ.com does not display its users’ email addresses for privacy reasons and to protect them from spammers).
If the alleged outsourcers are ProZ.com users, contacting them through their profiles asking for confirmation of the offer should prevent most impersonation scams of this kind.
The worst situation is when the email address from a translator has been compromised or stolen by a scammer, who will then be able to ask you for a job from this legitimate address. Whenever possible, it is a good idea to seek confirmation using a different channel (such an SMS, phone call, Skype, etc.). Remember the principle stated above that contact information should be verifiable and verified.
A variance of the stolen identity scam has the scammer allegedly acting on behalf of a known colleague to help him/her after an incapacitating blow (such as a stroke or an accident). Be especially alert in these cases and do not forget to validate the situation through an independent channel.
You can find an example of this kind of scam here and here.
"Creating" a false outsourcer
In these cases the scammer will not impersonate an existing outsourcer but create a false one, including a name and email address, and in some cases a company name and even a web page for that imaginary company.
These scammers will contact you asking for your professional services just like any other client would, but they have no plans to pay you and they will disappear after receiving your translation. Victims may get a sense of false security because the scammers show a "company website" or because they have a ProZ.com profile, and may even have paid for membership, but none of these facts ensures that the client is a real one.
Some useful hints:

  • The "client" has a small Google print (searching for them provides few or no hits), something very unusual for an outsourcer.
  • No information about them in the ProZ.com Blue Board and other similar tools (until the scam is blown, and then they move to a new set of names and web pages).
  • Their web pages look cheap and have poor design, and they usually have no real contact information (PO boxes and no phone number, for example).
  • In some cases by googling text strings from the web page you may discover that its content has been assembled with text stolen from one or more real pages.

The case of the "company" Lego Translations represents an interesting example:

  • They had a web page with no Google print .
  • No phone number included.
  • The physical address was in Los Angeles, USA, but the IP address located them in Amman, Jordan.
  • When the address provided was investigated using Google Maps and the associated cameras, it showed a book store whose owners, when contacted, confirmed that there was no such agency there.
  • Last but not least, content of their web page was stolen from several real web pages.

You can find out a lot when you investigate with tools available to everyone.
Impersonating clients AND translators
Outsourcers report being contacted by scammers who quote for jobs impersonating talented translators, using the real providers’ profiles and CVs as evidence of professionalism. After getting the assignment, they deliver a low-quality translation, probably machine-translated, and an invoice. In some cases the agencies pay the invoice and take note to never again work with that service provider.
In this case both agency and real translator were scammed, as the former lost money (and probably a client) and the latter, totally unaware of the scam, lost professional prestige. The outsourcer should have obtained a positive confirmation of the translator’s contact information.
More complex scams have been reported and reconstructed, where the criminals act in-between translators and agencies with the following method:

  1. A real outsourcer posts a job online and the scammers get access to the job details.
  2. Scammers apply for the job impersonating a real translator, with the real data and the real CV of the real service provider, but with a fake email address.
  3. Eventually the outsourcer assigns the job to the scammers in the belief that they are dealing with the impersonated (and totally unaware) translator.
  4. Once the scammers get the job, they impersonate the real (or another) outsourcer and offer the job to their victims, usually offering excellent rates.
  5. When the scammer receives the job from the victims, they deliver it to the original job poster, get the payment from them and then they disappear.
  6. Unpaid translators complain about non-payment against an (impersonated and fully unaware) outsourcer who never contracted any work from them, and the whole scam is discovered, unfortunately too late.

A scheme like this can work only if both the the real outsourcer and the victims fail to properly get and verify the identity of their alleged partners, again our rule # 1 in risk management for translators.
A closing note of caution and hope
The purpose of this article is to raise awareness to the fact that there are plenty of scammers in action. Every week reports are received of colleagues who were robbed of their efforts and/or their money. This should not be underestimated, we are talking about organized crime that steals millions of dollars each year. And most of the victims would have told you that this was not going to happen to them.
There is also a note of hope here, since by following some simple risk management procedures you can be protected from most scams. Risk management is not rocket science, nor a trendy term to be used in threads and conferences and ignored in practice, but a key activity that should be part of the core competences of any freelancer.
As a freelancer you are an economic unit, a small company, and you are responsible for the many processes of a company, including risk management. At the end of the day, what protects your time and money from networks of organized criminals is the quality and consistency of your risk management procedures.
For further reading

  • ProZ.com wiki: Risk management for translators and interpreters
  • ProZ.com wiki: Risk management: the Blue Board
  • ProZ.com wiki: Risk management: Email
  • Copyright © ProZ.com, 1999-2012. All rights reserved.

    **************

    Dear Gxxxxx Lxxxxxxx:

    The following translators scam alerts were issued this week:

    July 7, 2012: The first article of a planned ProZ.com series on Risk Management has been published at

    http://www.proz.com/doc/3613 on the subject of ‘Scammers who steal translations’. These scammers, widely reported, are the most difficult to identify because they know the industry and they can effectively impersonate legitimate outsourcers and translators. Please read this note and, if possible, let other colleagues know about it.

    Raising awareness on these issues is our first line of defense as a community.

    July 3, 2012: Overpayment scam reported using the name "Mario Bortolo" and the email address mario.bortolo(at)yahoo.com.

    July 2, 2012: Scam job offer sent by ‘Adam Johnson from Adams Farms’, email address adam.farms(at)aol.com. Adam Farms is probably a legitimate business whose name and contact data are being used by the scammers to create confidence in their victims.

    You can read the full reports at

    http://wiki.proz.com/wiki/index.php/Translator_scam_alert_reports

    Regards,

    Enrique Cavalitto

    You can unsubscribe from these digests at

    http://www.proz.com/about/translator-scam-alerts/subscribe

    Advertisements

    About this entry