Trick or Treat: Only there are no treats, just scams online, on the phone, and by text
Halloween is back! You will probably enjoy having kids come to your door saying the usual, “Trick or treat.” Then you let them pick some candy and send them on their way. No harm done.
But there are tricks out there in the cyberworld. What would you do if your computer suddenly screamed at you with its loudspeakers: “This is the FBI. Your system is compromised. You violated copyright laws by watching pornographic films. Follow the instructions on the screen immediately or we will come by and arrest you.” The screen is overwhelming; it might even show your face. The voice doesn’t stop, and you can’t move the cursor. You see flashing messages on your screen and a clock counting down, saying you have 7 hours to react and pay money or a number of Bitcoins to stop your arrest. What goes through your head?
These computer messages are phrased intentionally to scare people into feeling guilty. The screen might say that you or someone in your household did something bad. Or that your computer has been hacked, and your information and compromising photos will be emailed to everyone in your address book, unless you pay. This is a scam.
There are many kinds of scary scams, all with the same pattern. Their goal is to frighten you into accepting that you have to follow the instructions on your screen and react right now; waiting will make things worse, “But do not worry, just call this number for help.” The voice on the other end usually claims to be technical support. But first they need remote access to your system in order to stop the “hacker.” They might say, “We are Microsoft associates and notice that your system has problems. But do not fear, we can help. Just let us log and resolve the issue for you.”
Sometimes these are even unsolicited phone call scams. I have gotten scary calls from people purporting to be Comcast that offered help, and even from people pretending to be Amazon. The usual pattern is that something is wrong with my internet or an order I placed. Two days ago, I received a text message saying, “Sorry, but FedEx could not find a safe place to put the package, so it has been sent back to the warehouse.” But if you click on the only clickable part of this message, you are forwarded to a fake FedEx site. “Do not fear…” should be your cue to hang up, turn off the computer, or delete the message right away.
What do these scary scams all want from you? Your money, personal information, passwords, logins to companies you shop from, your credit card, or even your bank account. These essential pieces of personal information are bought and sold on the “dark web,” on sites where people can trade anonymously. Even without a password, an email address can be used. Scammers can pose as you with your email address to cause havoc by sending bogus emails to all your friends.
I have seen cases where fake emails that tell a sad story about an illness or accident and ask for money to help. There is a phone version of this “pity scam” that often preys on senior citizens by pretending to be a relative in trouble. The grand-daughter was attacked, her jaw broken, and her cellphone and money were stolen on a vacation (maybe that’s why you don’t recognize her voice or the phone number.) She doesn’t want you to call her parents, because they were against the trip to begin with, and so on, until you are tricked into paying, thinking you are helping your granddaughter.
The scariest scam of all is when you get a message saying that all your data is encrypted, and for so many bitcoins they will send you the encryption key. The really bad news is that you really do need that encryption key; there is often no other way to restore your data. This is called Ransomware. You might have read in the news about the Ransomware case that shut down the Colonial pipeline some weeks ago; according to one news site, they asked for 75 bitcoins, worth $4.4 million.
Yes, trick or cheat scams are more expensive every year. Ten years ago, you were asked for a credit card payment, but after you realized it was a scam you could call your credit card to stop the payment. So, they began asking for money orders or gift cards. Just last week, one of our clients was luckily stopped by the grocery store clerk, when she wanted an Apple gift card for $500. The clerk told her this was probably a scam. Instead of paying, she brought her computer in to us, in order to make sure that the scammers had not left viruses and Trojans behind, or traces that might allow remote access. The savviest scammers ask for payment in bitcoins. This is a difficult procedure, but the scammers give you precise information and links that tell you exactly how to deal with crypto currency. And the price has gone up. Years ago, when a scammer asked for half a bitcoin, you were only out $150. Today, half a bitcoin can cost $20,000!
So how can you protect yourself, your information, and your data from scary scams?
- Change your main passwords every 90 days.
- Do not use an easy to guess password, and make sure that you use different ones for different accounts.
- Keep your operating system (such as Windows) safer with updates.
- Make sure your Antivirus protection is current.
- Use two-factor authentication whenever possible.
- Be skeptical about unusual pop-ups, messages, emails, or phone calls.
- Backup your important data regularly, best on a device that you can unplug after the backup, so an ”encryption virus” can’t get to it.
- If something claims there is a problem with, say your Amazon order, log into your Amazon account and check it out there. Do not click on a link in an email or message.
- If you are asked to pay money via gift cards, money orders, or bitcoins, hang up.
- And never ever give a stranger remote access to your computer