Watch Out For Scams!!


 
Chris Allingham

Chris Allingham

Administrator
Staff member
My dad got scammed out of $2000 over the Memorial Day weekend by someone employing the "Grandpa, I'm in jail and need bail" scam.

My dad is a smart guy. Over the years, we've drilled into him and my mother the importance of not falling for scams like this one and bogus FBI, IRS, police or financial institution scams. But my dad says, "they were so smooth" and he fell for it hook, line, and sinker. Even the part where he had to call the "officer" to arrange the "payment" in the form of...wait for it...wait for it...TWO $1000 NORDSTROM GIFT CARDS...then call back the "officer" to give him the card info.

Incredible.

To all of you...please, please, please be aware, cautious, careful, vigilant, etc.
 
Sorry to hear that, Chris.
There must be a list of senior citizen's phone numbers available to scammers.
I'm assuming this was via a landline? We only keep one for my pacemaker checks. Not that they don't try to scam cell numbers too.
With caller ID, we don't answer unless we know the caller.
 
Bob Correll said:
Sorry to hear that, Chris.
There must be a list of senior citizen's phone numbers available to scammers.
I'm assuming this was via a landline? We only keep one for my pacemaker checks. Not that they don't try to scam cell numbers too.
With caller ID, we don't answer unless we know the caller.
Click to expand...
Not a cell phone, a phone number through their cable provider. And they are pretty good about not answering phone calls with Caller IDs that they don't recognize...except that Caller ID is so easily spoofed today to make it look like a phone call from your own area code and prefix, or even spoofing YOUR OWN phone number!

But in this case, it was a "no caller id" number that he did answer because my sister is a social worker and her work phone shows up as "no caller id" so he sometimes answers to that.

In hearing him recount the story, there were several points where I would have thought, "oh, that's a red flag, that's the point where he should have questioned the situation", and yet he fell for it. And the part that was so powerful was, "Grandpa, I'm so embarrassed, don't tell anyone." So he's keeping this to himself, not consulting with other family members that could have smelled the scam, not even calling his own daughter to discuss the "situation" her son has gotten himself into.

And what's really baffling is that my dad has at least a passing knowledge of law enforcement through his career as a social worker and having close relatives in law enforcement. What part of an "officer" saying "go to Nordstrom, buy two $1000 gift cards, then call me back" didn't set off alarm bells?

It's a really powerful social engineering scam. I'm having a hard time grappling with it emotionally. I feel angry that my father fell for it, when I should be feeling sympathy and support for him and outrage toward the scumbags that foisted this crime on him.
 
Truth, Chris. The pond scum behind these scams do have it figured out. And every single one of them is beyond yours/mine/our reach. This won't stop until there are heads on pikes.

My client (former employer) started doing some tiger testing a couple of years ago. First test was setting up in a conference, making internal calls, "Hi, I'm from the Help Desk...." and seeing if they could get staff to turn over passwords to corporate systems. 100% success (or failure, depending on your point of view.) Practically everyone coughed up, in spite of the fact that the call came from a conference room, with no other confirmation. In all fairness, I should point out that this is a food/ag company, not a technology company.

They've started sending out phishing tests. One of my coworkers, who knows my paranoia predeliction, & I were talking about this a few weeks back. He said he was quite sure that I wouldn't be outwitted by a phishing scheme. "Oh, no. I'm sure that I can be compromised. I may not have failed yet, but there may come a time when I do."
 
Sorry to hear that, Chris. My dad got that call about a year ago and were it not for him asking "who is this, really?", he says he may have fallen for it. When the caller answered "Zach", my dad said Zach who? The caller responded with my dad's last name and not my nephews (my sister's son). It was only then that he hung up. I worry about my 85 year old mother in law all the time. She's pretty suspicious, but also a very generous person.

This also reminds me about protecting your online accounts. For all of you and your loved ones, use two factor authentication on all of your financial accounts, or anything else that might be important. The hackers are getting very good, and I'm reading too many stories about people losing chunks of their retirement savings.
 
@JimK..... most 2 factor authentication is worth only a little beyond single factor.... *IN SPITE OF* the term being thrown about everywhere. It is better than single factor, but text messaging is not an acceptable 2nd factor.

2 factor depends on something you have, and something you know. You know your password, that's the you know factor. The 2nd factor.... it should be a time sync'ed fob, an application on your smart phone, etc, but not a text message. An SMS message is not something you have, it's something that's transmitted to you. You may be in a cell shadow, your phone may also be compromised, etc. If you do use a smartphone application as the 2nd factor, make sure that you copy down and safely archive the control/configuration string so that the application can be reinstalled or migrated to a new device safely and securely.

While we're on the subject... neighbor number spoofing. This is another aspect that's potentially useful to the perps of the incarcerated grandson scam. The number being spoofed is the same area code and exchange prefix as yours, just a different 4 digit line. If it's not in your address book, be suspicious.
 
RE: two-factor authentication, our local news ran a report on SIM card swapping scams. This is where you turn on your smartphone one day and you've got "No Service". That's odd. And what's happened is some crook has gotten the phone company to activate a new SIM card in a phone in their possession, in essence cloning your phone and deactivating yours. Now they can go to your financial service companies, investment companies, etc. and use the "forgot password" process and two-factor process to get access codes texted to THEIR phone, not yours, resetting your password, logging into your account and draining it. The Bay Area guy featured in the story lost $1 million of retirement funds, whisked away as Bitcoin and never recovered.

These crooks do a lot of background research on you, and armed with the info, they do a social engineering job on the phone company rep, talking them into turning off your SIM and activating it on the new phone, and even more insidiously working with a partner on the inside to provide the security PIN and other info necessary to make it happen.

I mean, seriously, there's no way for any information and property to be safe anymore.
 
It's awful we have a level of humanity so low. Technology seems to work for and against us. I set up a thing on my dad's phone called "nomorobo" and it really works. He rarely if ever gets these outsider/robo calls. If you have internet based (not POTS) telephone service i.e. Comcast, WOW, etc it is even free
 
Chris Allingham said:
RE: two-factor authentication, our local news ran a report on SIM card swapping scams. This is where you turn on your smartphone one day and you've got "No Service". That's odd. And what's happened is some crook has gotten the phone company to activate a new SIM card in a phone in their possession, in essence cloning your phone and deactivating yours. Now they can go to your financial service companies, investment companies, etc. and use the "forgot password" process and two-factor process to get access codes texted to THEIR phone, not yours, resetting your password, logging into your account and draining it. The Bay Area guy featured in the story lost $1 million of retirement funds, whisked away as Bitcoin and never recovered.

These crooks do a lot of background research on you, and armed with the info, they do a social engineering job on the phone company rep, talking them into turning off your SIM and activating it on the new phone, and even more insidiously working with a partner on the inside to provide the security PIN and other info necessary to make it happen.

I mean, seriously, there's no way for any information and property to be safe anymore.
Click to expand...

A good part of this is being a target of opportunity. SIM swapping will intercept SMS 2FA, but shouldn't affect an application loaded on your smartphone.

To quote R. Adm. D. V. Gallery from WW II: "The only way to secure something is to weld it to the deck and guard it with Marines." If it's connected, it's accessible. Under some circumstances, even an air-gapped system can be compromised.
 
Getting back to poor dad.
I'm sure no one feels worse about it than he does, and bet falling for the scam feels worse than the money loss.
I recommend a big dose of love and understanding, and a big hug.
 
I know they could stop the spam calls if they really wanted to. I've noticed it's gotten way worse in the last few years. It's gotta be a huge drain on resources. Now that everyone is on unlimited plans, it's hard to say it's costing you more money.
 
The spam/scam calls.... that's unfortunately a problem that I don't think is going to be easy to solve. Spoofing the source numbers is fairly easy, and with Voice over IP calling, all the scammers really need is an Internet connection and knowledge of a VoIP gateway. With forwarded connections out of country, they're nearly impossible to trace.
 
LMichaels said:
It's awful we have a level of humanity so low. Technology seems to work for and against us. I set up a thing on my dad's phone called "nomorobo" and it really works. He rarely if ever gets these outsider/robo calls. If you have internet based (not POTS) telephone service i.e. Comcast, WOW, etc it is even free
Click to expand...
Thanks for posting this, Larry.
It turns out our Spectrum (Charter) cable offers nomorobo, I just set it up.
Some days we get several calls, some days only one or two. Annoying as hell, even though we don't answer.

Edit to add, it's already working, two calls, one ring each, then silence. Sweet!
 
Last edited:
Thanks Larry-I wondered about Nomorobo-sounds like everyone should have it!Agree you're not sure anything digital is secure any more.
 
Unfortunately the phone companies do not want to stop the robo and sales calls because they make a lot of money off of them. however there is new legislation that is moving through right now that could seriously help the problem.
 
One of my family members also has been a victim of scammers. And she was taken for far more money. Unfortunately there really is no recourse other than being informed about it and not making the mistake.
 
Scum of the earth and hell has a special place for them.
I have this app called robokiller and it blocks and scams the scammers on my cell.

Tim
 
Jason in CA said:
Unfortunately the phone companies do not want to stop the robo and sales calls because they make a lot of money off of them. however there is new legislation that is moving through right now that could seriously help the problem.
Click to expand...

What's their business model? Yes, there's the for-charge numbers, that's the target of the ring once and hang up, hoping to get you to call back. In the case of Chris's dad, I don't see the phone co. making a dime on it. Nor with the aftermarket auto warranty and repair insurance scams. Or the time share scams.

Seriously, legislation will do nothing to slow this down. What is going to have to happen is a complete reworking of the communications protocols to address the source number ID issue. That's going to be hugely expensive and very little revenue that will come solely as a result, which means the manufacturers don't have much incentive to do the work.
 
You must log in or register to reply here.

 

Back
Top