Financial columnist shares how she was scammed out of $50,000 by fake CIA agent

Originally published at: https://boingboing.net/2024/02/15/financial-columnist-shares-how-she-was-scammed-out-of-50000-by-fake-cia-agent.html

…

In other news…

# Someone left $30,000 cash on a NYC train… and got it back

Some sort of cosmic balance at work?

Knowledge and intelligence are two different things. Just because someone may not know the same things that you do doesn’t necessarily make them less intelligent.

The scumbags just have to catch you on the wrong day or in a state of mind when you’re distracted. Then they start with the pressure tactics and rushing you by creating a sense of urgency. This was a little over the top, but what probably convinced her was having her Social Security number (probably from a database of stolen ones) combined with info about her family (probably gleaned from social media).

My rule of thumb is always to suggest I’ll call them right back at their brand-name company or agency, asking for their employee ID/badge number and full name. If they say I can’t or shouldn’t, I know it’s a scam.

A huge proportion of financial scams are never reported to authorities because the victims are embarrassed about falling for it and don’t want people to think that they’re stupid. Despite the risk to her professional reputation this woman decided to go public in the hope that her story would help prevent others from falling for the same thing, and maybe make some of the ones that already did not feel quite as embarrassed about it. Your immediate reaction was to call her stupid three times. I don’t think that’s very helpful.

I started down the path of getting scammed through Craig’s List about 15 years ago. I felt pretty dumb that I got so close. My biggest frustration was that, and it still seems to be, there isn’t anyone to take all of the pieces of the scam and assemble them. Everyone involved just filed their own internal investigation and moved on. Fedex agreed that the shipping account number was compromised. Chase Bank took a copy of the fake check with a forged signature. Craig’s List didn’t even respond to my email. I tried to be be vocal and there was no one to listen.
It was the same story when both I and a friend had our credit cards compromised on the same day. We both lived in the same area but the only credit swipe that was similar between us was a gas station. That seems like important correlating evidence. But because we both used different banks, there was no one to coordinate an investigation.
So that really is the biggest issue, there isn’t anyone to easily tell your story to. This writer had a column. Same as Corey Doctorow recently wrote about his story of getting scammed. People with public access are starting to tell these stories.

I once overheard a receptionist talking to “tech support” who was guiding her on how to download a program so he could do something on her system. She had told me several times when she was hired that she was not at all tech savvy, so I knew what was going on. I interrupted her, took the phone and stated scolding the “tech” for taking advantage of people. He laughed and said, yes, normally you’re absolutely right, but she called me, I do have a contract with your company and you can call me back at your tech support line to double check, and you can check with the owner. And he actually was who he said he was, but I was so used to getting calls from the faux techs that I forgot that there were actually legit people who actually worked in tech support.

You’re right. I shouldn’t have used that word. It just baffles me how someone in her position could fall for that.

I think @gracchus had it right. “The scumbags just have to catch you on the wrong day or in a state of mind when you’re distracted.” I hope this woman gets some measure of justice through telling her story.

That was the real moment where I went whaaaat? Like, how would some call centre lackey be connected to an FTC investigator?

Seems like the pile of cash in the shoebox demand should raise a red flag, if nothing else has?

(Persnickety alert!)

With a lead like this, how can you not keep reading?

lede

But good post nonetheless.

Exactly. Cf Cory Doctorow’s recent “How I got Scammed” story on his post-BoingBoing blog. His story has many parallels to this one and emphasizes the idea that these scams don’t work most of the time, but can work on ANYONE if the right circumstances line up.

Falling for scams always sounds ridiculous from a third person perspective. It’s like if you see a coin trick from the wrong angle, and it’s absurdly obvious that the magician is just throwing the coin to one side or holding it in the fold of their thumb.

To ask “how could they fall for that?” is asking the wrong question. They wouldn’t fall for it if they were looking for it, that’s the whole point. But we don’t go around asking whether everyday stuff is a trick. By the time you sense that something’s off, things are moving quickly, you don’t remember key details because you weren’t paying attention, you may feel threatened, etc.

Unless you recognize a specific deception from prior knowledge, you won’t see the trick that puts you in a compromised position until after it’s happened. It might be easy to spot in hindsight, once you know there was a trick, but only your first reaction counts.

I wouldn’t fall for it – must go now Starbucks have sent me an email telling me I have won a Stanley cup.

I once got a call from someone at Amazon about a package that couldn’t be delivered. I put that poor woman through so much crap before I realized she was legit. Sometimes we overcorrect in the other direction. I don’t even remember what the issue was, but I apologized and we had a good laugh about it. It was the only time I’ve ever spoken to a human being at that company.

When I was learning judo, I occasionally asked the teacher to slow a move down to show me how it works. “I can slow it down to show you where to put your hands and feet, but that doesn’t show you how it works. It only works at speed. When you see it slowly, you’ll be puzzled that it works at all” was the reply.

I think a lot of scams are like this - they don’t “work” offline, where we have time to pause, think, and re-read. They work because the scammer builds flow and urgency and absolutely never gives the mark time to think.

Beyond the techniques used to keep the mark off balance, who has 50,000 in cash available to put in a shoebox? What federal agency would even want to take that much cash?

The cops happily take 50000 in cash, but I guess that’s… (CAF, CAF) different.

It’s part of the swiss cheese defense, most times, the holes won’t line up, but on a day they do bad things happen.

Or as most security people realize, you have to get it right, every time, all they need is for you to make one error.