En español | Late one night last June, a 34-year-old woman in Los Angeles answered her smartphone. Caller ID showed her sister's name, number and photo.
But her sister never breathed a word. A strange man was on the line, speaking rapid-fire with a Southern accent.
"We have your sister," he warned. "Nothing is going to happen to her if we get money. We just want money."
Her sister, 32, lived in a nearby L.A. suburb. The two millennials from the Midwest had a habit of checking in with each other if they'd gone out separately with friends for the night.
They wanted to have each other's backs — and stay safe.
What might have been a routine check-in was anything but, as the older sister became entangled in an extortion scam — a crime the FBI says long has vexed people across the U.S. and is on the rise.
"Virtual kidnapping for ransom," the crime is called.
Tips from the FBI
If you are called and asked to pay ransom for a kidnapped victim, here's what the FBI advises:
- Stay calm and try to slow things down. Don't share information about yourself or your relatives.
- Ask to speak directly to the victim. Ask: “How do I know my loved one is okay?"
- Ask the kidnapped victim to call back from his or her cellphone. If the victim speaks, ask questions to which only he or she would know the answers.
- If you can't speak to the victim, if it is pertinent ask the caller to describe the vehicle the victim drives.
- While on the line with the caller, try to call the victim from another phone or via text or social media.
- To buy time, repeat the caller's request and say you are writing it down. Or say you need time to get things moving.
- Don't challenge or argue with the caller. Keep your voice low and steady.
In this instance, as the bad actor demanded his pay-off, a voice in the background sounded like a woman "moaning into a gag … in pain," says the older sister, who asked not to be identified. The caller knew the women were sisters — and knew their names.
"In the moment, I panicked," she says. It was past 10 at night. "I thought she was kidnapped. I thought she was walking back to her car and got snatched.
"I thought, 'They are going to kill her if I don't give them money.'"
The older sister sent four payments totaling $1,750 using peer-to-peer (P2P) mobile payment apps, just as the “kidnapper” instructed. Once she made the first payment with Venmo, he said aloud: “Put the gun down. She's going to give us money.”
Next he told her to download and use the app for Zelle, another P2P provider. She sent three more payments. At his behest, she typed in "rent" as the rationale for the money.
After she insisted, "That's all I can afford," the perpetrator hung up. The ordeal was all over in 20 minutes. Or so she thought.
Two sisters, two scams
When she tracked down her sister by phone, she was stunned. Though her younger sister was safe, simultaneously she had fallen victim to the scam and sent a strange caller P2P payments totaling $700, ostensibly to ensure the 34-year-old's safety. "It was a similar story line, similar background noises," the older sibling says, only her younger sister's "kidnapper" lacked a Southern drawl.
Reports of virtual kidnappings have surfaced elsewhere in California as well as in Arizona, Connecticut, Delaware, Idaho, Illinois, Minnesota, Missouri, Nevada, New Jersey, New York, North Carolina, Oregon, Utah, Virginia and Texas, news accounts show.
In 2017, the FBI said law enforcement had been aware of the scam for at least two decades — and that U.S. residents anywhere could be victims. While the FBI declined last week to disclose statistics, a bureau official said last year the schemes were on the rise. He spoke after a Houston woman, 35, was sentenced to seven years and four months in federal prison for extorting money from parents who were told their children were kidnapped and would be raped and murdered.
The case of the two sisters shows how miscreants highjack multiple technologies in their cruel chase for cash.
One technology is caller ID spoofing, which is widely used by crooks, some part of criminal organizations, to alter what shows up on caller ID. They may hide behind area codes and prefixes a potential victim knows. Some crooks use government phone numbers. Even the FBI has warned that its phone number had been spoofed by imposters demanding money or personal data.
The other technology involves the lightning-quick digital payments linked to your bank accounts. And in the case of the sisters, voice-changing tech and simulated background noises seem to have been in the crooks' bag of tricks.
In September, the FBI in Texas said multiple law enforcement agencies there had seen a rise virtual-kidnapping victims in the Rio Grande Valley who were defrauded out of large sums of money. Some perpetrators said they were in a drug cartel; others cast themselves as "corrupt" law enforcement personnel, an advisory said.
Often bad actors use accomplices and try to instill "fear, panic and urgency" to rush victims into a "very hasty decision," the advisory said. Many perpetrators are outside the U.S. "making hundreds of phone calls, possibly using phone directories or other phone lists," it said.
Federal employees targeted
In March 2017, the National Institutes of Health in Bethesda, Maryland warned that "multiple NIH employees in recent weeks" had been targeted by the kidnapping scam. Within months the U.S. Forest Service disclosed one of its employees had answered a government cell phone and heard screams for help and a demand for $10,000. "We have your daughter," the fraudster threatened. It didn't work, since the employee had no daughter and alerted law enforcement.
According to the U.S. Army Criminal Investigation Command, one target in 2018 was a member of the "Army Family." But the potential victim quickly ascertained the child purportedly in jeopardy was safe at school in class. [See sidebar for the FBI's tips on how to handle such calls.]
The 34-year old sister in Los Angeles says she's educated, a natural skeptic and “not easily fooled.” She knew, for example, to never send gift cards or wire money to a stranger.
But she calls hers a "sophisticated" scam that simulated reality in many ways. And authorities warn that perpetrators are becoming savvier, using social media and social engineering to con people into thinking a loved one has been taken hostage.
The L.A. victim hopes her case raises awareness. "I wish it hadn't happened," she laments. "It's embarrassing, but it's better to talk about it."
She and her younger sister immediately acted to cancel the cash transfers and alerted the P2P apps and their respective banks. For the most part, they were not held liable.
The 34-year-old, however, for the past five months was considered responsible for one Zelle transfer for $500 from her JPMorgan Chase & Co. checking account.
Last Tuesday, AARP asked Zelle and Chase why she, a crime victim who acted under duress, was not reimbursed. [The firm that owns Zelle is owned by Chase and other big banks.]
Zelle said through a spokeswoman that protecting consumers from fraud is a top priority and case was being handled by the financial institution.
The bank reopened its review of the matter, a Chase spokesman said, and on Friday she was issued a credit, which she said was for $500.