Archives August 2013

Verifying Identities and Payment Practices Online

In a previous post, I explained various schemes to scam people out of their money. The best protection against any of these schemes is to verify that you are really dealing with who you think you are.

There are two types of scammers:

  • Scammers, who don’t try too hard, on the assumption that they’ll eventually find a victim who is gullible enough. These sort of scams are fairly easy to spot, as I’ll explain below.
  • Impostors, who impersonate a reputable person, such that people who actually check the names of the people they are dealing with are fooled into thinking they are doing business with the real person, whereas all their exchanges and transactions happen with the impostor. These types of scam are much harder to uncover.

Impostors and Scammers – Typical Red Flags

Note that the presence of any one of these warning signs alone doesn’t mean that you’re dealing with a dishonest person. All these signs combined with a few online checks that I’ll explain below, however, strongly point to a scam attempt.

Your alarm bells should ring if you receive an inquiry that contains the following:

    • The email was sent from a free account such as gmail, yahoo, etc.
      While this is not necessarily in itself an indication that the request is a scam/spam-email, it’s a strong indication in combination with the other signs below. I have, in fact, several good direct clients that write via gmail, but I know them from other sources, therefore I know that they are legitimate. Most of my other clients, however, write via their corporate accounts.

    • A proper salutation is missing and the email is sent to my email-address via bcc.
      This points to the fact that this is a mass scam attempt.

    • The request is written in really, really bad English, despite the fact that the sender claims to have a source text in English and claims to have a name indicative of a native English speaker.
    • The request does not contain any contact information aside from a generic email address and possibly a phone number in a strange country.
      This is in general a strong indicator that the email is a scam/phishing attempt. Everybody has an address and phone number and most people have a website these days. A name such as “Maria Brown”, which is essentially un-Googleable because it’s too generic, immediately raises red flags. If somebody really wants a translation, even if they’ve never bought a translation before, they give a name and address and possibly other contact information so that the provider can contact the translation buyer with the quote. A name and address can also be used to search for that buyer online and verify his/her existence, as I’ll explain below.

    But what if you receive a serious inquiry, from a person/company whom you searched for and found online, with apparently proper contact information?

    You should still check out the potential client more thoroughly. For one, they could impersonate somebody else, or for another, they could be one of those black sheep on the translation market who never pay (and get away with it!).

    Verifying IP-Adresses and Internet Domains

    Typically, impostors proceed as follows:

    • They steal a reputable person’s credentials. In this post I explain how to safeguard yourself against this.
    • They modify the contact details to display their own contact information, possibly with a fake name.
    • If they are smart, they use an email address and possibly a domain name that very closely resembles the original address and domain.
      I myself fell victim to this once, when I got contacted by somebody purporting to be a project manager of a reputable agency. I checked out the agency and did my research, but what I did not notice was that the inquiry was sent from an email address ending in .net instead of the agency’s .com. That is, the email came from instead of Of course, when I checked out the agency, their website was at The scammers had simply temporarily bought the domain name, since domain names are fairly cheap these days.

    How can you check whether an email/inquiry is legit if scammers buy domain names left and right?

    You can check the domain name via Whois, and you can check the IP-address the inquiry was sent from. This is done as follows:

    1. Visit
    2. Type the domain name into the search box, and check the options “domain whois record” and “network whois record”. The rest of the options may be a bit confusing, unless you’re an internet wiz. But then you wouldn’t be reading this part of the post, would you?
    3. The Domain Whois Record tells you who registered the domain and who is its administrator, along with their address and telephone number. This is important if you receive an inquiry from somebody supposedly from the US, but in reality they’re actually sitting someplace else.
    4. The Network Whois Record tells you the IP-address range of that domain. Every computer on the web has an IP-address, uniquely identifying the computer’s location and the computer itself (just like a phone number). It consists of 4 numbers separated by 3 dots, e.g. (Of course, this is not a real IP-address, because it’s out of range, but this is the format). This is important because you can check whether the email that was sent really came from this domain, as I’ll explain in the next step. This is optional, because it does not always provide more information. The Domain record should already give you lots of information.
    5. If you don’t want to check the email IP-address, skip the next 2 steps. Otherwise, go to your email program or webmail and display the header information. Here’s a good list compiled by Google explaining for various email/webmail programs how to display the header. When you have displayed the header, do not panic. Instead, read on.
    6. You can safely ignore everything except the lines that start with Received:. These lines represent a list of all the servers/computers through which the message traveled on its way to you. The top “Received”-line is your own system. The last “Received:”-line at the bottom is the computer where the message was sent from. You want to check this one again at (yes, the search box also works with IP-addresses). Of course, this may or may not correspond to the information you obtained from the domain name, because in this day and age, some people reroute their emails through other interfaces.

    You should now have a pretty good idea who contacted you and from where. Armed with this information you can do further research, see below, if the contact is a translation agency.

    Doing Business with Agencies – Payment Practices

    Anybody with a computer and internet access can open a translation agency today, from anywhere in the world. While there are many very reputable agencies out there, there are also any number of fly-by-night “agencies” who are only looking to make a quick buck at the expense of translators and end clients.

    Therefore, if you are a translator and are doing business with agencies, it pays to become a member of various online forums that discuss payment practices or to subscribe to databases that list the payment practices of various agencies. Here’s a list of forums and databases I consult regularly:

    These are just a few among many, and your mileage may vary. I personally rely most on the Payment Practices database and found the Zahlungspraxis Yahoo group quite useful.

Translation Scams – Buyers and Translators Beware!

It seems that the amount of scams in operation is increasing every day. In a series of posts I will discuss the various common schemes targeting both buyers/end clients and translators/language service providers. I will explain how the schemes work and how to avoid becoming a victim. While the examples will discuss the scams as they apply to the translation industry, the underlying principles apply to other sectors and endeavors as well with only minor modifications.

There are several basic categories of scams:

Why would anybody impersonate a client?

This is the age-old check-scamming trick, a variant of the Nigerian lottery scam. It works as follows, in the case of translations:

  1. The client orders a translation, most of the time without haggling over price or without signing a contract, sending a purchase order or any other written documentation. The entire transaction is done via email, more often than not via a free email account such as google, yahoo, or the like.
  2. The translator faithfully delivers the translation and sends an invoice.
  3. The client pays immediately by check. The check happens to accidentally show a much larger amount than invoiced.
  4. The client tells the translator/service provider that the “accounting department” made a mistake, and that the translator should just go ahead and cash the check and then wire back the amount that was paid too much or send a check for this amount, because it would be too complicated for the “accounting department” to remedy the error by any other means.
  5. The translator goes ahead and cashes the check and sends back the amount that was overpaid.
  6. A few weeks later, when the banking system finally finishes turning its wheels, it turns out that the client’s check was fake and the check bounces. The translator is charged with a bounce fee by the bank, and furthermore, has already sent the amount that was “overpaid” on the fake check. Of course, in the meantime, every trace of the client’s existence is erased, and the translator has lost money for providing a service.

These and a few other variations of that scheme are actually quite common in the US and all other places where the antiquated form of payment called a check is still prevalent. In this post I discuss how you can prevent being victimized by such a scam. This article on the ATA website also discusses this topic.

On the other hand, why would anybody impersonate a translator?

Quite simple, people without the necessary skills impersonate reputable translators to obtain projects from unsuspecting clients.

  1. The scammers impersonate reputable translators with stolen CVs, where they just edit a few contact details.
  2. Unsuspecting clients order translations from the fake translators under the assumption they get a quality product, after checking out the impersonated translators’ profiles online.
  3. The projects are then translated by the scammers via open-source machine translation such as Google translate (a simple copy-and-paste operation) and sent back to the client without post-editing, who more often than not does not speak the target language and is therefore unable to judge the quality (or lack thereof) of the delivered product. As an aside, machine translation by itself is not bad, if it is properly implemented and post-edited, but these scammers skip this time-consuming step to make a quick buck.
  4. The client pays the scammers the invoiced amount, and by the time the client notices that the translation is bogus, the scammers have long disappeared.
  5. The client complains to the real translator who allegedly provided the fake translation. Both end client and real translator are the victims in this case. The end client has lost money, and the real translator, whose CV was stolen, has lost their reputation.

This scheme is discussed on this website in even more detail. The site also contains a list of the scammers’ names along with their victims’ names. Please pay attention to the column headings in the table so as not to confuse the scammers with the victims.

In this post I discuss how you, as a translation buyer, can verify that a person is really who they say they are. And in this post I discuss how you, as a translator, can prevent your CV from being stolen easily.

How can somebody order a translation and get away with never paying for the service?

This is surprisingly easy if the buyer and the provider do not live in the same jurisdiction and there is no established dunning procedure between these jurisdictions. More often than not, collecting the outstanding amount would cost more than the amount owed.

The ATA website has a few articles on how to prevent this. The ATA website also contains tips on how to collect outstanding invoices, assuming that you are dealing with a client who simply doesn’t pay for some reason and not with an impostor as described above.

Of course, the best way to prevent such a situation is to vet your client thoroughly before you take on the assignment. I describe various ways to do this here.

Protection against Identity Theft

In this post I list a variety of scams that are currently infesting the internet. Identity theft features prominently among these scams.

How can you protect your identity from being stolen?

The main defense is to make it as hard as possible for somebody to impersonate you. Of course, it’s never completely impossible to steal somebody’s identity, but if you make it very hard, then the scammers will likely look for another victim and leave your reputation intact.

Here are a few tips:

  • Never post details that are too personal online, for example, your precise date and place of birth, your social security number, and other personally identifying details that are not needed to conduct business.

    Of course, certain legislations require you to post your tax number online in your “Impressum”. I am talking about the equivalent of the Umsatzsteuer-ID, which is NOT your Steuernummer/tax ID/social security number. The former identifies your business, the latter identifies you as a person and can be used to impersonate you. Please check your local legislation in this matter and do not confuse the two numbers.

  • Get your own domain name and set up your email to run through your domain instead of using a free provider such as Gmail, Yahoo, etc.
    That way, it will become much harder for the scammers to impersonate you. They would have to hack your account to do so. If you use a free email account, a scammer can set up another account with a name very similar to yours and use that account to impersonate you. E. g. if your email account is, they could set up an account at and pretend to be you.
    And no, you wouldn’t have to have your own website to own a domain name and run an email account through that domain. Although having a website is always a good idea, even if it’s just one page with your name and contact information. Most hosting providers, including mine, have simple tools that you can use to build your own rudimentary website. You don’t have to be a graphic designer or a website wiz to set up a simple but good-looking page. And having a website hosted doesn’t break the bank these days either. Still, if you don’t want that, there are email-only options, for example also provided by my hosting provider.

  • Do not send out your resume or CV in plain text or Word format. Save it in PDF format instead and secure the document with a password.
    Every word processing program I know of has the option to “Save as PDF”. Plain text or Word is much easier to edit and tamper with than PDF, especially if the PDF is protected by a password against editing. Obviously, you don’t want to password-protect the file against viewing. I’ll explain in this post how to accomplish that with Adobe Acrobat, assuming that you have saved your document as a PDF file.

Password Protection for your CV/Resume with Adobe Acrobat or Word

A lot of online scams involving identity theft are hitting the industry these days. In many of these scams the victims’ CVs/resumes are stolen by the scammers and then used for their own criminal purposes.

In this post, I list some basic steps how to protect your own identity from being stolen. Below I’ll explain how to protect your resume/CV from being altered by malicious people with the help of Adobe Acrobat. The free Adobe Reader won’t work. If you do not own Adobe Acrobat, there are freeware programs out there that allow you to password-protect PDF files. I personally am using Acrobat, therefore I cannot comment on these programs.

If you wrote your CV/Resume in Microsoft Word and use the option to save it in PDF format, you can also encrypt the PDF file with a password. Below I show you how.

Adobe Acrobat

  1. Save your document as a PDF
    This is easily accomplished in most word processors by simply choosing the option “Save as” and then choosing Portable Document Format/PDF.

  2. Open your PDF file in Adobe Acrobat and click on File > Properties
    Go to the “Security” tab. Click on Security Method > Password Security
    Adobe Acrobat File Security

    Adobe Acrobat File Security

  3. Set up password protection for editing
    Obviously, you still want people to be able to view your document without password. You only want to protect the document against editing or copying and pasting the content. This is done with the following settings:

    • Check Encrypt all document contents
    • Uncheck Require a password to open the document
    • Check Restrict editing and printing of the document. Set Printing Allowed to None, Changes Allowed to None

    Adobe Acrobat File Security

    Adobe Acrobat File Security

  4. Enter the “Change Permissions Password” and click OK
    A popup window is displayed where you have to enter the same password again and click OK. Click OK again when the warning is displayed. Close the dialog with OK.

  5. Save the document with the changed permissions!

Microsoft Word (Windows)

  1. “File” > “Save as”
    Choose the option “Save as” and then choosing Portable Document Format/PDF, but do not hit “Save” yet.

  2. Click on “Options” before you hit “Save”
    A popup opens with various options to save the file. At the bottom, you will see the option to “Encrypt the document with a password. Choose this option and click OK.

  3. Password protection with MS Word

  4. Click “Save.”

Microsoft Word (Mac)

  1. Go to “File” > “Print”
    Unlike the Windows version, the Mac version has the option to encrypt files via the built-in Mac print functionality.

  2. Go to the bottom dropdown and select “Save as PDF”
    Save as PDF

  3. Select “Security Options” at the bottom on the next screen.

    A new popup will open that shows options to encrypt the PDF file with a password.
    PDF Security Options Mac

Now your CV/resume is password protected against changes and copy-paste operations.

MOOCs (Massive Open Online Courses) – a Brief Review

I recently took two massive open online courses (MOOCs) on Coursera, “Introduction to Finance” by Prof. Kaul of the U. of Michigan, and “Global Sustainable Energy” by Prof. Porter of the U. of Florida. I took the first course to get a better overview over the financial world as a business person, and I took the second course because I’m very interested in sustainable energy and would like to move my translation specialization in this direction. I can highly recommend both courses.

“Introduction to Finance” covered a variety of topics in a whirlwind, from mortgage calculations over a brief intro to accounting to stocks and bonds. Of course, none of these topics could be covered in-depth in the short amount of time, but it was just the right amount for a business person with a retirement account and interest in purchasing a home. While the format was very “traditional” (for an online course), video lectures with online assignments, Prof. Kaul’s ability to be highly engaging in a video with a bland background is simply amazing. Prof. Kaul is one of the best lecturers I’ve ever heard. The assignments were just the right difficulty, partly tricky, and forced you to actually learn the material. Overall, I highly recommend this course.

“Global Sustainable Energy: Past, Present and Future” also covered a variety of topics, whereby 3 of the topics, residential energy, renewable energy sources, and transportation were covered more in-depth by the students themselves in peer assessments/papers, which were then graded (anonymously) by other students. The course included videos, short and to the point, quizzes, and mandatory discussions in the forums, where the topics were covered first, with the peer assessments following up in-depth. I learned a lot, particularly while researching for the projects/peer assessments, and I think Prof. Porter used the online medium very wisely through the mix of videos that were partly shot at various outdoors locations and especially the peer assessments, my own and while grading the other students’ papers. I could have done without some of the mandatory discussions, simple because more often than not people posted random statements without references or links just to get credit. Nevertheless, the rest of the course far outweighed this slight drawback. Overall, I can definitely recommend this course as well.

That said, I would like to point out a potential drawback of MOOCs. In one case, I dropped a course I was enrolled in, because the instructor seemed to have his own agenda instead of presenting a balanced viewpoint on the topic. People tried to point this out in the discussion forums, but were quickly shut down. I then dropped the course after about 2 weeks of this. That, IMHO, is one of the dangers with MOOCs in general. Since they are free (or almost free), they need to be sponsored by somebody. And if that sponsor has their own agenda, it’s very easy to pick and choose the presented data to fit an agenda instead of presenting a balanced overview. And thousands of people, who are not scientifically trained to question data that they are presented with, walk off with incomplete or worse, very wrong ideas.

With this in mind, I still recommend MOOCs, simply because the quantity of courses offered online on every conceivable topic is so large that there are bound to be some excellent courses out there.