Seniors are especially vulnerable to online scams. I’m going to show you 4 types of scams to avoid and how to protect yourself.
Types of online scams
Online scams can take many forms, but they almost always involve the victim calling the scammer.
Gone are the days of scammers calling us, that wasn’t very efficient anyway. It’s more practical to get us to call them.
How do they get us to call?
One way is to contact us letting us know that we are in trouble with the law. This can come by email, text, or plain old robocall. This and the other ways the scammers attempt to contact us is called “phishing.”
They tell us that there is a warrant out for us for non-payment of a debt, we owe back taxes and the IRS is headed our way, or other legal troubles. We just need to call a number and someone will help us.
Online Account Has Been Compromised
Again, through email or text, we are told that someone has attempted to break into one of our online accounts. We just need to call a number and someone will help us.
This one usually comes from a popup on a website, usually when someone mistypes the name. The crooks will register website names like “USP.com” “Medacare.com”, or other names similar to websites seniors might be visiting. Then they create a realistic-looking website. The victim mistypes the site they want, and when they get to the fake site a popup appears telling them that they have a virus. We just need to call a number and someone will help us.
The intended victim gets a notice (usually text or email) that our subscription to some service (Norton or McAfee antivirus is one example) has been renewed. If we have any questions, guess what? We just need to call a number and someone will help us.
As a matter of fact, I just received one of these scam emails.
I bet if I call them they will help me get a refund.
(Since writing this, I have received two more of these)
When We Call The Online Scammer
The call usually goes to one of a good number of call centers in Kolkata, India. That city is a hotbed for online scams.
Some friendly voice with a distinct Indian accent and an American name answers, and offers to help us.
“Hello, My Name Is Bob”
So when “Bob” takes your call, he is so happy to help you. In case of the warrant or IRS scam, the victim is asked, no, make that told, to either wire some money, or go buy a prepaid card and send it to the scammer or they will be headed to jail.
For the compromised account scam, one is either asked for their username and password, or they are sent a link to a fake site where they enter them. Now the online scammer has your credentials.
For the virus online scam, the crook needs to get into your computer and check it out. They then show you a lot of “errors” and offer to fix them. For a fee, of course.
They have you download some remote desktop software, usually “AnyDesk”. This is a legitimate program, used by many to access one computer from another, but these crooks are not using it for legitimate reasons.
The Refund Online Scam
This is probably the most prevalent scam out there. “Bob” tells you about the charge for the service. When you tell him that you didn’t authorize that charge, he is more than happy to issue a refund. He just needs to get into your computer and issue a bank transfer.
As with the virus scam, the victim is told to download AnyDesk. He then has you log into your bank account. He tells you that sometimes this software blacks out your screen for a few seconds, don’t worry, nothing is wrong.
With your screen blacked out, he changes some code on the website (something anyone can do) so it appears like you have been charged for the service when actually you haven’t. He then sends you to another fake site to initiate a transfer of your refund to you, usually through Zelle. He has you type in the refund amount, say $300, then he enters another zero and hits enter. He points out your mistake. You took $3,000 instead of $300. He’s going to be in trouble with his boss.
Then as he blacks out your screen again, he goes back to your bank website and shows you the $3000 transfer has hit your account. You need to send it back or he will get fired and his kids will go hungry.
Now, to you and me, if this had really happened like he said, we would just need to do another Zelle transfer back to his bank. The problem is, that would reveal his actual bank, and you could stop the transaction as soon as you realized that you have been another online scam victim.
No, in order for “Bob” to keep his job and feed his poor kids, just like the warrant scam, you need to go buy some prepaid cards and send to him, usually an address in some American city where one of the online scam company’s “mules” picks up the cards and forwards them to Kolkata. Sometimes, they even have the victim withdraw the cash, package it up, and send it.
Once you realize that you’ve been scammed, it’s too late. Nothing you can do about it now. So everyone needs to learn how to avoid these online scams.
Read this article from The Guardian about how one person lost $22,000 from an online scam.
Avoiding Online Scams
As far as the IRS or Sheriff coming out to get you, when’s the last time you heard of them calling first? Ignore these texts or emails. If you’re really in trouble with the law, they’ll show up unannounced.
For the “compromised account” scam, yes, the bank will text or email you if your account has been compromised. It happened to me recently. I get fake ones all the time, but I figured this one was real, because the text came from the same number that I usually get notices from my bank. Nevertheless, instead of calling the number given, I simply opened up the bank app on my phone, and yep, I was locked out (because someone had attempted to log in too many times with the wrong password). I went to the site and changed my password to unlock it. (It happened again the next evening, so this time I changed my username, as well.)
This is what you should do, too. Never trust the text or email, and never click on a link or call a number. Either go to your bank website, open the app if you use it, or look up the number yourself.
The best way to handle the virus scam is to ignore the popup, and check the website you visited to see if you misspelled it. You will find that is the case 99% of the time. When bad guys put viruses on your computer, they usually don’t announce it. The one case they do will be a ransomware attack. The way to check that one out is to open up File Explorer on your Windows machine and see if your files are OK. If they look OK, which they probably do, there is nothing to worry about. Read here for help with avoiding ransomware attacks. (Macs aren’t usually affected by this, not because they’re inherently more secure, but because they only make up about 16% of the market. And if you’re going to go phishing, pick the pond with the most phish in it.)
And as far as the fraudulent charge scam goes, if you are told that you have been charged for something you didn’t order (it happens), check your bank or credit card to see if the charge is real. If it is, contact the bank or credit card company yourself. If you don’t see a charge, don’t worry about it.
Folks, when it comes to online scams, we are the key. The scammers need us to unlock something for them to get in. Don’t let them in.
As always, if you have any questions, you can ask them in the comments section, or email me at email@example.com.