Steroid Scammers Safari: James_Roids101 Case Study

0
1211

We’re not new to this business. We’ve seen all shades of shady. All steroid scammers imaginable.

Guys in the chat pretending to be our representatives, simple quick buck hunters on the loose, «bros» from all around South Africa, Pakistan and India, claiming to deliver products from our store to locations we don’t deliver to. You name it.

However, one dude just… stands out. We have no idea what his real name is, where he is from (probably India), and so on. What we know, though, is that we’re talking about a benchmark steroid scammer: incredibly lazy, incredibly stupid, yet brazen and shameless. 

Meet @James_Roids101:

James_roids101 channel. Looks sus? You’re God damn right.

Today James_Roids101 is going to actually do something good. James used our brand to mislead and scam people, and we’ll use James as an example for our new series of guides on detecting scam.

Meet @Roids_101

The handle this guy uses might remind you of something: Roids_101. Sounds familiar? Yeah. There’s a steroid store in Canada with a similar name. You’re in our blog right now.

We, with @Roids101 handle with no «_», were here a little earlier. This, and the fact that we actually sell gear, makes us and James a little different. 

His channel on Telegram (the only place where the guy lurks) with a 100%-legit-non-suspicious handle @james_roids101, has almost as many followers as our original channel.

PRECISELY 98%. Never 99% or 100%.

Whatever his secret is, it’s not content: James doesn’t worry about content at all and just copy-pastes our posts. All of them, with no exception. Even our post calling out a bunch of other fake accounts.

Yes, the irony of a scammer copying our post that calls out other scammers and replacing our links with his scam links is fascinating.

Sure. Safety.

Maybe the secret is the global scale of operations? James claims to deliver to the US, to Europe, and pretty much everywhere. We still can’t can’t guarantee deliveries outside of Canada.

But enough with jealousy. It’s easy for us because we know who the original is. 

What about others? What about some Average Guy Joe from California who just stumbled upon this fake group? Do they have any means of verifying it? 

Hell yes, they do. And this is how you do it. 

Your Toolbox for Identifying Steroid Scammers Online

We know, it sounds like something a cyber security expert should do. Someone with a three-letter-agency badge, a whole list of sophisticated scripts, excellent skills in open-source intelligence and social engineering. We’re here to arm you to this exact level. 

Remember that scene from any John Wick, Men in Black or the Matrix, where they walk into an armoury room, loaded with guns and RPGs? This is what’s going on here. 

And this, Neo, is the list of tools you need to accomplish this mission: 

  1. Google.com

That’s it. Literally. Google is all you need. if it sounds silly and easy, remember: it’s not the tool, it’s HOW you use it. In this case:

  • What you google;
  • How you do it;
  • And what you see in the results. 

Let’s start and go through all the steps, slowly. 

Check the Brand Name 

The first thing you should do is just put the brand name in Google. Simple as that: Roids101, as the handle they use. It would take you directly to our site (this one, there’s just a link to the homepage), and would eventually lead you to the FAQ that clearly says: we don’t deliver outside of Canada. 

Something sounds suspicious and inconsistent? Stop. That’s it. You’re NOT buying anything from a suspicious and inconsistent chat on Telegram, unless you’re willing to lose your money. 

You’d also find the buttons for all our social media, including the original link to our Telegram chat. It’s quite silent since we realized that not many Canadians, unless you’re a paranoid performance enhancement compound source, actually use Telegram. Nonetheless, it’s consistent with everything we say anywhere. And James is not. 

Check the Visuals

The most eye-catching part is always the pics. We took our time and money to invest in some branded visual templates, so all our graphics are more or less the same: red, black, white, with fancy crosses and arrows everywhere, and that one deep space background we’ve used everywhere for years. 

it’s not hard to copy (or, in case of James, just steal) branded images to impersonate somebody:

Right visuals. Wrong link.

However, it IS hard to survive on just that. That’s why James uses a ton of images from other sources. 

Look for Logos & Watermark

For example, it’s hard to understand (and calculate) why James has so many pics of gear from all labs and sources imaginable. Here we have a Canada Peptides pack that looks like it was coloured with a sharpie, under some other source’s watermarks:

This picture has labels from researchem.store:

One damn GALLON of Tren. So James is in charge of Mike O’Hearn’s breakfasts now?

And here we have a watermark from “gorillazmarket”, some seemingly Russian store. If you put the picture in Google, you can find the store on some Facebook Marketplace analog.

Use Google Lens

If there are no watermarks or you’re not familiar with brands, you still can use Google to verify an image. 

How to Verify Image Source 

As easy as it gets: 

  1. Save the picture (or copy it);
  2. Put it in Google Chrome (or look up Google image search, they call it Google Lens now);
  3. Click «Find image source». 

This is how you find out that this image was first published at eroids.com as a review for steroids-uk.com, 3 years ago:

Here’s a pic from James…
…and here it is in Google

A little PRO tip on Saving Content from Telegram Channels That Restrict Saving

You can prohibit copying or saving any content from your channel on Telegram. it doesn’t mean that people can’t do it, though: 

  1. Screenshot images from a desktop application on your PC or Mac;
  2. Use an alternative Telegram client (there are dozens, from a half-Russian half-Chinese Telegraher to Ninjagram and others);
  3. use an Android device with a file manager to retrieve the content from your cache. 

it’s way easier to save content from Telegram channels that don’t allow it than it should be.

Use Other Tools

Some other sites you can use to look for the original image, instead of Google Lens that often fails, are: 

Or just google reverse image search, there are tons of services for it out there. 

The Details

Another big thing to watch for are details. That’s where the devil hides, at least according to an old saying. In the case of James, however, the devil is retarded. 

Withdrawals Screenshots

To prove authenticity, James posts a lot of screenshots. We have a Coinbase interface, Binance that looks like it was posted to Instagram with a filter, and so on. You get the point. 

Why the Binance one looks like it was saved and cropped a thousand times though

The problem: we have only withdrawals. Why screenshot a withdrawal (sending money to someone) when you, supposedly, sell steroids? That’s just stupid and we won’t focus much on it. Suspicion-o-meter here goes through the roof. 

Especially in case you are aware that there’s a hundred apps that anyone can use to generate a legit-looking «screenshot» of pretty much anything.

You get the point: a screenshot is not a proof.

USPS Tracking Numbers

Another genre James really likes is “generic screenshot from USPS”. Sometimes, he’s a bit too lazy to remove the tracking number:

For example, here we can see one actual tracking number that you can check at the USPS site, and it’s successfully delivered from Florida to NY! We can see both the sender’s location, the buyer’s location, and so on. We hope it is, just as everything with James and his business, is just some random pic.

Do we need to say that posting an actual tracking number of something not quite legal is not just irresponsible, it’s just fucked up?

Other Details

There are many things to look at. For example, just how many phones does James have? All the different layouts and Android versions. 

Or this one, with a supposed customer’s email in it:

Luckily, if you translate it from French, it also says that James didn’t receive 600$ but sent 600$ to this lady. Also, this lady lives in Florida, as a fast background check says. Might be his friend? We hope Lindsay is here by mistake, as well.

The key here is simple: be on high alert and pay attention to all sorts of shady stuff. 

Don’t let fake customer review videos trick you into believing them. You’ve got to be beyond special to believe in a VIDEO TESTIMONIAL from a steroid source:

Look for Mentions

Most likely, you’re not the first to encounter a shady person. All you have to do is to look for other mentions of them. 

To look PRECISELY for something in Google, use brackets. One of the easiest Google dorks in existence.

Literally, put anything you want to find in «», and you get much more relevant results:

For example, a simple search «James_roids101» results in about 460 spam comments with his self-promotion on Facebook. 3 different accounts non-stop spam all the bodybuilding communities with his handle. Doesn’t sound trustworthy, right? 

If you get too many similar results, use the «-X» command, where X is anything you prefer not to see in the search results. 

A search like this: «james_roids101» -Facebook makes it easier to find 3 of his other social media accounts: 2 dead TikToks and a dead Instagram. If James was a legit store, he would have a completely different picture. 

Positive Mentions

Take it from an actual steroid shop: these are the good signs: 

  1. eroids.com profile. Listing there requires a domain authority check and a hefty monthly payment. You can afford it if you’re good at actually selling steroids, but you can’t afford it if you’re James;
  2. musclegurus.to profile and — most importantly — blasts, aka announcements of some sale that they feature on the front page. It’s a 4-figure option, and it works, we’ve ordered it;
  3. Reviews. Not every store that keeps it honest can get a lot of reviews (sigh), but those who have zero mentions anywhere are… well, should be trusted less. 

Negative Mentions

Some mentions are worse than others. For example:

  1. Obviously, if you see the store mentioned in a forum thread labeling it as a scammer, it’s a bad sign;
  2. If you see no mentions anywhere, at all, it means that the guy just changed his handle;
  3. And if you see it in one of the steroids scammers databases, like the one here by steroidsworld, it doesn’t get much more obvious. 

Summarize It

Our goal is not to doxx James here, though the guy provides enough dots for a properly educated person to connect. We are a steroid shop, not private investigators, YouTubers or 4chan trolls. 

Our goal is to protect our reputation and have some shit and giggles, looking at all the details of this benchmark scam “operation”. 

To summarize it all, here’s what we see: 

  1. Stolen brand name;
  2. Weird handle on Telegram;
  3. Stolen images and videos;
  4. Fake screenshots of “withdrawals”;
  5. All sorts of labs and gear brands in Media;
  6. Zero positive reviews or mentions anywhere;
  7. Copy-pasted content from other channels and groups;
  8. Watermarks and mentions of other sources on images;
  9. Images that are found on Google;
  10. Seemingly uses a dozen of different phones;
  11. Posts the «client»’s personal details (from email to location);
  12. Simply operates with no knowledge of the market;
  13. Has no profiles on any of the major steroid source aggregators (eroids and muscle-gurus);
  14. Uses spam in Facebook groups with 3 different fake accounts;
  15. Just writes BS, sometimes — with mistakes.

Remember how we started? It’s not about us doing the DD, it’s an Average Joe from California. We never used anything but Google to learn so much about James. ANYONE can do this. No excuses. 

The Conclusion

Scammers like James exist for one simple reason: there are people who will send them money. It pays. While there are fools, there will be con artists to strip those fools of their hard-earned cash. 

The sad thing is, we’re 100% sure James won’t just stop. He will keep grinding, keep calling people “sir” and “bro”. Once this article is indexed and all his links are in Google, he will MAYBE change the handle, and that’s it. James_roids101 will turn into George_Napsgear, or whatever. 

The ONLY way to stop this shit is to starve James and his colleagues. They feed on fools and naive newbies? Fine, we’ll try to educate the community.

The final shot is on you, though: On the person that reads this guide. 

Stay vigilant and don’t let anyone take advantage of you. We hope this guide will help you, your friends, or some Internet strangers, to save money for more worthy deeds.

Scam Links, Emails and Accounts for Indexing Reasons:

Emails mentioned in the fake channel as contacts:

Facebook accounts used for spam: 

Dead TikTok’s

Dead Instagram

P.S.

The fake channel mentioned some emails “for contacts”: upshaifa385@gmail.com (seemingly dead), alphacontainershipping@gmail.com (belongs to some logistics company), and one more:

buddyalphonsus@gmail.com

This one has just a single mention in Google:

Only indexed in Indian version of Facebook (most likely, registered from India). It’s a psychedelic mushroom store:

And the tricks seem to be familiar: all stolen images and overused fake “order” screenshots:

Pic from “buddy”…
And its source, Reddit.
Pic of “orders”…
And the number of times this exact screenshot was used (17, by weed stores, crypto bros, and casinos).

We’re not saying anything, but if it’s James — he should’ve stayed in the “shroom” business.

Stay tuned.