Yes, it started out that way, but the following tale courtesy a co-worker has some twists in the usual ransomware scam that might serve as a warning. This one involves a computer-photographed check, a Fed-Ex delivery guy and a near-loss of hundreds of dollars.
It began when the co-worker’s father tried to log on to his AOL account in the usual manner. He was quickly interrupted when a message popped up saying his password was rejected and that he should call the phone number on the screen.
Dad, knowing not to trust a phone number given in this way, looked up the number for AOL on his own and called it from his land-line.
Right then, his cell phone rang. It was Robert, who said he was calling at the direction of AOL. When dad explained that he was already talking to AOL on the other line, Robert told him to hang up on that call. Unfortunately, the real AOL representative believed Robert was a legitimate tech and agreed Dad should hang up and sort things out with Robert, according to a police report.
Dad did so, thereby landing feet first into the scam.
“There were two people talking to him at the same time,” my co-worker said. “He was stressed out.”
Next up was the usual: the scammers talked him into letting them take over his computer. They talked him into providing access to his checking account (“We need to make sure no one has hacked into your account,” they told him, with no small degree of irony.)
For good measure, they persuaded him to buy a “special firewall” to protect his online records, and they offered him a deal: instead of paying the full price of $1,600 for the “protection,” he could have a senior discount for a price of only $700.
So Dad wrote out a check and, at Robert’s direction, held it up to his computer’s camera so he could send a picture of it (and so the thieves could get his routing number and home address).
And, the scammer instructed, dad should put the same check in an envelope so a Federal Express agent could pick it up at his house later that day.
Despite all this, there was good news for dad. His son-in-law who was visiting from out of town walked into the room just after the scam unfolded. He got on the phone with the supposed Microsoft tech, yelled at him to get out of dad’s computer and told him he was canceling payment on the check.
The scammer said he would release the computer but instead added a new password requirement and removed “chunks of code” that made the computer hopelessly unusable.
Dad was saved from losing the $700, but he had to get a new computer, a new debit card and checking account and new passwords on everything electronic in his life, including his WiFi. The relatives called police to report the incident.
But here’s the kicker: A Fed-Ex truck actually did pull up later that afternoon, and the driver, dressed in a Fed-Ex uniform, came to the door looking to pick up the $700 check. Of course, dad’s relatives sent him away.
Sgt. Will Dorian, with the Albuquerque Police Department’s Organized Crime Unit, said what the episode shows is that some scammers are getting more sophisticated when it comes to ransomware.
He pointed to the cell phone call, which showed the scammers had done enough research to know how to reach dad when he failed to call the fraudulent phone number that popped up on his computer.
“This was not just a random pop-up,” Dorian said. “They were pretty prepared.”
Ellen Marks is assistant business editor at the Albuquerque Journal. Contact her at firstname.lastname@example.org or 505-823-3842 if you are aware of what sounds like a scam. To report a scam to law enforcement, contact the New Mexico Consumer Protection Division toll-free at 1-844-255-9210.