Finding and Thwarting Scammers

We helped a client recently resolve a personal financial issue that involved online banking and credit cards. The story illustrates some of the dangers we face in our online world. We can’t run away or hide from those dangers.

Those of us with aging parents face a gut-wrenching dilemma. Without getting involved in anybody’s specific family dynamics, we want our elderly parents to remain independent (as much as they want to be independent), but we also know they are more vulnerable to scams because they tend to be more trusting. Their vulnerability becomes even greater as they use technology more.

This story started with a credit card issued by BP, the gasoline retailer, and money that started to disappear from our client’s mother’s account through Synchrony, a bank that has close ties to Amazon and is used to finance merchant accounts. Our client manages the finances for his mother, who is in her 90s and lives in an assisted living facility. A gasoline credit card was odd because his mom stopped driving four years ago. That raised one red flag. Synchrony raised another.

We surmised that someone that someone was able to hack his mother’s bank account and then created a way to use her info get the credit card and create the transfer portal. In all likelihood, they found a piece of junk mail with the credit card offer and used it to do their dirty work. No email was involved. The credit card had a balance of $1,500, even though he had no knowledge of the card being used. So, he made a $200 payment and saw the balance transferred to what looked like a debit card. He also changed the bank account, but the connection was still there.

When our client wondered if his mom’s account had been hacked – and if any others had – we told him to investigate. He changed the bank account again and told us he was worried that his other accounts at the bank might be affected. In addition to his mother’s account, he had a personal account and one for his business. All were online. Fortunately, the scammers never got there.

To protect the money for the three accounts, our client created a sweep account in his wife’s name for personal use. This enabled him to clean out the accounts he was worried about on a daily basis to keep it safe.

At the same time, he had to send letters to the banks involved to cancel the credit card and close all the bogus accounts and open new accounts. None of this activity tied his mother’s taxpayer ID number to any of the accounts. Had there been a connection, the scammers could have done much more damage.

But it all started with the low-hanging fruit – that credit card offer that anyone could send in. The same problem can come from those “checks” you get in the mail that are really loans. Anyone can use them, and it can hurt you if your name is on the “check.”

Our advice: Pay as much attention to physical pieces of mail as you do to email. Don’t throw those offers in the trash or recycling bin. Shred them or cut them into tiny pieces that can’t be reassembled. At the same time, keep your online presence secure and check your financial info regularly to spot anything that looks out of order.

We can help you with a security audit and we can explain the technology behind various security measure you can take. Call us – 973-433-6676 – or email us to set up a consultation and implement a program.

DIY and a Scam

When one of our clients decided to add a Wi-Fi extender in a home office, she contacted a phone number that purported to be a helpline from the manufacturer. It wasn’t, and it opened up a door for someone to gain access to sensitive information.

We’re certainly not opposed to any of our clients buying and installing their own technology. It can save you money and give you a better understanding of how your technological systems all fit together to make your life better. But there are a few things everyone should be aware of when they start the process – because you may not discover a problem until some damage has been done.

In this case, our client bought and set up a network extender from Netgear. She needed to strengthen an in-home network to accommodate her mother’s computer, and this was a reasonable step. When she ran into a problem, she called the manufacturer for help – or thought she did, and this is where problems began.

She said she called the phone number on the extender’s box. We won’t quibble. It could have come with a Google search. The lesson is more important than any finger-pointing. One of the problems with a Google search is that companies can place advertisements to show up above the “natural search” results. In times of stress, it’s easy to mistake an ad for a search result, and you click it. Both the advertiser and Google benefit from the ad; you visit a website you wouldn’t have otherwise gone to, and Google gets paid for directing you there. That’s business.

But when the advertiser is, shall we say, shady, it’s an ideal way to lure somebody into a scam. That’s what happened here. Our client clicked on what she thought was Netgear customer service but went to a website called Trucept. They walked her through a setup and told her she had no virus protection. She paid $300 for a package that included five years of security protection. That’s likely how they got into her network and likely were able to hack her mother’s computer.

Unbeknownst at that time, her mother started to receive online banking messages about owing a lot of money. That’s when we got a call. We told our client to shutdown her mother’s computer immediately and to call the bank. Then, we went to the Trucept website together, and to our experienced – and skeptical – eye, it had the look of scam all over it. Some of the telltale signs we saw were:

  • An address for a residence in Queens Village, NY
  • Lots of misspelled words
  • A PC Max Ultra Prime package for $800 with no customer reviews
  • A policy that requires two days before you ask for a refund (which gives them time to access a computer)

We were able to clean up her system and her mother’s. Now let’s look at things going forward.

First, be very careful about what you find on the internet. In the heat of trying to get something done in our overstressed lives, it’s easy to overlook something – especially a Google ad that looks like a search result. Take a deep breath before you click.

Second, get help from someone you know. It doesn’t have to be us. Call a friend. Go on Nextdoor Neighbor or Facebook and ask for a recommendation. Just don’t call a stranger out of the blue.

Third, only pay with a credit card for an online service. Credit cards have a mechanism in place to reverse charges. Processors record an IP address for every transaction, and they can tell where it took place.

We can help you install new systems or devices in your home or office, either in person or – typically – by walking you through the process. Call us – 973-433-6676 – or email us for an appointment or a walkthrough. 

Seniors and Scammers

People 60 years and older seem to be victimized more than any other group by scammers, whether they operate online or over the phone. While it’s always easy to let your guard down at any age, older people seem inclined to be more trusting when they get a phone call.

The rules for seniors apply to people of all ages. It starts with being an active listener and observer for three alarms.

The first alarm is visual as well as audible. Voice Over Internet Protocol (VOIP) telephone systems are totally Internet based, and that allows any system owner to program a caller ID to appear as any phone number. It can be your local area code or an area code from anywhere in the US or the rest of the world. Scammers match a phone number to a name in a database, so it can even display a name that looks very normal with an unrelated phone number that looks normal. Sometimes, you’ll just see a string of random numbers. Be careful, and if something doesn’t sound right, disconnect the call. None of those phone numbers can be traced.

We live in a diverse society, so don’t take this second alarm the wrong way, but listen for an accent. A lot of scammers call from other countries because they can avoid a lot of laws in the US. If you hear an accent and something doesn’t sound right, don’t give the caller access to your computer or any other information and disconnect the call.

A third alarm is any caller who claims to be from Microsoft, some other large technology company or the IRS. Microsoft and the IRS, for example, will NEVER call you on the telephone to tell you there’s a problem with your computer or a tax return. Microsoft does all of its updates online through Microsoft update, and the IRS sends you a letter – by snail mail.

When it comes to the telephone, screen your calls. If the caller doesn’t leave a message, it’s just as well you didn’t talk them. If you get a call from someone who is NOT your IT consultant and who says he’s discovered a problem on your computer, hang up.

Also be careful of pop-up messages while you are surfing the web. Scammers can break through weak security measures on some websites or a hole in your security and insert a pop-up message. When you click a link on that message, they’ll make the screen look like your computer is infected. Then, they can offer you a repair or a service subscription while they gain access to your computer – allowing them to infect your computer or hold your data hostage.

Cybercrime is a fast-moving target. If you suspect something wrong, it might be best to shut down your computer and call us at 973-433-6676. We can discuss the best plan of action, which could a remote check of your system or an on-site visit. For non-emergencies, you can email us, too.