The story I’m about to tell will have elements familiar to many of you, but it’s a tale worth telling if it might spare someone the pain that we barely skirted.
On the day after we arrived in New Hampshire for our annual revisit – the subject of another blog to come – we received a troubling notification from Amazon that there were suspicious charges on our account that they are looking into for our protection. They connected us to one of their investigators, the first in a chain of referrals that all seemed credible initially. They reported to us all kinds of unsavory uses of our credit cards, from the purchase of multiple houses, complete with addressesin locations in a variety of cities to the purchase of access to child pornography sites.
We’ll talk later about all the points in these encounters where we should have taken actions that would have brought this web of deceit to an end. We usually have pretty good radar for these assaults on our credulity, but for whatever reason our “protectors” were playing their assigned roles with unusual skill, so our guard was down. I should point out that at no point did we click on any links that would have opened us up to an invasion of malware into our computers, nor did we give them any information that would have allowed access to any of our assets.
We did – perhaps foolishly – tell them where those assets were, but they were still a long way away from reaching into them, which would have required bypassing the elaborate protections our bank and broker have in place. The game, as you’ll see, was to get the money out from under those protections and into locations that are more easily accessed by someone other than us. It’s no wonder that we keep running into young professionals who work in cybersecurity. In the brave new world of electronic transactions, there has been a proliferation of both opportunities to perpetrate fraud and the creation of defenses to prevent their success.
The details surrounding the next step of this elaborate scenario are a bit murky and Rosellen and I have different versions. Since we had revealed the name of one of our banks, our handler instructed us to find on the back of the debit card issued by the bank the phone number to be contacted in the event of problems. Rosellen is certain that we called that number, but I think we may have given it to our “investigator” to call. If she’s right – and she may be- it would indicate that the bank’s system itself had been hacked into. When we recounted this whole sequence of events to the bank, they informed us that the number on the card belongs to a business to which they’ve farmed out the task of responding to inquiries, which makes the hacking more plausible.
In any case, we then found ourselves in the hands of a person we thought was an investigator for the bank who told us his name was Chris, an unlikely moniker for a man with an Indian accent. I should point out that the people involved in this tale had foreign accents. Good liberals that we are, we bent over backwards not to brand them as dishonest based purely on their speech. However, the fact is that many, if not most, of these scams originate offshore, so there is a rational justification for the accents to cause at least of bit of suspicion. Exercising street smarts isn’t necessarily a marker for racism.
Chris proceeded to call us twice a day, morning and evening, to report on the progress of his investigation. One day he reported that the evidence had triangulated to pinpoint a man in Dallas who tried to use our debit card and may have been the perpetrator of the house purchases and other fraudulent uses of our personal information. “He has your social security number,” Chris reported. During each call he exhorted us not to talk about this situation with anyone, not even other family members, because you never know who might be involved in this scheme. This alone should have set off alarms for us. Our daughters were not likely to be scheming to steal our money, which in a short while would be theirs in any case. His rationale for these instructions seemed thin from the beginning. In retrospect, it was important in their plans to isolate us from any outside information or influences which would have undermined the whole nefarious plot.
The grand finale came during Chris’s scheduled check in late on a Friday afternoon. We took the call while sitting in our car outside a CVS in Peterborough, NH. Chris instructed us that to demonstrate that we were really the owners of the assets in question, we needed to transfer 30% of those assets into a “secure” wallet. This was the move designed to get those assets out of its current protected location into a place that was more attackable. I told Chris that I would not do this without contacting our broker, after which I would give him my decision when he called on Monday morning. If I did that, he said, he would withdraw the protection he had been offering us. I was firm about my decision.
When we contacted our broker, a woman with whom I have had a trusting relationship for years, she was amused by the whole tale and proceeded to put warning flags on all our accounts for additional protection. I bet Rosellen that Chris would not call on Monday morning or any time in the future. The jig was up, as we used to say.
In retrospect, we should have suspected the original Amazon email and ended the whole scam before it started. We were seduced by the credible-looking message, Amazon logo and all. Gone are the days when such communications were filled with misspellings and grammatical errors. Things have gotten more sophisticated. Any AARP newsletter will advise you to call Amazon, the bank and your broker directly to get accurate information about whether your accounts have been compromised. As 86- year-olds, we’re prime targets for such scams and it pains me to think that Chris and whoever he represents will latch on to someone more vulnerable than we and rob them of the assets they were relying on to make their remaining years worry-free.
A while back the NY Times ran a story about a man whose life savings had been wiped out in a scam similar to ours. He got caught in a tangle of scammers whom he thought were government officials from agencies like the IRS who purported to be working hard to protect his assets. The memory of that story was playing in the background of my mind as we moved through our misadventure. It played a role in saving us from disaster. I hope my account will do the same for others.
