Don’t Think You’re Immune to Being Scammed
BY DOREEN MUNSIE
It wasn’t a Nigerian promising me love and duping my life savings from me. Nor was it someone claiming my grandson (I’m not a grandparent) is being held in jail and needs bail money wired by Western Union. It wasn’t even a threatening IRS phone call saying I owe taxes and to call back under penalty of arrest. These are real scams that victims fall for every day. I personally know three people whose families have fallen for the latter two scenarios.
Everybody knows you don’t click on an email from an unknown sender saying, “Open this.” Or supply your Social Security number to a request for updated account information, even if the email is emblazoned with a familiar bank or company logo and written with authentic-sounding verbiage. That’s fraudulent “phishing.” I may not be the most tech-savvy baby boomer, but I used to feel, a little smugly, I would never fall for that. I am an intelligent, educated woman who wasn’t born yesterday. But I was scammed.
I am not alone. According to the FTC, in 2018, 1.4 million fraud reports were collected, and people reported losing nearly $1.5 billion to fraud, an increase of 38% over 2017. Scammers get more and more sophisticated every day. After scams are exposed and you hear about them from someone, or are warned by the media, in hindsight they seem obviously suspicious.
My story begins with a series of difficulties I was having with my iPhone. After three trips to the Apple store, a factory reset to rule out possible software issues, a forced upgrade, some head-scratching on Apple’s part, and two brand-new iPhone Xs later, I continued to be plagued with connection problems, unable to send and receive texts or make calls when out of town.
The day after my third trip to the Apple Store, while working on my laptop at home, my iPhone rang. The caller ID indicated it was a call from Apple Inc. The woman identified herself and told me that my iCloud account had been compromised. I was alarmed. That explained my iPhone difficulties! I asked her what could be done. She gave me her name, Apple employee ID number, and a case number. She asked if I was by my computer and could she access my desktop with a desk-assist to investigate further. A few clicks later, she was checking my network settings since “it is very likely that my WiFi connection has been hacked.” She told me to click on a tab that brought up a window with a stream of what she said are external IP addresses that have been on my private home network and are currently still using it. She asked if I had used any public WiFi recently, like in an airport or hotel. I answered “yes” and “yes”. My alarm and blood pressure were rising very quickly.
For perspective, I am a very private person. I am only on social media for work and otherwise do not participate. I loathe mailing lists and eschew giving out personal information. So, the idea that my network was now “public”, and my private information exposed, was horrifying.
The Apple rep cautioned me not to do any banking or online shopping until this was cleared up. “Is anyone else on this network?” “Yes, my husband.” “Tell him to stop using it immediately.” I told her this was an emergency now since his financial work could be affected. “Okay, I will get a tech person on the line.” The tech person came on and confirmed that I’d been hacked, and I would need to get an authentication card from the Apple store to clear up the problem. Did I have one near me? Yes, I say. I gave him the nearest location and he told me to stay on the line while he checked. He came back and said there were a limited number of these cards and they were already reserved. I panicked. Also, I didn’t know what to do with this card. He asked, “Is there an Apple distributor or partner nearby? Like a Target or Home Depot?” “Yes.” “You need to go, and I will stay on the line and walk you through the debugging.”
I shout down to my husband in his home office. He was annoyed and shouting up a lot of questions. I was terrified that this tech guy was going to lose patience, hang up, and leave me in the lurch, so I began to plead with my husband to please just go to Target and get this card. He took the phone and I heard him asking questions and then there was some talk about the price of the cards and how Apple would reimburse us for the cost of $500. The tech person added that, depending on the severity of the breach, multiple cards might be required. At this point my husband was rolling his eyes, making faces at me, and shaking his head. He refused to give him his name and email address. He was then instructed to drive to the nearest partner store (Home Depot) and await further instructions when he got there. I was to remain at home with my computer on.
By now the cloud (pun intended) of my hysteria had dissipated. The anxiety shifted from my iCloud account being hacked to being hacked right now. We mouthed to each other, Let’s go to the Apple store, but continued to play along. The tech person said he would put my husband on hold until he arrived at the store, but he should stay in the car before proceeding. Unaware that I was in the car with my husband and my laptop, he said, “Your wife’s computer at home is turned off. Call her to tell her to turn it back on.” My husband explained that he had my cell phone (true) and that there was no house phone (false).
When we finally arrived at the Apple store, we kept the “tech” guy on the phone under the ruse that there was traffic to Home Depot. We rushed into the store and grabbed an authentic tech person and relayed our story. The woman took my iPhone and asked for the “tech” person’s ID number. She typed it in and, no surprise, he was not in the system. He hung up. I handed my laptop over to the legitimate Apple tech person and explained the saga, feeling upset and humiliated. She said sympathetically that this happens all the time (when pressed, she claimed three times a day!) and proceeded to remove the software I was instructed to download, run a malware program, and advised me to change all my passwords. She told me that I should be fine and that they primarily wanted my credit card number.
With overwhelming dread and stress, I spent the better part of the next day changing my key passwords and deleting some docs (including one which stupidly listed all my passwords.) For a few days I had trouble sleeping. After a couple of weeks, I started to relax, and my shoulders finally came down from my ears. Then, one day I received notification that my Netflix account was used in a new location. I texted my two daughters, who both happened to be out of town that weekend, but neither was using Netflix. Was this related? How would I ever know? That day, I changed all my remaining passwords. Once you’ve been breached, it’s always like waiting for the other shoe to drop.
Don’t think you’re immune to being scammed. Former con artist and bestselling author of “Catch Me If You Can”, Frank Abagnale’s new book, “Scam Me If You Can: Simple Strategies to Outsmart Today’s Rip-Off Artists,” has tips like always avoid free airport WiFi, an ideal hunting ground for cybercriminals. He cautions, whatever set of personal circumstances coupled with the latest enhanced level of authenticity, can trick even a cynical person. According to Abagnale, scammers establish a layer of trust, an opening, but stop and check your emotions. The situation I was involved in was supposed to end with the scammers securing multiple gift card numbers that I buy for the purchase of computer cards.
We are all on to the annoying “spoofing” calls where a fake area code or prefix appears on your caller ID to make the call seem local and someone you know. My scammers use a full Apple Inc. caller ID, and given my recent circumstances, I initially fell for it. Once you buy in, and believe the person is who they say they are, indeed a person of authority, you are vulnerable. But just pause, and listen to that little voice in your head and ask yourself, “Do they really sell iPhones at Home Depot?”