This sounds extraordinarily poorly handled by the RCMP. He could show that he purchased it from his own credit card and on Amazon, so that's pretty good evidence that he's the victim of fraud, not the perpetrator of it. Weird how extremely aggressive the RCMP is.
That this is allowed to exist in legal limbo is ridiculous. He should be able to demand rectification and damages. And the real problem here is of course Amazon for enabling such scams. They should be on the hook for this, not some unsuspecting customer. And the real fraudster should be easy to track down through Amazon if they've done their due diligence.
In terms of the RCMP and their aggressive behaviour. It makes perfect sense. First Nations people have not been treated well by the RCMP or LE for a very long time in Canada... This still persists to this day, systematic discrimination and all that stuff.
Yeah what I got from the story is how unprofessional the police were. Unless there's more too it, the whole thing sounds like it should be an administrative investigations where everyone involved is assumed to be a victim unless more evidence comes to light. But somehow they rushed to treat this guy like a criminal.
As a foreigner, the only I have ever heard or seen of the RCMP is how courteous they are, with their red jackets, on fictional TV shows and movies, and how agressive they seem on the news.
RCMP's main purpose is to serve as the enforcement arm of big corporate interests and politicians. Their secondary purpose is to serve themselves. Serving Canadians and upholding the law is like 30th on the list.
I will have to write a case study on this at some point, but triangle fraudsters have attempted to use our company's delivery service [0] to fulfill curbside pickups from Best Buy etc presumably to unsuspecting e-commerce buyers. I noticed certain a subset of users frequently changing their card, and the name on their delivery, and figured out what they were doing.
We stopped a few dozen attempts, filing police reports and contacting the people with names matching the cards. We now use Stripe Verify to ensure identity matches, which I really would have preferred not to do as a privacy-oriented person.
Interestingly, the police usually didn't want to deal with these things, even if the merchandise was in their jurisdiction
We provide ID verification specifically for eCommerce to help prevent chargeback fraud: https://getverdict.com
This is the first where I've heard of using IDv for preventing triangle fraud on the fulfillment side.
Just curious - how does this fraud harm you the delivery service? The chargeback hits the merchant only no? Or are you the merchant in this transaction as well?
Sounds about right, the RCMP has a long history of First Nations neglect. This seems like it would be a straightforward case to prove his innocence. Also a good reminder of why it's important to never speak with police without a lawyer.
Except we don't have the same rights to a lawyer as in the US. We have a right to speak to a lawyer, but that could be over the phone and they are not present during questioning:
By the way, quick aside, if you go to the police yourself (someone wronged you), you should also go with a lawyer. It'll be taken more seriously, be harder to dismiss, and be both council and support while you go through the steps.
Unfortunately, Canada does not have the same legal protections (both in written law [i.e., the Bill of Rights] and in jurisprudence) as in the United States.
Great, all it takes in Canada to ruin someone’s life is to know their name and address, and a stolen card!
I’m still missing one part, if that woman has her account hacked (plus the credit card, isn’t it supposed to be encrypted in walmart site?), and that scammer sent the goods to the guy, how did the scammer know that the guy ordered the stuff in the first place?! The coordinated attack is a little too sophisticated for a stolen credit card, because that would assume the scammer is also hacking that guy amazon account? Unless the seller is the scammer or part of a scammer ring and whenever he placed that order, they used the woman card to make the purchases, but why bother, they could’ve just used that card somewhere else, harder to track and a higher outcome? something isn’t adding up.
That being said, I always use virtual cards for anything online, and those are a “prepaid credit cards”.
> how did the scammer know that the guy ordered the stuff in the first place?!
The idea is the scammer is the seller on Amazon. So the guy orders from Amazon Marketplace, the Marketplace seller uses a hacked Wal-Mart account to fulfill the order and pockets the cash from Amazon.
Slightly tangential question but why is credit card security so weak in the first place? I mean all we need is 16 digits of card number, 4 digits of expiry date and 3 digits of CVV. The 23 digits can leak from so many places.
In this day why don't the credit card payment systems require multi-factor authentication for online payments? Why don't payment machines challenge you for PIN for payments?
Every time this comes up, people claim that this lack of security doesn't matter because it's easy to reverse these payments. But if that's true, then why is the woman so upset and why is Barker handled so aggressively? It should be easy to revert both payments.
That's the idea with the expiry date, and the CVV, and the zip code. The problem is, it doesn't seem possible to convince businesses not to hold on to whatever security info is required to charge the card in plain text, so whatever the relevant details are inevitably get leaked from some hotel or eCommerce giant that really shouldn't have them in the first place, but hasn't set up a way to securely verify credentials with the bank without literally recording them.
You can keep adding on additional pieces of bullshit information customers need to remember all you want, none of it will matter as long as banks and credit card companies don't force businesses to treat them as actually sensitive information.
> He says he has considered suing the investigating officer for defamation, but has been told by his attorney that the bar for success in such cases against the government is extremely high.
Canada is a relatively less litigious country, but it seems he was harmed quite materially by losing his job. I'm not sure why they'd arrest him if he could show he placed the order the way anyone else would through his Amazon account.
It is too bad that the woman who was victimized appears too dumb to understand what triangulation fraud is and seems convinced that Barker is the perpetrator.
As someone whose been accused before of something I didn’t do, by people who were damn sure I had done it, it can be a very stressful traumatic experience, it doesn’t sound like a big deal until it happens to you. Don’t just hurl nasty messages at someone you don’t know and don’t even have 100% proof they have wronged you.
The RCMP held a gun to my wife's head when she was pulled over and threatened to shoot. I think it was because she was driving a beat up car in a wealthy part of the city. After they realized she was a student, they just let her go and did a complete 180 pretending they were all buddy-buddy with her.
During the interaction they said some really threatening, creepy, and disparaging things.
We launched a complaint, but since we left the country (for work), they said they couldn't do anything as we were non-residents.
The whole thing was completely unacceptable. I'm not anti-police, but the RCMP need serious reform.
I feel uncomfortable every time we return to Canada visit family.
> Barker says the stay has left him in legal limbo — denying him the ability to clear his name, while giving the RCMP a free pass for a botched investigation. He says he has considered suing the investigating officer for defamation, but has been told by his attorney that the bar for success in such cases against the government is extremely high.
...I did not realize merely being arrested gave you a criminal record. That would seem to go against "innocent until proven guilty." Is this Canada-specific or does it also apply in the US?
> Barker said he bought seven “Step2 All Around Playtime Patio with Canopy” sets from a seller on Amazon.ca, using his payment card on file to pay nearly $2,000 for the items.
Presumably Baker would have immediately shown the RCMP the Amazon transaction record for his (legitimate) payment to the (fraudulent) seller. And that Baker's payment to the seller would have been timestamped before the seller perpetrated the fraud on the Walmart account and shipped the goods to Baker.
If you saw the timeline above, and you believed the transaction records were accurate (and I assume the RCMP has the means to verify those transaction records with Amazon and Walmart), then what would you conclude was going on?
Would you assume that Baker was a master criminal who was acting as both the buyer and crooked seller, and was covering his tracks with a prepayment from himself (as the buyer) to himself (as the seller), thereby creating a transaction record to give plausible deniability?
Even the most cynical jaded hard-edged RCMP officer should see that doesn't make sense. Either the investigation was very incompetent or there's some more detail to the story that we haven't heard.
> Eager to clear his name, Barker said he shared with the police copies of his credit card bills and purchase history at Amazon. But on April 21, the investigator called again to say he was coming to arrest Barker for theft.
I don't know Canadian law. Once a prosecution is started, must it be completed within the statute of limitations for that crime?
I think that's how it generally works in the USA. Because the prosecution is stayed you lose the right to a speedy trial, but the statute of limitations still ticks.
In Canada we have the right to be tried in a reasonable amount of time. The Supreme Court of Canada put strict time limits in place in R. V. Jordan.
For cases without a preliminary inquiry (which this would be) the Crown has 18 months from the arrest to bring the case to trial. For cases with a preliminary inquiry it's 30 months.
Since he was arrested April 2022 that means he must be tried before the end of 2024, or the charges withdrawn.
>>Barker shared with this author all of the documentation he gave to the RCMP, including screenshots of his Amazon.ca account showing that the items in dispute were sold by a seller named “Adavio,” and that the merchant behind this name was based in Turkey. That Adavio account belongs to a young computer engineering student and “SEO expert” based in Adana, Turkey who did not respond to requests for comment.
Seems like this would be a great time to track this guy down, Adavio, and get his side of the story whether he wants to tell it or not. The fact that he disappeared makes him sound more like he has connections to scammers and thieves who use stolen card info.
Something's rotten here and it has nothing to do with Denmark.
Krebs is great but there is one thing that's killing me:
> "hacked"
Where is any of the evidence of hacking? I see inadequate protections against fraud from the sellers. I see an account that has been compromised. I don't see any evidence of hacking.
Sounds like the Ontario woman was likely reusing a password and had her account taken over. Walmart should help this guy out by running password dumps against her account to see if that's the case.
[+] [-] mcv|2 years ago|reply
That this is allowed to exist in legal limbo is ridiculous. He should be able to demand rectification and damages. And the real problem here is of course Amazon for enabling such scams. They should be on the hook for this, not some unsuspecting customer. And the real fraudster should be easy to track down through Amazon if they've done their due diligence.
[+] [-] pixelcloud|2 years ago|reply
[+] [-] andy99|2 years ago|reply
[+] [-] bparsons|2 years ago|reply
[+] [-] actionfromafar|2 years ago|reply
[+] [-] wubrr|2 years ago|reply
[+] [-] jackconsidine|2 years ago|reply
We stopped a few dozen attempts, filing police reports and contacting the people with names matching the cards. We now use Stripe Verify to ensure identity matches, which I really would have preferred not to do as a privacy-oriented person.
Interestingly, the police usually didn't want to deal with these things, even if the merchandise was in their jurisdiction
[+] [-] ctrlaltdylan|2 years ago|reply
This is the first where I've heard of using IDv for preventing triangle fraud on the fulfillment side.
Just curious - how does this fraud harm you the delivery service? The chargeback hits the merchant only no? Or are you the merchant in this transaction as well?
[+] [-] UseStrict|2 years ago|reply
[+] [-] naasking|2 years ago|reply
https://blogs.ubc.ca/ijhr/2021/11/29/the-right-to-counsel-it...
[+] [-] orwin|2 years ago|reply
[+] [-] chromatin|2 years ago|reply
[+] [-] tamimio|2 years ago|reply
I’m still missing one part, if that woman has her account hacked (plus the credit card, isn’t it supposed to be encrypted in walmart site?), and that scammer sent the goods to the guy, how did the scammer know that the guy ordered the stuff in the first place?! The coordinated attack is a little too sophisticated for a stolen credit card, because that would assume the scammer is also hacking that guy amazon account? Unless the seller is the scammer or part of a scammer ring and whenever he placed that order, they used the woman card to make the purchases, but why bother, they could’ve just used that card somewhere else, harder to track and a higher outcome? something isn’t adding up.
That being said, I always use virtual cards for anything online, and those are a “prepaid credit cards”.
[+] [-] papercrane|2 years ago|reply
The idea is the scammer is the seller on Amazon. So the guy orders from Amazon Marketplace, the Marketplace seller uses a hacked Wal-Mart account to fulfill the order and pockets the cash from Amazon.
[+] [-] mapreduce|2 years ago|reply
In this day why don't the credit card payment systems require multi-factor authentication for online payments? Why don't payment machines challenge you for PIN for payments?
[+] [-] mcv|2 years ago|reply
[+] [-] Gare|2 years ago|reply
https://www.bitsaboutmoney.com/archive/optimal-amount-of-fra...
[+] [-] markus92|2 years ago|reply
[+] [-] BobaFloutist|2 years ago|reply
You can keep adding on additional pieces of bullshit information customers need to remember all you want, none of it will matter as long as banks and credit card companies don't force businesses to treat them as actually sensitive information.
[+] [-] unknown|2 years ago|reply
[deleted]
[+] [-] rootusrootus|2 years ago|reply
[+] [-] ekanes|2 years ago|reply
Canada is a relatively less litigious country, but it seems he was harmed quite materially by losing his job. I'm not sure why they'd arrest him if he could show he placed the order the way anyone else would through his Amazon account.
[+] [-] whimsicalism|2 years ago|reply
[+] [-] mcv|2 years ago|reply
[+] [-] krunck|2 years ago|reply
[+] [-] Fripplebubby|2 years ago|reply
[+] [-] unknown|2 years ago|reply
[deleted]
[+] [-] unknown|2 years ago|reply
[deleted]
[+] [-] deadbabe|2 years ago|reply
[+] [-] living_room_pc|2 years ago|reply
During the interaction they said some really threatening, creepy, and disparaging things.
We launched a complaint, but since we left the country (for work), they said they couldn't do anything as we were non-residents.
The whole thing was completely unacceptable. I'm not anti-police, but the RCMP need serious reform. I feel uncomfortable every time we return to Canada visit family.
[+] [-] unsupp0rted|2 years ago|reply
[+] [-] beeburrt|2 years ago|reply
https://www.youtube.com/watch?v=2IT2oAzTcvU
[+] [-] Wowfunhappy|2 years ago|reply
[+] [-] cantrevealname|2 years ago|reply
Presumably Baker would have immediately shown the RCMP the Amazon transaction record for his (legitimate) payment to the (fraudulent) seller. And that Baker's payment to the seller would have been timestamped before the seller perpetrated the fraud on the Walmart account and shipped the goods to Baker.
If you saw the timeline above, and you believed the transaction records were accurate (and I assume the RCMP has the means to verify those transaction records with Amazon and Walmart), then what would you conclude was going on?
Would you assume that Baker was a master criminal who was acting as both the buyer and crooked seller, and was covering his tracks with a prepayment from himself (as the buyer) to himself (as the seller), thereby creating a transaction record to give plausible deniability?
Even the most cynical jaded hard-edged RCMP officer should see that doesn't make sense. Either the investigation was very incompetent or there's some more detail to the story that we haven't heard.
[+] [-] race_condition|2 years ago|reply
> Eager to clear his name, Barker said he shared with the police copies of his credit card bills and purchase history at Amazon. But on April 21, the investigator called again to say he was coming to arrest Barker for theft.
[+] [-] qingcharles|2 years ago|reply
I think that's how it generally works in the USA. Because the prosecution is stayed you lose the right to a speedy trial, but the statute of limitations still ticks.
[+] [-] papercrane|2 years ago|reply
For cases without a preliminary inquiry (which this would be) the Crown has 18 months from the arrest to bring the case to trial. For cases with a preliminary inquiry it's 30 months.
Since he was arrested April 2022 that means he must be tried before the end of 2024, or the charges withdrawn.
[+] [-] OsrsNeedsf2P|2 years ago|reply
[+] [-] doodlebugging|2 years ago|reply
Seems like this would be a great time to track this guy down, Adavio, and get his side of the story whether he wants to tell it or not. The fact that he disappeared makes him sound more like he has connections to scammers and thieves who use stolen card info.
Something's rotten here and it has nothing to do with Denmark.
[+] [-] Affric|2 years ago|reply
> "hacked"
Where is any of the evidence of hacking? I see inadequate protections against fraud from the sellers. I see an account that has been compromised. I don't see any evidence of hacking.
[+] [-] lewdev|2 years ago|reply
* There is clear fraud going on and the authorities are doing nothing about it.
* The authorities mistakenly attacked the victim and not owning up to it.
[+] [-] randerson|2 years ago|reply
[+] [-] actionfromafar|2 years ago|reply
[+] [-] naitgacem|2 years ago|reply
The authorities will just take it back (with no refund ofc) if you can prove that you bought it.
However, most purchases are from online sellers, or stores that say (this phone came from abroad by an immigrant).
Now this is indeed how most electronics enter the country, so the risk is unavoidable sadly.
[+] [-] 8organicbits|2 years ago|reply
[+] [-] FpUser|2 years ago|reply