Fraud victim: ‘I thought, who in their right mind would fall for that? And here I am.’
A Modesto septuagenarian recalled the day a couple of months ago when he responded to an email he thought was from Microsoft and ended up being swindled out of thousands of dollars.
“There was an overwhelming amount of conversation that just kept me kind of engaged in conversation,” said Charlie Hayes. “And I kept falling for it. And I knew I was falling for something, but I couldn’t figure out what.”
Hayes had purchased a laptop about a year before getting an email that said his service agreement was expiring and he was going to be charged a couple hundred dollars to renew it.
Not wanting his bank account to be charged, he called the number given in the email.
From the moment the phone was picked up, he realizes now that he played right into scammers’ hands.
He doesn’t think they had any real information on him, and that the timing of the email, with his laptop being about a year old, was just coincidence. “I think they were artful in the way they asked questions, and I gave them, I think, all the information they needed.”
He was like a deer in the headlights, but the headlights were his hearing aids. He explained during a telephone interview with The Bee, “It’s not like a regular phone call. Like right now, you’re in both ears and inside my head. It’s not an external thing. And they had this flow of language that was just nonstop.”
Hayes doesn’t recall exactly how things unfolded, but his laptop was open because he was in his email, and pretty quickly they had him open something, perhaps an attachment. “And they had me sign that on the screen, and I did, and I never did understand what that was about.”
Scammers gained remote control of laptop
It apparently was about installing on his laptop a popular software application called TeamViewer, which is used for remote-control desktop sharing. Once the scammers had that attached, they could poke around Hayes’ computer at will.
Feeling confused, Hayes started doing just what the scammers told him to do. “I can’t even comprehend that, but I did,” he recalled. “I’m going to tell you, I have heard of this happening to other people. And I thought, who in their right mind would fall for that? And here I am, I did it.”
The scammers entered his online banking account, Hayes said, and he could see “they were moving things around,” but he had no idea what was going on. From what he’s learned since, it appears they were using his credit card to get cash advances or other loans that added up to about $6,000.
Hayes could see the money in his account and didn’t know where it came from, “but I knew it wasn’t mine.” A scammer launched a clearly well-rehearsed sob story about how he’d accidentally transferred Microsoft money into Hayes’ account, and if he couldn’t get it back, he surely would lose his job.
“And that was my entire process from there: How do I get them their money back?” Hayes recalled. “As I explain it to you, it is so obviously stupid to go there, but that’s where I went.”
The scammers were all too happy to help Hayes get them “their” money, which if course was really his, newly obtained through trickery.
Keeping him on his cell phone, the scammers convinced Hayes to go to his bank, withdraw the $6,000, take it to another bank and deposit it in what he was told was a Microsoft account. He did as he was told, never indicating to tellers that anything was wrong but neither being asked.
And that’s what angers Hayes’ friend Tami Rice, who said he’s been with the bank 30 years and someone should have been looking for red flags and asked if there was a reason he was making such a substantial withdrawal. “If anyone could have saved the day, it was the teller!” she said in an email to The Bee.
So now, Hayes is left to deal with the debt.
Tech-support fraud in 2019 nearly $54 million
Hayes said a bank investigator told him all he had to do was shut off his computer and hang up the phone when he first sensed something wasn’t right. That would have been the end of it. “Well, that makes perfect sense,” Hayes said, but in his rattled state during the scam, it didn’t occur to him.
And that’s what scammers count on, and why they can have such success. FBI Supervisory Special Agent Nathaniel Le, who heads the cybercrime squad in the bureau’s Sacramento field office, said that in 2019, nearly 14,000 reports were submitted on the FBI’s Internet Crime Complaint Center related to this type of fraud, the colloquial term for which is tech-support fraud.
The losses amounted to almost $54 million, Le said, and the majority of the victims reported they were over 60 years old. Not all who file complaints check the the box that they’re over 60, though, so the number of senior victims likely is higher than indicated, FBI public affairs specialist Gina Swankie added.
It’s typical for scammers to reach out in calls and emails with the hope of getting victims on the phone and then tricking them into downloading remote-access software such as TeamViewer, Le said. In the guise of being helpful, they guide the victim through the steps, with the victim often “not fully realizing they’re giving the scammer complete access to their computer.”
Just as the bank investigator told Hayes, Le said prevention often is simple as hanging up the phone, or not downloading any software. “The power actually is on the victim’s side,” he said. “Even after the scammer has successfully persuaded the victim to download the software and execute the software, let’s say in middle of the conversation, when the scammer has complete access, even then, all the victim has to do is shut off the computer. ... Once the computer goes offline, they’ve lost access.”
Be very wary about sharing personal information in an email or phone exchange, Le said. Likewise, be leery of unsolicited emails. A typical legitimate corporation would not call a person on the phone expecting to be given sensitive information. And if you express to an employee of a legitimate corporation that you are reluctant to go forward sharing information, he said, they would not press the matter. “They would be completely happy with you hanging up and doing your homework and reinitiating contact later if that is a legitimate business transaction.”
That homework would include searching online for the official corporate phone number and reinitiating over that line to determine if the call was legit, Le said.
Security precautions should be taken
Le recommended “basic cyberhygiene practices” to raise the bar in terms of security. One is using strong passwords that include a mix of numbers, upper- and lower-case letters and special characters.
Another is multifactor authentication. “You will get an extra code, either via email or SMS (short message service, aka text message). I would recommend email over SMS, but SMS is better than nothing,” he said.
Use antivirus software, which will protect you from a known, existing threat, Le said. Also, any important data, whether family photos collected over 50 years or titles and other documents, should be backed up offline, using a USB drive or an external hard drive. “That way if your computer happens to go down, whether because of hack, ransomware, or because it’s end of life — it just stops functioning — you still have that data somewhere else that you can restore.”
Swankie said it’s crucial to disengage the hard drive on which the data is backed up, because this region has seen ransomware attacks in which attached hard drives are compromised.
Installing updates is very important, Le said. Microsoft and other companies announce patches, or the fixing of vulnerabilities, which require updates. When the patches are announced, scammers take advantage of the vulnerabilities on computers not updated.
If using free WiFi at a coffee shop or other business, avoid using it for sensitive activities like logging into your bank account, Le said, “because you don’t know who else is sitting there using that same public network, and they may have tools running that capture your activities.”
On the reporting side, Le and Swankie urge victims to report it on the Internet Crime Complaint Center, or IC3, which is at ic3.gov. “We have dedicated analysts at IC3 who are taking these complaints, analyzing the information and then packaging it up and disseminating it to various FBI field offices for investigative and intelligence purposes,” Le said. “From our perspective, every complaint is another piece of the puzzle that helps us put together that big picture and take investigative action, take judicial action with our partners to to disrupt and indict and arrest the perpetrators.”
October is Cybersecurity Awareness Month, Swankie noted. Cybersafety tips, links to resources and more are at fbi.gov/investigate/cyber/national-cybersecurity-awareness-month. Cybersafety and election security messages also are being rolled out on her office’s Twitter account, @FBISacramento, she said.
This story was originally published October 15, 2020 at 4:54 AM.
