Shady sales

Shortly after Americans finish unwrapping their shiny new electronic toys this holiday season, millions will turn to the Internet to sell their old devices. The conservative ones, content to sacrifice a little profit for convenience, will rely on trade-in sites like those operated by Amazon, Best Buy, Gazelle, and dozens of others. The more ambitious ones may turn to large listing marketplaces, such as Craigslist and eBay, hoping a marketplace of millions will yield more of an upside. The cautionary tales of two recent iPhone sales gone bad illustrate the potential risks of this latter path and make the more predictable alternative seem infinitely more appealing.

Last week, a San Diego couple was the latest in a growing list of Craigslist sellers to get more than they bargained for when meeting with a prospective buyer of their iPhone. According to police reports – yup, this required police – the couple arranged to meet their prospective buyer in person in a McDonald’s parking lot. The buyer got into the sellers’ BMW to complete the sale where he pulled a gun on the sellers and attempted to rob them of the iPhone they were selling, as well as cash and other valuables.

A struggle ensued inside the vehicle and multiple shots were fired. Although limited details are available, the couple managed to get the assailant out of their vehicle, having suffered what police describe as “non-life threatening gunshot wounds,” and drove themselves to a nearby hospital for treatment.

It’s a small minority of transactions that occur on Craigslist, but it’s certainly not the first time something like this has happened. Multiple similar incidents have taken place in Los Angeles in recent months, and a trio of San Diego men were recently convicted in the murder of a young man under similar circumstances last holiday season.

The takeaway from these incidents should be to take extreme caution agreeing to meet someone in person after meeting them online, especially when advertising that you’ll be carrying (at least one) $500 smartphone. PayPal and FedEx should be your friends in these situations.

Unfortunately, for a second iPhone seller, PayPal proved to be a nightmare all its own. On December 3, San Francisco-based VMWare developer Vladimir Gurovich posted a personal blog entry titled “Post-mortem of an eBay/PayPal Scam.” In it he described how PayPal’s terms of service enable the “perfect crime” in which buyers purchase an expensive item on a credit card, issue a “merchandise not as received” chargeback through their credit card company, have their payment reversed, and keep the seller’s expensive item. For our seller, the price of this lesson was $849.99.

As Gurovich quickly found out, despite its widely advertised “Seller Protection Program,” PayPal’s terms of service offer sellers no remedy in a situation like this. Instead they explicitly place the liability of credit card chargebacks onto the seller (aka, merchant), regardless of the evidence of fraud presented. As Gurovich summarized in his post, “Your only chance of collecting the money [at this point], is to file a police report at the location where you delivered your item, try to confirm the identity of the perpetrator and to file a small claim in order to collect it. Neither PayPal nor eBay will help you with it.”

Fortunately, Gurovich’s story had a somewhat happy ending. Because his blog post went viral, including on the influential Hacker News message board, the seller was eventually able to escalate his claim to a senior PayPal executive. He ultimately received a full refund from the company, including of his $20 chargeback fee, but not before the executive articulated clearly that he was in no way entitled to such compensation under the PayPal User Agreement. It seems they were doing him a favor that other sellers cannot count on being available when they are victimized.

Gurovich took a number of savvy steps to draw attention to his plight and elevate his case to PayPal’s senior management before his somewhat happy ending. Unfortunately, most eBay sellers would have a hard time doing the same. In the end, “merchandise not received” remains the perfect crime.

There are a number of timely reminders contained within in these two seemingly different stories. The first is that when doing business online, you often can’t rely on the portal or marketplace to protect you. As a “merchant,” you are likely assuming certain liabilities contained within the terms of you signed (without reading) when opening your account. In this case, seller beware.

A second troubling theme running through both accounts is that neither eBay nor Craigslist require real identity profiles. That is, users can choose any profile name and the platforms offer counterparties no way of verifying their identity or performing even rudimentary background checks. EBay at least offers seller feedback and ratings – although even these were proven flawed in Gurovich’s case – while Craigslist’s wild west marketplace offers no way of vetting a buyer or seller. The Internet was up in arms when Google and Facebook began enforcing their real identity and one account per user policies in recent years, but situations like this illustrate the dangers of online anonymity.

Sometimes the gamble on the upside just isn’t worth it.