I've been debating this blog post for most of the week, but I believe it needs doing as a warning to folks who may need it.
Before I go on, I must preface with a few details about my father - he's a brilliant man, a scientist, full of great heart and wisdom. He is now in his 80s and he still does meaningful work for a university. But my mom was lost to us a year and a half ago (has it already been that long??), and he is beginning to really feel his age - and at times says he feels lost in a world that has changed so much from what he's known.
And at the beginning of the week he almost lost a huge chunk of savings to online scammers.
It all started with a popup, we all know the ones, that say your computer has been compromised - and to call Apple Support to get it taken care of. With a handy number to call.
From there the nightmare for my dad began.
They're experts at manipulation, these scoundrels. They kept ratcheting up the panic levels, making sure fear and adrenaline levels remained high while bombarding him with details on things he doesn't know about. Scaring him that not only was his computer hacked, but his phone lines as well. And then his bank. Pretending to install software that would allow secure communications with only their provided number, and that the hackers would be listening in otherwise.
Because isolation to prevent contact with anyone else is a key part of their plan.
From there they faked a call to his bank. Where he was told his accounts already showed horrible illegal activity involving purchase of child porn and other things. And those charges thankfully had been declined because they're illegal, plus the Treasury Dept had agents investigating a possible insider threat from the bank. As he wasn't alone, you see, he was the 18th victim. And one 'agent' became his 'Case Worker' for his case, needing his help for their active investigation and that it'd be illegal to tell anyone as that could compromise said investigation.
And that the bad hackers, oh they'd compromised his Social Security Number. Which the gov't would need to suspend. Which in turn would lock all his accounts, and prevent him any access to his money. For ten to eighteen years...years he doesn't believe he even has left.
But to save as much money as possible, they would set up a Treasury Department account to secure as much funds as they could before that happened. If only he would withdraw from the bank and let their 'agent' pick it up. And when the bank told him it didn't have enough cash on hand for him to cash out the amount in his savings - which was large as it held the life insurance money from my mom - the scammers switched the scheme to buying gold, that the gold would be an even better item for the Treasury Dept. to secure.
During all this he was receiving perfectly formatted emails from these institutions, his bank and the gov't. With all the warnings of the evils of what his SSN was being used for. AI-generated walls of texts, with names and badge #s of the agents involved - likely actual agents who had been scraped from official sites and used here by the scammers. They looked solid, but of course are something that would -never- be emailed. Such correspondence be it from local Courthouses/Sheriffs to Treasury/IRS will arrive via physical mail. Something the real government websites state categorically in warnings due to scams like this.
And this could have worked for them but for a couple things. The key one being that, while on the phone with the scammers, his cel phone randomly managed to call mine. And when I answered he yelled at me to get off the line. But that caused him to later call and try to explain why he'd yelled, that he'd been hacked and his bank compromised. Though he didn't give any more detail than that.
Which led to my seeing him over the weekend for dinner, and hearing only a bare minimum of more detail. Just that his bank and investigators were working on it. And on the drive home, the more I thought about it, the more those details didn't add up. Enough that my wife (who'd had a lot of wine with my dad) even needed to prompt me to not miss the highway interchange we needed to get home.
So instead of going to work Monday morning, I went back to his place, walking into his kitchen at six am. Told him I was concerned, and that I hadn't asked the right questions.
Because I hadn't.
Seeing me, he was both more worried and relieved...and finally opened up when asked to start from the beginning and describe how he had discovered he'd been hacked. And when he got to the whole 'buy gold' scheme my jaw dropped to the floor. A wire transfer had already been arranged to a legitimate gold seller, to ship to his house. Calling them, that was stopped (they immediately understood...and in fact their invoice had a huge warning in yellow at the top about scammers using gold to steal money and disappear without a trace). He'd arranged the transfer last Friday...but the bankers thought it also out of place, and had sat on it while the manager debated the approval. They could have approved it immediately, but hadn't. Because despite the reason he gave and had stuck to (that it was an investment in gold for his granddaughter, the lie he'd been told to tell), the situation stank to high heaven.
When we went in together later that morning to talk to them, they were immensely relieved - and confirmed that the gold seller had already notified them that they were not accepting the order (due to my call).
His accounts were fine. All of them. No bad activity, nothing lost. Credit card #s were changed anyway, and we put a freeze on his credit for good measure just to be sure. He doesn't think he gave them any PI as when faking being his other bank on the phone they hadn't bothered to even ask for any...as focusing on security questions might have gotten him thinking about security and catch on. These jerks wanted complete lack of traceability. A courier to pick up the cash or gold, and then gone.
We took his phone to the apple store and had them scan it, and it was clean as well. As for his computer, university IT owns it and took it away - giving him a shiny new one.
But this was too close, folks. Too damned close.
Through it all he had mental alarm bells going off, but they kept the pressure on - to discombobulate and confuse so he couldn't reflect properly. And technology, what it can or cannot do, is not something he understands well. Too much of these newfangled things work like magic to him. That's how these social-engineering bastards work, it's a studied and crafted approach - escalating through their ranks to their experts once a fish is on the line to reel them in for as much as they can get.
If you have elderly family, warn them. Or if heading into your own twilight years, be mindful - and if you have ANY doubts about anything - ask someone. Ask us here, even. The key to all these scams is isolation, the warnings to not tell anyone for whatever BS reason they come up with. They'll keep you on the phone if possible non-stop. And the amount of such fraud has quadrupled in the past few years, in the U.S. going from $2.7 Billion in 2018 to $10.3 Billion in 2022 as per the internet crime gov site. And probably much more by now in 2024.
And all of this started from that simple stupid javascript popup, and the spoofing of a call to appear to come from Apple.
I love my dad, and he will forever be my hero. And those who scared him so and tried to take advantage of him like this should rot in Hell. And to whichever angels caused his phone to spontaneously call mine and open the door, they have my immense gratitude.
- Erisian <3
Comments
All began with a popup
which is why you should always block them. Yes, it can be frustrating when buying online but you soon learn to allow those through. Random popups (like all advertising) are avoidable. I don't see any ads or popups and have not done so for years.
If I were in your shoes, I'd get your father's laptop setup to block them.
I donate 100x more to this site than they'd earn from showing ads so I don't feel bad about it.
Samantha
I'm 79
I've gotten emails that inform me that something dastardly has gone on with my bank account. I just went to my bank's web page and looked at the account. There were no such charges. I deleted the email.
Recently I got an email shortly after making an online purchase for Walmart that informed me that I'd been selected to receive a $100 gift card to Walmart if I would take their survey. I should have twigged to the scam when they told me that there would be a $1 fee to receive the card. But I took the survey and filled out the form including my bank card number, exp date and CCS code. Then a pop up said for $9.95 I could be five times more likely to "win" the card. There was no way to opt out of this extra chance. So I just bailed.
The next thing I knew my bank emails me about a suspicious $9.95 charge and wanted to know if I had authorized it. I told them no so they declined the charge and canceled my bank card. I had to wait three days for them to mail my new card.
My bank is good about that sort of thing.
Hugs
Patricia
Happiness is being all dressed up and HAVING some place to go.
Semper in femineo gerunt
Ich bin eine Mann
Thank you for the reminder
So glad you managed to stop this before they robbed your Dad. I’m with you on the “rot in hell” part. 1000 percent.
— Emma
Duplicate - please ignore
sorry somehow this got duplicated.
Popups
The scourge of websites.
I first encountered them in the early days of the internet in the late nineties where I accidentally entered a porn site at work.
The popups literally took over my entire screen faster than one can get rid of them.
To say the least it made me hate them going forward.
Even ones from first party sources are annoying as they love dark patterns to try to get you to agree to something stupid.
The transparent ones are really annoying as they try to get you to focus on what they want you to do and distract you from finding the 'X' to dismiss the popup.
I don't know if it makes a difference but I always use the 'X' in the far right corner (typically) to dismiss it instead of 'no thanks' or something.
Deceptive user interface is how I accidentally found myself enrolled in Amazon Prime which I did not want or need. Yes, it was not technically a popup but I find little difference as it is still a page trying to sell you something.
The only thing I purchase even remotely regularly from Amazon are books published by authors on this site though I do it very grudgingly. I am far more likely to purchase from say lulu which sources pdfs.
Scammed
I wouldn't know it if I had been scammed. My computer is more than 10 years old but it still does Word, and cruises the web. That's all I want. I don't game, though used to enjoy Flight Simulator when you just loaded it off a DVD, but since it is online, it is too much bother.
A while back, it was taking up to an hour for my computer to boot, but I discovered that if I left my email and a word file open, it would open immediately. Facebook got taken over by some really abusive people, so I just don't go there anymore. I used to talk to friends on it.
I never buy anything online except for one site, which I won't reveal. I have discovered that Safeway, my grocery store and that site talk. Have I been scammed and manipulated? It is likely. I think that most of us are controlled by someone who seems benign so far. Freedom is an illusion.
Gwen
Scammers
I've been scammed exactly once in my life and I was in my twenties literally in the streets of Manhattan.
From then on my Scam-dar got activated. I realized then that scamming always fits a pattern of behavior whatever form it takes be it online or in person or what not. In my defense, I was not totally fooled as I was taking that subway train to where the scammer had directed me to but during that ride is when I had internalized what had happened to me and what that grifter had done to manipulate me and the opportunity I had to resist their manipulation.
I paid about 60 dollars back then for that lesson to the asshole who scammed me but the lesson has benefitted me to this day.
Not just popups!
My brother-in-law, who is a CPA and should have known better, got a phone call from someone posing as my son. "Help Uncle Mac, I'm in jail and need $2,000 for the fine."
Did he call me to ask if my son was actually in jail? Did he even try to verify it was his nephew, who hasn't seen him in more than a decade? Nope, he put $2,000 cash in a box and Fed-exed it off to a mail drop.
It was almost a week later that he talked to us and found out he had been scammed.
Scam calls
I once got a phone call from someone claiming to be my grandson. I have no grandchildren. My late mother-in-law once received a call supposedly from her grandson, my wife's nephew, with the same "I'm in jail and I need money for bail" scam, except also claiming that he was overseas. She was in frequent contact with all of her daughters, and hadn't heard that her nephew was going to travel overseas, so she called my sister-in-law and found out that he was still in Oregon and that the call was a fake. Fortunately, she hadn't sent any money.
I understand that most of these scammers are outside the country and, thus, beyond the reach of our law enforcement. It's a good thing that some banks are alert to the problem and won't process unusual transfers without contacting their customer.
Scam texts too
I got one at one time that claimed I owed money for phone sex and that they belong to multiple gangs all over the country that will put the hurt on you if you don't pay up. In Bitcoin of course *rolls eyes*. Crypto currency needs to die, seriously.
They also insisted that I did not delete the text.
Funny thing is, there is no way for them to even know if a text is even received, it is a strictly UDP or one way kinda thing so they were so full of BS, even 100 cows could not match it.
I can understand how folks with a guilty conscience and tech illiterate would fall for this. There is bound to be somebody that fit this criteria and if they were stupid they would actually pay.
It's not helped by Google,
It's not helped by Google, Yahoo, Microsoft, and other companies being willing to sell advertising links for major companies _to other people_.
I had two customers, the same day, who use their search engine to 'find' Amazon, rather than just typing 'amazon.com' into the address bar (not helped by the default behaviour for browsers is to USE the address bar FOR searches). The number one advertising link for that day, claiming to be a link to Amazon, was to a third party site that immediately told them (both older people) that they were infected, and it was Microsoft telling them that they were infected.
This is in turn not helped by Google removing the tool they used to have so you could report a malicious link/advertiser.
As for blocking ads and popups? You can only do so much. Many sites require dozens, if not scores, of other sites be 'trusted' before you can do anything on them. The advertising blurbs are often loaded before the real site, so to get to what you have to allow, you have to allow another site (I call this the 'STD' proliferation in web sites. You not only have to trust your partner (the site) you have to trust everyone that partner has slept with (the initial link requirements), and the people that THOSE people have slept with (the sites they additionally draw from).
The support.motorola.com site, right now, requires only seven sites be 'trusted' before you can view the data. One being 'motorola.com', another being 'lenovo.com' (current owner of the Motorola name). You also need two google sites - googletagmanager.com, and google-analytics.com - as well as equalweb.com, rnengage.com, and contentsquare.net
Home Depot wants _fourteen_ up front. Then it wants more if those are 'allowed' to call for others. I've seen porn sites with fewer requirements. The sad part about this? The new HTML5, Java, etc, were supposed to make it so that YOU didn't have to run all those scripts on your machine - they were supposed to be pre-processed on their server, and mostly just presented to you. Instead, they've worked hard to move to offload everything to your system, plus go for all the money they can with off-site systems - rather than just having all of those under their own domain name(s). (Amazon, for all their failings, does keep all their stuff in-domain)
I'm getting ready to make up some 'cheat sheets' for my elderly customers, listing the steps to take if they think they have had a compromise, or otherwise have an issue. If I do that, I'll probably link to it for other people. The key is to keep it simple and understandable without being rude or patronizing, and that's very difficult.
I'll get a life when it's proven and substantiated to be better than what I'm currently experiencing.
If a site wants too much enabled
then stop using is OR use a Private Window. Googletagmanager is permanently blocked as is doubleclick.
As for browsers defaulting to search in the address bar, browsers such as FireFox and WaterFox (my goto browser) allows you to separate the search from the title bar.
Think about using a separate browser ONLY for those awkward sites and then open up a private window. At least then, you are taking steps to prevent the slurping of your browser history and you stop a lot of their intrusion attempts. When done, close the browser after clearing the history and cache.
Then you can avoid using sites like Google.com and Amazon.com entirely. There are privacy based sites like 'startpage.com'. That keeps your system away from google's octopus like tentacles. As for Amazon? I only access that spyware riddled site from a private browser session but tbh, I've been able to steer clear of those tentacles since last November.
If a site requires you to basically give them a blood sample before they'll let you in, just say NO and go elsewhere.
But please...
1) stop using Google or Microsoft (bing) directly. Starve the ad slingers of data. Without it they can't function.
2) Add add blocking plugins to your browser.
3) DO NOT USE CHROME. It is nothing more than a data slurper for Google.
4) Add Popup blockers to your browser
5) Use a private window for sites that want you to sign away the life of your unborn child before they will open the door.
6) Use a VPN to hide your location. Most of my browsing is done via a VPN that tells the add slingers that I'm in the same zip code as the Google HQ.
YOU CAN do things to reduce your internet footprint which IMHO can only be good.
Samantha
avoid using sites like Google.com and Amazon.com
Good advice. I've quit both of them I never use either of them on purpose. Both are date miners. My health insurance for a time struck a deal with Google to make it's video/virtual doctor visits only work on Chrome. I wrote scathing email describing how ruthless that Google/Chrome was in collecting personal information for the purpose of selling it to third party companies. It took a while, but now the virtual works with Firefox.
I take almost all the steps you outline. I don't bother with a VPN. I live in a small town about 40 miles from the nearest internet server and when ever my antivirus software warns me that my location is visible online (in an effort to sell me their VPN) it says I''m in that town. Good luck to anyone who tries to find me there.
I also almost never allow any site to access my location, because that will utilize other methods of finding me and they can come very close to getting it right.
Hugs
Patricia
Happiness is being all dressed up and HAVING some place to go.
Semper in femineo gerunt
Ich bin eine Mann
I realize you were trying to
I realize you were trying to generalize, but it came across a bit more directed.
I'm an IT guy. I have three browsers installed on my linux laptop. I manually shut off most everything that's tracking - and Firefox is just as bad as Chrome and Edge for turning on tracking. I also shut off the 'power up at bootup, and when closed, stay running and hidden' in Edge and Chrome.
I don't use a "popup blocker". I use uBlock Origin, and block _scripting_. (not here, this is one of the sites I leave running), I also use NoScript. That's how I can tell how many sites a site wants to demand to access my machine.
Unfortunately, there are now really very few options for web browsers. Unilaterally declaring "Chrome" to be off-limits removes Brave, Edge, Chrome, and a variety of other browsers all built on the same code base. BTW - Just using a VPN doesn't give you that much privacy. The only way to try to do that is to reset your browser fingerprint every day, as well as flush all cookies daily, AND change VPN locations at least daily.
Almost all modern EMR systems are written to use the Chromium engine (Edge, Chrome, Brave if they allow it), as to connect to scanners and diagnostic equipment, they have to have a resident plugin to interface with that equipment. More browsers use the Chromium engine now than anything else, especially since Microsoft abandoned their own web browser. Trying to fuss at them for not using Firefox is mostly futile. The best thing to do is what I listed above - make sure their IT people shut off all the tracking and "helpful" add-ons. (the forum I'm on for one EMR has people talking about that frequently) The biggest problem isn't the browser - it's the OS. Microsoft constantly turns EVERYTHING back on so they can scrape data, and refuses to actually indemnify medical folks under HIPPA. Oh - and most of those EMR won't work properly on OSX, and generally just have limited apps on iOS, maybe android (haven't seen any, but someone must have one)
BTW- 'Private' windows/tabs still leave fingerprints.
I'll get a life when it's proven and substantiated to be better than what I'm currently experiencing.
A Timely Reminder
Thanks, Erisian, for posting this. We all need to be alert as the scammers get smarter and smarter. Every morning I delete most of my emails that claim to be 'giving' me something. I now never answer my phone if I don't know the number calling me and don't ring back unless they leave a message. Even that is no guarantee of safety so I go through a call-back system which relays the message but doesn't give a direct connection (call 101 in my country) so I can still delete or ignore anything that sounds dodgy.
So far, the only time they got me was about ten years ago when I returned from an overseas trip and went to an ATM for a top-up and found the account to be empty. I went into the branch and queried this and found that *I* had made purchases in Amsterdam, London and New York to the tune of AUD 6000 when I had actually been in Singapore. The bank immediately cancelled my card, issued me with a new one, and refunded all the stolen money within about ten days.
The lesson I took from that was to have more than one bank account!
Cards
One reason why I'm a "cash person".
I also have two cards, One for cash withdrawals from a secondary account and back-up and one card not connected to any account (I'm charged every month) with a fairly low credit limit, that I use when I for some reason can't use cash.
The banks where I live are not as generous as your bank.
If the cash is not in my wallet, it don't get bought
after the move towards a cashless society when COVID struck, I've reverted to using cash wherever possible. Sadly some things are 'card only' like the car parks in my nearest big town unless you pay by app. Why some branches of Starbucks and Costa are still cash only is beyond me. I see that sign and walk out. There is usually another place nearby that welcomes your hard cash.
When buying materials at the builders merchants, they want you to pay by card because they will get your email address in the process of authorizing it for the initial transaction. As I don't do email on my phone I simply explain that if I give them an email, it will never get replied to or validated. I pay cash and be done with it. I have a 'reserve' of cash at home for large purchases but only last week, I ran into a new scam.
"We only take cash for transactions up to £100.00" I was spending £440. I walked out and went elsewhere. The retailer didn't care. Whatever happened to 'The customer is always right'?
FSCK all of them.
Sadly, one area where I have yet to be able to pay cash is when charging my car. Therefore, I use one card for that purpose and that purpose only
Samantha.
You didn't make 5 purchases instead?
.
While I carry two credit cards in my wallet
I put everything on my debit card. If the money isn't in the bank, the sale is rejected. Haven't had that happen in the last fifteen years. I only buy with my credit cards occasionally but if I don't have the cash in my account to pay the card fully before the purchase I don't buy it. I use the credit like that to keep my credit rating up. There was a time when I didn't have or want a credit card. I then discovered that car insurance companies check your credit and charge you more if you have a poor credit rating. So I got one card and used it that way. I built my credit rating up from below 600 to 805 by judicial use of credit.
Hugs
Patricia
Happiness is being all dressed up and HAVING some place to go.
Semper in femineo gerunt
Ich bin eine Mann
You and your Dad was lucky
You and your Dad was lucky that he accidentally called you and that triggered the who event that you got suspicious. I am glad you were able to stop the scammers.
I work in IT, we had some come into our shop a month ago to have their computer looked at. They had just been scammed for $30,000. The scammers are good and as you said they hook you with fear and panic, if they can keep you scared it stops your brain from making the connections that what they are asking you to do doesn't make sense.
In the case of our customers, the scammers ask them to pull out 30k in cash from their bank and use it to buy Bitcoin and send them the Bitcoin. Our customers did, they did ask us if they could track the accounts as they had the Bitcoin addresses, we told them we could, and you can track transactions, but the Bitcoin account was empty and gone. If you know anything about digital currency you can track accounts quite easily but there are a few digital currencies out there that erase all records about themselves within a couple of hours, and my boss and i were talking and i figured that most likely that is what they did, dumped the coins into a different currency that they could then scrub the trail, then back to a currency they could cash out.
My word of warning for anyone out there, if you get any type of popup or message on the internet, instead of calling the number find a number for a local computer shop, not Bestbuy, and ask them, many small shops will gladly tell you if what you are seeing is a scam or not. If it is an email they might even ask you to email it to them. Our shop answers all these questions for free, for a couple of reasons, if it is a popup or an email you are fine. You can even call the phone number and talk to the scammers and you are fine, I actually like doing that but that is to just waste their time. As long as the person does not let the scammer into their computer or give them any access to any of their accounts, talking is fine. The second reason our shop will do a quick did you get scammed or compromised is that these scams tend to run in waves, so if we get notified early we can even let our customers know, send out warnings if we see a trend or just let our front of house staff know about this so they can be prepared for more scam calls.
There are several ways to help stop the ad from showing, first install an ad blocker, I personally use one called uBlock Origin. Popups have started now to also come from notifications, so to stop that you can turn off notifications from Chrome in Windows and within Chrome itself. I have seen a lot of McAfee Anti-Virus scare ads come in this way. The third option and is the most drastic if you are getting them by email get a new email. I personally recommend Gmail as they have really good filtering to warn people that they might be reading a scam and 99% of all the scam emails I get end up either in my spam folder and the occasional one might end up in my promotions or social tabs. Microsoft email accounts (hotmail, msn, live, outlook, I am sure I am missing or two) have decent filtering, not as good as Gmail but a lot better than you normally find in an old AOL email, or an ISP's free email.