Mercado Libre: What Are The Most Common Scams And How To Avoid Them


Some of the most common scam models that are carried out through the Mercado Libre platform and how to protect yourself.

ECUDOR– Unfortunately, it is common for sites that attract a large mass of users to also become attractive for cybercriminals to carry out all kinds of scams on unsuspecting victims. In this sense, Mercado Libre is no exception. Some of the most common scams such as phishing, ignorance of the purchase, the sale of fake products on these platforms, to respond to any fraud attempt and be able to avoid it.

The Mercado libre platform has approximately 46 million buyers and, according to published data, 13 purchases are made per second.

“As is often the case with very popular platforms, games, applications and services, it is highly attractive to opportunists who use different strategies to keep users’ money. It is important to know them in order to take the necessary security measures and avoid being a victim of deception or scams ”

Martina López, Researcher at the ESET Latin America Laboratory.

Most common scams in Mercado Libre:

Phishing and fraudulent communications: Phishing is a type of attack that uses social engineering, a method by which the victim is expected to conscientiously deliver what the cyber criminal is looking for (personal information, money, etc.), without the need to carry out espionage on the victim’s device or steal files.

What usually happens is that the attacker sends an email in which the victim is made to believe that it is an official communication in which the user is warned about some security problem or suspicious movement in the supposed account and that their account needs to be verified. identity to regain access or prevent the account from being suspended. Another recurring alternative that attackers choose instead of warning messages is to appeal to great offers or gifts. The objective in these cases is the same. Make the victim send their information believing that it is a legitimate communication and the attacker keeps their access credentials and data, such as their card numbers.

La imagen tiene un atributo ALT vacío; su nombre de archivo es image-3.png
Image 1: Fraudulent email that impersonates Mercado Pago’s identity and makes believe that a problem has been detected in the account and that the user must complete their data with sensitive information in order to supposedly be able to re-enable the account.

In addition to the mail, nowadays the campaigns that circulate through WhatsApp are common where different excuses are used to arouse the interest of the possible victims. One of the most common is the promise that they are giving gifts or raffles using the company’s anniversary celebration as a pretext. The deceptions that circulate through WhatsApp have in common that most of the time they ask the victim to forward the message to a number of contacts in order to receive the benefit. While this is false and there is no benefit, in this way the attackers ensure that the message continues to circulate and with great chances that the victim will fall for the trap when receiving it from a known contact.

La imagen tiene un atributo ALT vacío; su nombre de archivo es image-2.png
Image 2: Warning of an official account of the company via Twitter.

Sending the product by unofficial means: In these cases the criminals try to collect through means that are not associated with Mercado Libre in order to deceive the victim and leave them without the support of the platform. Here, the cybercriminal poses as a seller of a product of great value and in high demand (last generation consoles, cell phones, computers, among others), for attractively low prices and they claim to have wide availability.

La imagen tiene un atributo ALT vacío; su nombre de archivo es image-1.png
Image 3: Example of a fraudulent publication. Link

The scammer clarifies that he has special shipments that he makes in a particular way. Thus, when a victim buys a product, they are asked to pay for an expensive shipment outside the platform. To avoid the victim’s suspicions, the scammer requests this payment through the official means of payment, arguing that this is how the processes are associated, which is false. After the victim sends the money and makes the purchase in Mercado Libre, the seller ignores it or cancels it. Although this generally means that the money is reimbursed to the buyer, in this case the system does not recognize the sending of the money as part of a purchase and therefore there is no transaction to reverse, since the shipment was made externally, and it is where the scam occurs. The buyer does not receive any products and the scammer keeps the money sent.

Unawareness of purchase: A form of deception aimed at sellers, in Mercado Libre is based on taking advantage of an oversight that the victim may have when selling a product through Mercado Libre.

The scammer makes the purchase of an object of great value. The means of payment used is key in the deception, it is through a credit card associated with a person other than the alleged buyer. At the time of the transaction, you pay remotely with a credit card associated with a person with a different identity document than the one the scammer gave the seller. If the seller receiving the payment is unaware of this difference in identity, it may be too late to claim the merchandise.

Selling Fake Products and Fake Returns: This type of deception targets both buyers and sellers, and involves high-value products. In the case of the buyer scam, the scammer impersonates a seller, with little public information available and no reviews. In their publications you can see high value products and an attractive price. The publications are made from images downloaded from the Internet. Once the purchase is made, the victim receives an object of similar size and weight, but far from the paid product.

On the contrary, if the scam is aimed at the seller, the cybercriminal pretends to be a buyer more than the hundreds who operate on this platform. Once the purchase is made and the product is received, the scammer declares it defective and requests a refund. This mechanism involves sending the product by the buyer to the seller, and then undoing the payment operation of the first. It is there, then, when deception comes into play.

The following tips to avoid scams both in Mercado Libre, as well as in other similar platforms:

  • If a communication is received, either via email, WhatsApp or similar that claims to be from the company, verify the real sender and not provide sensitive data that the company itself ensures that it will never request by mail or instant messaging (financial or bank data) . , identity document, among others). If a communication appears suspicious, verify that it is legitimate through your official channels.
  • Activate two-step authentication, also known as two-factor or 2FA authentication, and use a strong password, in both Mercado Libre and Mercado Pago, to protect both accounts.
  • When acting as a buyer, it is important to verify the identity of the seller and verify that they have a solid reputation before making the transaction. This platform offers a seller rating service where users can access reviews made by real buyers.
  • If you want to sell a product, verify that the identity of who makes the purchase and who pays for it is the same. Also, confirm that the buyer has provided all the necessary data for the operation and to make a possible claim.
  • Regardless of the role in the platform, do not carry out transactions outside of Mercado Libre, since the user is left without the support provided by the platform in the event of any problem.
  • Review the products that are currently being received or shipped to make any necessary claims. These operations usually have a window of certain days to be carried out.

Datos de Contacto de Comunicación y Prensa

Para más información se puede poner en contacto a través de: Carolina Bueno, Relaciones Públicas a o al 0998605919

Acerca de ESET

Desde 1987, ESET® desarrolla soluciones de seguridad que ayudan a más de 100 millones de usuarios a disfrutar la tecnología de forma segura. Su porfolio de soluciones ofrece a las empresas y consumidores de todo el mundo un equilibrio perfecto entre rendimiento y protección proactiva. La empresa cuenta con una red global de ventas que abarca 180 países y tiene oficinas en Bratislava, San Diego, Singapur, Buenos Aires, México DF y San Pablo. Para obtener más información, visite o síganos en LinkedIn, Facebook y Twitter.

Copyright © 1992 – 2021. Todos los derechos reservados. ESET y NOD32 son marcas registradas de ESET. Otros nombres y marcas son marcas registradas de sus respectivas empresas.

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *