The First Time I Got Played
It was my freshman year at State, and like every broke college kid, I was desperate for beer money. I found this “work from home” typing job on Reddit – seemed legit enough. The guy DMed me saying they needed people to transcribe handwritten documents because OCR couldn’t handle messy handwriting.
“$30 per 1,000 words,” he said. “Just need a $50 security deposit to make sure you don’t damage the original documents we ship you.”
I was 18 and stupid. Sent him fifty bucks via Venmo. Never heard from him again.
Strike Two
Senior year, I was trying to impress this girl who was obsessed with some YouTuber coming to campus. The event was sold out, but I found someone in our Facebook group selling tickets. Paid $200 for two tickets – wanted to look like a hero, you know?
Show up to the venue, and surprise! Fake QR codes. The girl was pissed, I was out $200, and my pride was somewhere in the gutter. Filed a police report, but they basically laughed at me. “It’s a civil matter,” they said.
I saved that scammer’s contact as “NEVER FORGET” in my phone.
The Third Time’s the Charm (Sort Of)
After graduation, I started freelance writing to pay the bills. Some guy commissioned a 5,000-word article, paid half upfront, then ghosted me after I delivered. Classic move.
But this time was different. A friend of mine who worked in cybersecurity reached out after I posted about it on Twitter.
“Want me to look this guy up?” he asked.
Within an hour, my friend had the scammer’s full name, address, phone number, and his mom’s Facebook profile. We’re talking full digital fingerprint.
“Just send him this info,” my friend said. “Don’t threaten him or anything. Just let him know you know who he is.”
Holy shit, it worked. The guy paid me within 20 minutes, claiming he’d been “too busy to check messages.”
That’s when I learned about OSINT – Open Source Intelligence. Basically, how to legally dig up someone’s digital footprint using publicly available information.
Going Down the Rabbit Hole
My cybersecurity friend taught me the basics. It’s scary how much you can find out about someone with just an email address or phone number:
- Cross-reference social media accounts
- Find linked usernames across platforms
- Discover real names through payment apps
- Locate addresses through delivery services
- Connect family members through shared networks
The deeper you dig, the more you find. It’s like opening a digital Pandora’s box.
My first target? That “NEVER FORGET” contact from college. Took me three hours, but I found him. Turned out he’d dropped out and was running the same ticket scam on multiple campuses. I didn’t do anything with the info – just knowing I could felt like closure.
Becoming the Internet’s Debt Collector
Word got around campus that I could track down online scammers. Soon, people started reaching out for help. My first “client” was this sophomore who got scammed trying to buy a graphics card on Discord. Lost $400 – basically his entire summer job savings.
I found the scammer’s info in about 30 minutes. Slid into his DMs with a simple message:
“Hey [Real Name], I think you forgot to ship [Victim’s Name] his RTX 3080. Here’s his Venmo again: [Venmo handle]. I’m sure it was just an oversight.”
Attached a screenshot showing I knew his full name, city, and university.
The scammer freaked out, immediately refunded the money, and threw in an extra $50 “for the inconvenience.”
The victim was so grateful he Venmo’d me $40 as a thank you.
And just like that, I had a side hustle.
The Rules of Engagement
I only take cases under $1,000 – anything more and you should go to the FBI. I need full proof: screenshots, payment records, the works. And I only go after clear-cut scams, not sketchy deals gone wrong.
My success rate? About 70%. Here’s how it usually goes:
30% immediately cave when they realize I know who they are. They refund the money, apologize, sometimes even throw in extra cash.
40% try to play tough at first, but eventually fold when I mention I found their LinkedIn, their mom’s Facebook, or their college email address.
30% are either too stupid to care or using completely fake identities. These are the ones that get away.
When Things Got Real
Most of my “investigations” happened from behind a computer screen. But last year, I found a local scammer – some kid who was selling fake concert tickets on our city’s Facebook marketplace.
He’d scammed this girl out of $300 for Billie Eilish tickets. When she showed up to the venue, security laughed at her obviously photoshopped printouts.
I tracked the kid down to his high school. Showed up during lunch (yeah, I know how that sounds). When he saw me approaching, he tried to run. We ended up in a scuffle in the parking lot before security broke it up.
Cops got called, parents got involved, whole thing was a mess. The kid did end up refunding the money, but I got a stern talking-to from the police about “taking matters into your own hands.”
The Ethical Gray Area
Look, I know what I do isn’t exactly legal. Technically, it’s harassment. But here’s the thing – these scammers count on people not fighting back. They prey on kids, elderly people, anyone desperate enough to trust a stranger online.
The system doesn’t protect victims of small-scale fraud. Police won’t touch anything under $500 in most places. PayPal and Venmo’s fraud protection is a joke. So what are people supposed to do? Just eat the loss?
I see myself as the internet’s immune system. When scammers realize there might be consequences, some of them think twice.
The Unintended Consequences
Not everyone appreciates my “services.” I’ve been threatened with lawsuits, had angry parents call me, and one time someone tried to dox me back (didn’t work – I know how to cover my tracks).
But for every angry scammer, there are five grateful victims who got their money back. College students who can afford textbooks again. Elderly folks who didn’t lose their social security money. Kids who learned not to trust random internet strangers.
When the Well Ran Dry
Last year, a lot of the tools I used got shut down or started requiring credentials I couldn’t access. Telegram channels went dark, databases went offline, and suddenly my digital detective work got a lot harder.
It felt like losing a superpower. All these people still getting scammed, and I couldn’t help anymore.
Maybe that’s for the best. Maybe I was getting too comfortable playing judge, jury, and digital executioner. But damn, it felt good to win one for the little guy.
The Bigger Picture
Online scams aren’t going anywhere. If anything, they’re getting more sophisticated. AI-generated voices, deepfake videos, scams that adapt faster than our ability to recognize them.
Everyone thinks they’re too smart to get scammed, right up until they’re not. I got fooled three times before I learned to fight back. How many times do you think you’ll get fooled?
The internet gave us incredible tools to connect with each other. It also gave us incredible tools to exploit each other. The question is: what are we going to do about it?
Want to share your scam story or tips for staying safe online? Hit me up on Twitter @NotGettingScammedAgain. And remember: if it sounds too good to be true, it probably is.
