AARP Hearing Center
Subscribe: Apple Podcasts | Google Play | Spotify | Stitcher | TuneIn
Beth receives a phone call and a follow-up message on her computer from a man claiming he’s from Dell. The message is strong: Her bank account is being hacked by Russians, and if she doesn't pay up, they’ll steal even more of her money. Typically, Beth is able to pick up on scams, but Dell is a client she works with regularly — so her guard is down. He tells her that she owes $3,998. “He gives me an address, I write the check out and mail it.” After quickly learning it was a scam, Beth is heartbroken and embarrassed. However, thanks to local law enforcement, Beth is able to recover all her money!
TIPS: Use a tech support company who can work on your computer in person. Do not accept help from a tech support company who has reached out to you. Contact your State Attorney General’s office if you’ve been a victim of fraud. Stop and verify information contained in emails before clicking on any links or responding.
[00:00:01] HOST: Coming
up on this episode of AARP's Perfect Scam.
[00:00:04] And I think
at that time there was something on TV about Russian hacking, and, and that's
why I thought it was sort of legit.
[00:00:13] Frank
Abagnale: There are gangs in Russia that bring about 20 billion dollars a year
in revenue, more than most businesses in the United States.
[00:00:20] HOST: This
week's scam is what we might call a classic, if there's such a thing, at least
a classic computer scam. It's the one where you see a message on your computer
with a warning along with instructions on what to do next. These scams have
been around a long time, but we're still falling for them. We'll tell you how
these scams have changed over time, how they're still tricking us, and how to
avoid falling for them. For The Perfect Scam, I'm Will Johnson. I'm here with
my cohost, the AARP Fraud Watch Network Ambassador, Frank Abagnale. Frank,
welcome back.
[00:00:48] Frank
Abagnale: That's, Will, glad to be with you.
[00:00:49] HOST: Good
to have you and we are back talking about scams, frauds, victims, bad guys,
good guys, what to look out for, all that fun stuff.
[00:00:58] Frank
Abagnale: Right.
[00:00:59] HOST: Many
oftentimes not so fun, and this week we're actually talking about a pretty
common one, and it's the virus on your computer. And there's a lot of
interesting stuff to dig into, even with these really very common scams. One
being that people that fall for this one, are not necessarily older, oftentimes
they're younger.
[00:01:19] Frank
Abagnale: Correct, as a matter of fact, a year ago AARP and Microsoft did a
huge survey and found that, to their surprise, that a lot of Millennials fall
for this scam more so than elderly folks, and again, they deal with their
computer every day, they believe what their computer says and the messages they
get on their computer, and they tend to fall for a lot of these scams that come
over about fixing your computer, there's malware on your computer. So it's not
just a crime that would affect someone older.
[00:01:50] HOST: So,
even Millennials fall for it.
[00:01:51] Frank
Abagnale: Yes.
[00:01:52] HOST: If not
more Millennials than older people. Alright, well let's get into this one. This
is Beth, and not only does it involve her computer necessarily being hijacked
or a message on her computer, but it also involves the Russians, so here we go.
[00:02:07] Beth: Hello.
[00:02:08] HOST: This
is Beth. She's retired, single, healthy, with a good group of close friends. It
was a day like any other, in August of 2016 when she got a call on her phone.
[00:02:17] Beth: Well
they said they were from the Dell computer corporation, and that my computer
was being hacked, and I went to my computer and I said, "Well where does
it show that I'm being hacked?" and they said, "Well do you see this
in the corner," and there was like a strip of wording at the top. I
remember it was just like a little band at the top of the computer saying that,
you know, the $12,000 would be extracted from my account, from my banking
account.
[00:02:48] HOST: And
were you still on the phone with, with the quote unquote Dell representative at
this point?
[00:02:53] Beth: Yes, I
was.
[00:02:55] HOST: And
so, what did they tell you do to next?
[00:02:57] Beth: Well,
they said that they were going to put on quite a few programs to protect me.
And one of them was Adguard and I forget what the other programs were, and
there were about four or five programs that they were going to put on. And they
said that this would-be lifetime protection with Dell. And they told me how
much it would be, they had asked for a check for nearly $4,000. And went to the
mailbox right at my corner and mailed it, and hoping that I did the right
thing. It, it was sort of traumatic writing out a check like that.
[00:03:46] HOST: You
mailed a check, and this is not a small amount of money. As a retiree, I'm
assuming that $4,000 was something that you probably could have used.
[00:03:55] Beth:
Absolutely.
[00:03:56] HOST: A few
months later Beth got another call.
[00:04:00] Beth: Hello.
[00:04:01] HOST: This
time, it was actual Dell, and she begins to realize what had happened.
[00:04:06] HOST: So you
have this next conversation with somebody official and they tell you, was there
any indication on their end that this is something they were familiar with,
they'd heard about it, or that, you know, that they were able to deal with this
in a way and maybe even get your money back?
[00:04:22] Beth: They
said, yes, we know about this and they said, I said I sent them a check to
Renton, Washington, and they told me right away that was a drop-off site.
[00:04:32] HOST: So
immediately someone was aware of this, this drop-off site in, in Washington
state, where somebody was then going and picking up, who knows how many checks,
right?
[00:04:42] Beth:
Correct. Correct. Yeah.
[00:04:46] HOST: Will
Johnson: So what did you do next? You realized that, that this had happened,
I'm sure you were eager to try to get your money back, but did you have a sense
that, that there was any hope for that?
[00:04:56] Beth: Yes,
well I called my bank, at Wells Fargo, and I had a representative talk to these
people, it was a three-way conversation where I, we tried to convince them and
you know about sending my money back, but the thing is, naturally, after two
months, naturally they cashed the check and it was a little difficult.
[00:05:21] HOST: Okay,
so you're in a sense stuck at that point, the bank is unable to help you, the
check has been cashed. What was your next, your next move?
[00:05:28] Beth: Well,
what happened was I, I called AARP and a very nice lady at AARP had told me a
couple things, and she said, "Call the Attorney General's office in the
state of Washington."
[00:05:44] HOST: Beth
had conversations with the scammers and the Attorney General and was promised
half her money back, but she never got the check. Fortunately, Beth had also
called the police and filed a report.
[00:05:55] Beth: So
then what happened was, I had called the police in Renton, Washington, you
know, where I had sent the check, and a very nice policeman had said, you know,
you have to tell your police where you live that this happened. So I called the
police and they came over. They took my information, and there was some
correspondence with the state with this commission, the Pennsylvania Commission
of Crime, and in about a couple weeks I received my money back.
[00:06:37] HOST: The
full amount?
[00:06:38] Beth: The
full amount.
[00:06:39] HOST: What
did that feel like to actually feel probably somewhat helpless along the way,
and then feel like people were actually helping you out and then you got your
money back?
[00:06:47] Beth: I
mean, I, I just couldn't believe it. I mean I, it took me a long time, several
months, but I really was so angry about the whole situation that I didn't want
to give up.
[00:07:00] HOST: When
you say, when you talk about being angry, I think that's a really
understandable emotion. I feel like some people along the way, when they're the
victim of these type of things will feel embarrassed or it's a difficult thing
to talk to. Tell us about that experience. Were you ever able to talk to anyone
about it or...
[00:07:14] Beth: On my
goodness, I was so embarrassed.
[00:07:17] HOST: And
I'm glad to hear you called the AARP and talked to a nice woman along the way.
[00:07:20] Beth: Oh
yes, such a very nice lady, oh my goodness, she was just wonderful when she was
going through all the things that, of what I could do, you know, different
things, and but she was wonderful.
[00:07:33] HOST: And
Beth, the other thing you talked about was feeling embarrassed and that is
super common with any of these stories, but the thing is, is that we're all
vulnerable and they're really good at, at doing what they do and getting us in
a moment of uncertainty and seeming really legitimate. Has that experience
weighed on you, and I hope you're over that embarrassment to some degree?
[00:07:53] Beth: Yes, I
did. In, in fact, I guess in April, I was at a dinner with some people and I
told them this story and you know I felt, I felt good that I told the story.
[00:08:05] HOST: I
think anybody who tells you they haven't made a misstep along the way in this
modern age, and maybe said something or responded to something or given out a
number or otherwise that they felt they shouldn't, everybody, you know, has an
experience like this. Yours just went further than a lot of people perhaps, and
not everyone gets the message that the Russians are hacking them.
[00:08:23] Beth: Yes,
correct, and I think at that time there was something on TV about Russian
hacking and, and that's why I thought it was sort of legit, and ...
[00:08:34] HOST: It's
been in the news a little bit.
[00:08:36] Beth: Yes.
Yeah, and at that time, too, yes, in August, you know, because I guess with the
election and so forth at the time.
[00:08:44] HOST: Thank
you so much, and I'm glad you got your money back. We all are.
[00:08:47] Beth: Okay,
thank you, bye-bye.
[00:08:49] HOST:
Bye-bye.
[00:08:52] HOST: So
Frank, if the Russians are hacking you, as always, stop and verify. In this
case, so, I mean this is a classic, like you’ve got a virus, you need to check
this out, there's urgency, there's everything classic about this scam.
[00:09:05] Frank
Abagnale: Yeah, except that they work a little differently now that they have
modernized that a little bit in that where you might be at your computer and
the screen starts fluctuating a little bit, lines start going through it, and
you think you have a problem with your computer, and then, all of a sudden a pop-up
that comes up and says that this is Microsoft and we believe that there is
malware or ransomware, please call this toll-free number, and you call that
number and there's supposedly a tech support person from Microsoft's on the
phone and says that we detected some malware or ransomware on your computer. We
need to get it out and either one, we want to take over your computer, so we
can remove it, in which they take all your personal files, your financial
records and ransom them back to you, or they simply say we can fix it. There is
a fee, it's a $200 fee but you can give us a credit card number. We'll charge
it to you and we'll have it fixed in a matter of minutes, and people give them
their credit card over the phone and obviously they're going to charge a lot
more than $200 on it, and so it's the same scenario, just a little more updated
the way, the way they do it, but the results are, are pretty much the same.
[00:10:09] HOST: And
so, in that first one, when do you find out that all of sudden they've got all
your information and they want to, as you say, ransom it back, so they want to
just sell it back to you for a certain price, right? They say, well we've got
all your bank account numbers, we've got this and that.
[00:10:23] Frank
Abagnale: Right, and the, and the check, the mailing the check thing now has
become more popular because you would think you would say to yourself, why
would the criminal want you to send them a check? But basically, having a drop
box somewhere and having a check sent is not a problem, you can do that, so it
can't be traced back to you, but it sounds much more reasonable. The minute you
start saying to people, give me your credit card number, they get a little
leery, but it sounds a lot more legitimate if I say just send a check to this
particular company, it makes, it gives it a little, again, gives you a little
more credibility, makes it sound a little bit better, and they're still getting
your money. So, the thing is that I always tell people that Microsoft is not going
to call you. If there, if there is a problem with your computer or you believe
there's some malware or ransomware, or someone tells you there is, you need to
call a legitimate company with tech support, such as Best Buy, someone like
that to send out a tech to your house to look at the computer, clean it up if
it needs to be, and pay the fee for them to come out which is going to be a lot
less money, but at least you're dealing with a legitimate person. Do not do
anything over the phone because someone told you to, or, or send money if you
had to, and the honest truth I always tell people to remember, that the bottom
line is you're always safer paying by credit card. The credit card is the
safest form of payment that exists on the face of the earth, because there is,
under federal law, zero liability to you. So if I, in fact, gave $200 and they
charged it and made it $20,000, I have no liability for that. If I buy
something online, they don't deliver it, I buy it, it's broken, I buy it
because it was a phony website, and I never got it, I'm covered by my credit
card company. When you use a debit card for example, they're withdrawing the
money out of your account and you have to ask the bank to reimburse you that
money, and that comes with an investigation and who was responsible; you or
them? So I always look at only using a credit card. This way, if there is a
scam maybe or there's something where I'm a little doubtful, I'm not going to
worry about losing any money if I give them my credit card number.
[00:12:32] HOST: This
scammer also did something by using, and I kind of joked with her a little bit
about this in the interview, but Russians hacking her account. I mean it's sort
of tying into maybe what you're hearing about in the news, or current events, or
trends. Is this something that scammers will do is that they'll say if the
Equifax stuff is going on, that was big news in 2017, right. Will they play on
something, fears surrounding that?
[00:12:54] Frank
Abagnale: Yeah, and keep in mind that it's not likely the Russians doing that,
but the Russians do hack a lot. There are gangs in Russia that bring in about
$20 billion a year in revenue, more than most businesses in the United States.
[00:13:08] HOST:
Working online scams.
[00:13:09] Frank
Abagnale: Working online scams, so and a lot of times that you know people say,
I heard this from someone, but they had an accent from India, or they had an
accent from Russia, well that, a lot of people are not so suspicious anymore
because so many of these call centers are overseas in other countries, so if
someone has an Asian accent, or an Indian accent then that that's suspicious
that it's fictitious, because they use so many call center overseas, but yes,
you know, the Russians hack, the North Koreans hack, we hack, you know the
American government hacks other countries, people, information is money and so
people are using that ability to hack into systems to get data and information.
[00:13:48] HOST: Let's
talk to you again about these drop off locations where people are asking for
money to be sent. Is that a relatively safe thing for a scammer to do, say I've
got a drop off box? I mean is that not, can the FBI not easily find that?
[00:13:59] Frank
Abagnale: Not, not, they can, but they, only after the fact, so after there's
enough complaints about it, then they can go track out. Cause you know, a lot
of times they just choose a P.O. box, so they get the P.O. box with the
fictitious name, and they, and it used to be that it was a little more
difficult cause you got the P.O. box at the post office, and the post office
had all these identification requirements; you had to have a true mailing
address that the post office knew of, and the postal service was a little more
strict about having a post office box and knowing who owns it, but today, of
course, you have UPS stores, you have mail stores where you can just go rent a
box, and you can say you're anybody and rent a box and then just walk away from
it. So, once you've collected enough money, before anyone can get onto it, you
have moved onto some other box number somewhere.
[00:14:46] HOST: But
the FBI will, as you mentioned here, if enough people complain about it, they
know about a drop off location, they may get to it, but again, it may be too
late.
[00:14:53] Frank
Abagnale: Frank Abagnale: Yeah, and the,
and the thing that people, yeah, the people that, people need to understand
that law enforcement is overwhelmed with fraud in the United States. Last year
fraud was 975 billion dollars, that's just white collar related fraud, it had
nothing to do with burglary, robbery, theft, or property, drugs, narcotics,
violent crime, it was strictly dealing with white collar related crimes. So
you're very limited to the resources law enforcement has. So the FBI has 13,000
agents; however, those agents are dealing with terrorism, bank robberies,
kidnappings and many other things, so what typically happens is when you go on
financial crimes, you're looking at the highest dollar amounts, so this is why
when people say, you know, I told my credit card company who stole my card, and
who used it, and I have proof.
[00:15:39] HOST: Yeah,
it's not worth it to them.
[00:15:40] Frank
Abagnale: And they didn't do anything about it, well no, because that was a
$3,000 charge when they were dealing with a $3 million-dollar fraud ring that
was defrauding them every day. So they have to prioritize and go after which
ones that, which ones are the ones that cause them the most problem.
[00:15:54] HOST:
Painful if you've lost $3,000 but puts it in perspective.
[00:15:57] Frank
Abagnale: Right. I always tells people, and it's unfortunate, but it's very
true for that you cannot rely on the police, you cannot rely on the government,
you cannot rely on the bank to protect you. You absolutely have to be a little
smarter today, a little wiser, take, take action with resources like the AARP
Fraud Watch Network where you can get good information, honest information, and
quick information. You have to be a little bit more resourceful today because
they, they're overwhelmed, they cannot do all of those things. And it is true
that if I'm a victim of identity theft in Maryland, and the guy that's doing it
is in California; calling the California police, they go, well no, ma'am,
that's a problem for the Maryland police, and then the Maryland police say, you
know, we have enough troubles here of our own without dealing without dealing
with somebody in California. So, you're kind of on your own, and that's why you
have to be a little more protective. I would only add that I always tell
people, any time you have a financial crime or a consumer crime, the best place
to call to report it is to your state Attorney General's office. Because the
state Attorney General is elected by the people of that state, he has a great
consumer task force who deal with those consumer crimes related directly to the
citizens of his state, and he or she will take action, they will follow up,
they will do everything to recover your money, much more than you calling the
police, the FBI or anybody else, your best bet always when it comes to a
consumer crime is to contact your state Attorney General's office.
[00:17:27] HOST: So
that's really good advice and something that we will touch on in, in multiple
episodes of our show, but where do people go and the state Attorney General's
office, AARP Fraud Watch Network also loves to hear from you, and, and should
hear from you and you can report what's happening, what's happened to you and
other people can, they'll connect the dots and show where a lot of something is
happening. State and local police, as you say, they're stretched thin, and
sometimes you'll go and find they'll have more people working on fraud than
other departments, but still, it's always a good idea to get that police
report, right?
[00:17:58] Frank
Abagnale: Right. It's always good to get that police report, so we know the
incident occurred, and you get, a lot of times, you do a lot better within a
smaller community where the police are more apt to act on something that affected
one of their citizens, but again, it's not that the police don't want to,
they're just so overwhelmed, and they're trying to deal with the biggest
problems on top, so that's why I just say, that's why it's great that we have a
state Attorney General. It's great that he's appointed by the people of the
state, or she is, and that they are the ones that I have found in my career,
when it comes to consumer crimes, they're the ones who do the best job of
pursuing them, taking action, and getting your money back.
[00:18:36] HOST: And
Beth is super persistent. She goes to a lot of different places and in the end,
she also has a little bit of luck it sounds like, there are people that are
working on this case and she gets her money back.
[00:18:47] Frank
Abagnale: And what happens sometimes, there are victims’ funds, so sometimes
when they realize, after they've investigated, that you truly were taken, and
that it was a scam, and you're out your money, a lot of times then they use
victim funds to recovery your money for you...
[00:19:02] HOST: They
being...
[00:19:03] Frank
Abagnale: The state Attorney General, or someone in that case.
[00:19:06] HOST: And,
you know, you mentioned earlier this pop-up on a PC I assume with Microsoft,
but you've seen this sort of screen in your work with the FBI?
[00:19:16] Frank
Abagnale: Yes, I've seen them manipulate the screen, they make the screen have
lines in it, they, like she said, had a banner come across the top saying, or
having a statement on it; that's not very difficult to do, you know, but...
[00:19:28] HOST: Can
you presumably escape out of something like that without responding to
anything? I mean what if you do have something like that? You may turn your
computer off?
[00:19:36] Frank
Abagnale: Yeah, you may have a problem, but you can space out of it and again,
like I said, if you can't, or it's just persistent or whatever the case may be,
rather than deal with someone you didn't solicit; they called you, they sent
you an email, they contacted you, I'm going to turn around and make my own call
to a tech support company and have them come out and look at it and fix the
problem, not have you call me and tell me you're going to fix the problem.
[00:19:59] HOST: But
that message that you get, the pop-up or whatever it may be is saying, oh,
you've been hacked, that doesn't necessarily mean you've been hacked.
[00:20:06] Frank
Abagnale: Frank Abagnale: No, it's just, that's part of the scam. They just
want, what they've done...
[00:20:09] HOST:
They've got into your computer somehow.
[00:20:11] Frank
Abagnale: That's just, they're not really hacking it, they're just manipulating
it. They really haven't done anything, they haven't gotten in your files. And
that message is just to get you to call that 800 number so that they can then
make you believe that they are legitimate, and that you're going to send them
some money.
[00:20:25] HOST:
Alright, so listen up Millennials, if you're falling for this or if any age I
should say, but as you said, there's plenty of young people falling for this
stuff, too. Frank before we go, we should remind people that if you get a link
in an email, and you don't know where the email is coming from, don't click on
it.
[00:20:38] Frank
Abagnale: Right, 99 percent of ransomware comes from clicking on an email. I
will say this; these emails are getting pretty sophisticated. I saw one
recently that simply said, "Hey, Helen, great having lunch with you today.
I hope you and Bob and the family have a great trip to Disney World next week.
When you get back, we'll get lunch together, together again. I wanted to also
tell you that I saw this cool thing on YouTube. Why don't you check this out
when you have a, an opportunity and click on this link?"
[00:21:06] HOST: And
I'm assuming this came to someone named Helen.
[00:21:08] Frank
Abagnale: Frank Abagnale: Yes, and it, and the friend who signed it is their
friend they had lunch with and, and this comes again from social media where
Helen said, "I just had lunch with Carol," and she said earlier in
the Facebook, "I'm going to Disney World next week with my husband,
Bob." These people take that information, put it together, but that's what
sells it. It's so real, who else are you going to think it is?
[00:21:28] HOST: Yeah,
I'd fall for that.
[00:21:28] Frank
Abagnale: Frank Abagnale: And you're not saying, well he picked that up from
Facebook...
[00:21:31] HOST: Helen
should click on that link, it's so real. No, I'm kidding. Don't click on that,
but yeah, I mean that's, that's too tricky.
[00:21:38] Frank
Abagnale: Be careful, yeah.
[00:21:39] HOST: And I
understand you, there's always ways that they'll go through email and pick up
on key words. Is that right? Or am I...
[00:21:45] Frank
Abagnale: No, they pick up on key words, they go through email to find things,
anything to convince you that well this looks okay. I mean a lot of those
emails you get, you go, I'm not clicking on it, but some of them look very
legitimate and then if you are really in doubt, you need to look up who sent it
and what is the actual return email or URL or whatever the case may be.
[00:22:05] HOST: And we
haven't touched on the whole topic of business to business emails where you
get, or where you get an email from someone in your company which is a big one,
right?
[00:22:15] Frank
Abagnale: Well I had one, just to go over this with you, a few weeks ago, a
agent in California gave a CFO of a company my home number and he said, "I
know it'll be okay with Frank if you call him at home." And the CFO called
me and started out by telling me that he's a Chief Financial Officer of
actually a technology company in California, employed about 4,000 people. He
said, our CEO, our accounting department, received an email from our CEO saying
send me up all the W-2 files, I want to review them. So our accounting
department sent them up. A couple of days later, the accounting department
called, sent a follow-up email just to say, I hope you received everything. Any
questions, please let me know. He said I never requested these. So what I said
to the gentleman was, well those are now in the hands of someone else, but you
know, social engineering, there is no technology and there never will be any
technology that can defeat social engineering. I used it many times as a
16-year-old who only had access to a phone to social engineer people with.
[00:23:18] HOST: And
when you say social engineering, what do you mean?
[00:23:20] Frank
Abagnale: Social engineering, for example, when I saw the pilot come out of the
hotel and said to myself, I'd love to get that uniform.
[00:23:28] HOST: In
your past, in your history.
[00:23:29] Frank
Abagnale: In my past history, I walked up the street further and I happened to
see the Pan Am building, 200 Park Avenue, you can't miss it. So, the next day I
placed a phone call to Pan Am. When their switchboard answered, I asked to
speak to someone in purchasing. When an agent came on, I told him that I was a
pilot based out of San Francisco, and that we flew in last night, we're going
out today, I sent my uniform out to the hotel to have it dry cleaned, but now
the hotel and the cleaners say they can't find it. I had a flight in a few
hours and wanted to know what to do; where could I get another uniform? He
explained to me about well do you have a spare? I said, yes, it's in San
Francisco, I don’t have a spare with me. He said, it'll cost you the price of
the uniform. I said, I understand. He came back and said go down to the Well
Built Uniform Company on 5th Avenue, they're our supplier. They'll take care of
you. That's all I was doing. So, in the, if had that person in accounting been
properly trained in social engineering, they would have gotten that email, knew
it was highly suspicious and unusual, would have gotten up, walked over to the
elevator, pressed the button, went up to the CEO's office and say, did you send
me an email requesting W-2 files? Of course he would have said, no. So you have
to teach people how to deal with social engineering, recognize it when it's
coming, but that is taught. There is no computer that's going to help you with
that, and so it's used all the time. I used it 50 years ago, people use it
every single day. They only have a lot of other ways to deliver it, through
emails and through text messages and etc.
[00:24:59] HOST:
Alright, the AARP Fraud Watch Network Ambassador Frank Abagnale. Thanks again
for being here.
[00:25:02] Frank
Abagnale: Great being with you, Will. Thanks.
[00:25:04] HOST: For more information and resources on how to
protect yourself from becoming a victim of a scam, visit AARP's Fraud Watch
Network website, AARP.org/fraudwatchnetwork.
[00:25:18] HOST:
Alright, many thanks to our producers, Julie Getz and Brook Ellis, our audio
engineer, Julio Gonzales, and of course, my cohost, Frank Abagnale. Be sure to
find us on Apple podcast, or any of the many fine podcast outlets you choose to
visit.
END OF TRANSCRIPT