Scammers use DocuSign API to send fraudulent invoices
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Fraud is usually associated with deception, manipulation, and crime, but what many people don’t realize is that not all scams are illegal. Because of certain legal loopholes, fraudsters can operate within the confines of the law and still manage to deceive and exploit unsuspecting victims. These scammers take advantage of gray areas in legislation or gaps in regulatory frameworks to pull off their schemes without technically breaking the law.
Understanding these loopholes can help individuals and businesses recognize potential red flags and protect themselves from becoming victims.
One of the most common scams that walks the thin line between legality and fraud is subscription services with no real product or service. In this type of scheme, scammers send out emails, text messages, or online ads offering subscriptions to services like daily tips, ringtones, or wallpapers. However, once the user signs up, they start getting charged for the service, often through their phone bill or credit card. These fees, such as $10 per ringtone, can be shockingly high or come with recurring charges.
Because the consumer technically signed up for a service, scammers can argue that the fees are legitimate. The fact that the service may be entirely useless or the promised content never materializes doesn’t always make the operation illegal. As long as the terms and conditions—usually buried in small print—are in place, scammers can argue that users agreed to the charges, effectively bypassing any accusations of fraud.
Another legal gray area scammers exploit involves domain registration and renewal fees. Domain owners are frequently targeted with bills that appear to be for domain renewal, but in reality, these are solicitations to transfer the domain registration to a different company. In many cases, scammers disguise these offers as mandatory fees, adding confusion and pressure to the mix.
U.S. laws require that any such invoice includes a disclosure indicating that it’s merely a solicitation, but this warning is often in extremely fine print, making it easy for unsuspecting users to miss. If the scammer operates outside the U.S., they are not bound by these rules, making it even easier to deceive domain owners. Often, the scammers charge exorbitant fees for services that are unnecessary, and many victims don’t realize they’ve been duped until it’s too late.
Setting up an online store has never been easier, and unfortunately, this has led to a rise in fraudulent e-commerce websites. Scammers can create fully functioning online shops selling counterfeit goods or products that don’t exist at all. While some may believe selling knockoffs is illegal, many such operations work within the bounds of the law, especially in countries where intellectual property laws are lax or unenforced.
In other cases, online stores might sell items that are never delivered, or they may send counterfeit products that are advertised as genuine. A common example is online pharmacies selling discounted medications that might be misbranded or not require a prescription. These websites often include contact information and qualifications that make them appear legitimate. If a customer receives something that resembles the product they paid for, even if it’s substandard, scammers can claim they fulfilled their end of the transaction. This makes it difficult for authorities to intervene unless it can be proven that the products violate specific laws, such as FDA regulations.
Credit repair services are another area where scammers can exploit loopholes. Many companies promise to “clean up” a consumer’s credit report by disputing negative items and working with creditors. While it is legal to challenge inaccurate information on a credit report, scammers often charge exorbitant fees for doing little to nothing. They may dispute legitimate debts or follow tactics that temporarily boost a credit score, only for the effects to disappear later.
Since the consumer signed up for the service and the company technically followed legal procedures, it’s difficult to prosecute these operations as fraudulent. Victims may find themselves worse off financially, but scammers rarely face any legal repercussions if they don’t make false promises or use illegal methods.
Charity fraud is another area where scammers often exploit the goodwill of others while skirting the edges of legality. In this scheme, fraudsters set up what appear to be legitimate charitable organizations and solicit donations, often following natural disasters or during high-profile crises. These organizations might even have official-looking websites and paperwork.
As long as the scammers file the correct paperwork, they can claim to be running a legitimate organization. They may even donate a small portion of the funds to a real cause to give the appearance of legitimacy. However, the majority of the money often goes into the pockets of the fraudsters. Because the charity is technically registered, law enforcement can find it challenging to prosecute unless they can prove that donations were misused on a large scale.
Another legal gray area involves sweepstakes and prize giveaways. Some businesses and individuals offer sweepstakes or giveaways that seem too good to be true—and often, they are. Scammers lure people in with promises of grand prizes but charge hidden fees or force participants to buy something to qualify. While U.S. law prohibits forcing someone to purchase to enter a sweepstakes, scammers find ways around this by disguising purchases as “optional extras” or by operating internationally, where such laws might not apply.
In these cases, while the consumer might feel cheated, the scam technically operates within legal boundaries because of how the rules are written. As long as the scammer complies with the minimal legal requirements—such as offering a free method of entry or providing the terms in fine print—they can continue to run their scheme.
Scammers often walk a fine line between legality and fraud, taking advantage of legal loopholes and weak enforcement to carry out their schemes. To protect yourself, it’s important always to read the fine print, be cautious of unsolicited offers, and thoroughly vet any business or service before purchasing or signing up for a subscription. Also, verifying the legitimacy of charitable organizations or domain renewal requests can help you avoid these scams.
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Because LinkedIn is used as a professional networking platform, account holders don’t use the same caution as they would on Facebook or …
Fraud can strike any time, but certain periods increase your business’s vulnerability to fraudulent activities. During these times, your teams may be …
Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.