Internet fraud, a worsening cybercrime phenomenon, has reached downtown Port Jefferson.
Through various tactics, online scam artists have successfully targeted storefronts and events throughout Port Jefferson, scoring hundreds of dollars in profits.
During the 4th annual ice festival in late January, scammers sold eight fake tickets for a mac ‘n’ cheese crawl organized by the Greater Port Jefferson Chamber of Commerce. On the day of the event, victims presented their fraudulent tickets.
The tickets “looked very official,” said Barbara Ransome, the chamber’s director of operations. However, when chamber staff asked those presenting these scam tickets when they had purchased them, their response revealed that something was out of place.
“They said, ‘We got them two days ago,’ and that’s when I realized this was a scam because we had been sold out … for at least a week and a half,” Ransome said, adding that the popularity of the event created an opening for scam artists. “My speculation is that this person saw that these tickets were sold out, saw that people were looking for them and created this whole fraud situation.”
At Theatre Three on Main, a similar practice has gained traction. Although the theater sells tickets at $35 per seat, online ticket scammers have capitalized by selling back-row seats at enormous markups.
Douglas Quattrock, the theater’s director of development and artistic associate, reported one such incident where a couple spent nearly 10 times the going rate. “We had a couple that paid $672 for a pair of tickets,” he said.
Although only “a handful” of theatergoers have fallen prey to these ticket scams at Theatre Three, Quattrock considered the practice disruptive to operations.
“Being a smaller not-for-profit, we try to keep our prices very family oriented,” he said. However, he added that “scammers see this market as very attractive.”
But online scams are not limited to ticket sales. Jena Turner owns the Port Jeff-based gift shop Breathe, which offers nontraditional healing remedies and psychic readings.
In an interview, Turner reported that multiple phony social media accounts have emerged, using her photos and business name to solicit payments from unsuspecting patrons.
“Right now, I know that there are five accounts that stole my photos and are pretending to be me,” she said.
Social engineering
Nick Nikiforakis, associate professor in the Department of Computer Science at Stony Brook University, said internet fraud is becoming a growing concern for small business sectors, which are increasingly vulnerable to malicious cyber activities.“There are standard social engineering tactics, such as giving the victim a sense of urgency or taking advantage of their appeal to authority.”
— Nick Nikiforakis
He contends that online criminals have shifted their sights on smaller boutique organizations because large corporations are investing more resources into cybersecurity systems.
“Effectively, you have cybercriminals who are customizing their attacks toward small businesses,” he said.
Turner’s case, according to Nikiforakis, represents a common social engineering scenario.
A social engineer “makes an online account for a company with a brick-and-mortar presence and then tries to take the recognizable name and the good faith that the business has built,” the associate professor said.
He added, “They are targeting online users, pretending to be the person running this business,” tricking their victims “to send them money, divulge information or in some way get people to participate in a scam.”
A downtown dilemma
Turner said she has reported her digital imposters but has received no relief in removing these scam accounts from the Instagram platform.
“I had reported it to Instagram several times — and by several, I can say probably more than 20,” she said. “Instagram hasn’t done anything about it.”
Nikiforakis noted that there are considerable technical limitations for social media companies in policing social engineering activities. While they could theoretically verify with storefront owners whenever a platform is created in their name, online scammers often find creative ways to circumvent such safeguards.
“Things can be done, but this is inherently a cat-and-mouse game,” he said. Social engineers “are not attacking a security vulnerability. … They are abusing people’s faith and trust in institutions and recognizable brands.”
Lacking assistance from Big Tech, Turner said she took matters into her own hands, creating a video in which she wrote out her authentic social media handle by hand.
“I made that video, and I just keep reposting it on my story and on my Facebook so that people aren’t falling for it,” she said. “That’s been really helpful.”
But, she added, “We have over 8,000 followers, so not everyone has seen the video. Unfortunately, the scam is still ongoing.”
To respond to the number of ticket scam incidents, Theatre Three similarly released a statement on its website condemning third-party ticket vendors. “The only place to buy tickets from us should be www.theatrethree.com,” Quattrock said.
Still, he encouraged patrons to remain on guard for potentially inflated ticket prices and to approach online transactions cautiously.
For those who may suspect a ticketing scam, he implored them to call the theater directly before completing the transaction.
“If it looks suspicious to you, just call the theater and verify that they’re on the right website,” he said.
As online fraud persists throughout the local area, businesses and customers are not without recourse. Nikiforakis indicates that awareness of the typical social engineering strategies can help users protect themselves from participating in online scams.
“There are standard social engineering tactics, such as giving the victim a sense of urgency or taking advantage of their appeal to authority,” he said. “For both patrons and companies, by actively resisting this, you can slow down and potentially defend yourself against an attack.”