Beware of scammers
The scams are getting baaaaaaaad lately. By that I mean smarter and more sophisticated.
Lately I’ve been getting calls every day informing me that I’m eligible to receive a hefty tax refund for Paycheck Protection Plan loans I took out during Covid. Except, of course, I didn’t take out any PPP loans during Covid.
Back in the 2000s and 2010s, these kinds of scams were usually pretty amateurish – someone with a thick Indian accent informing you that you owed the IRS money and if you did not pay up immediately, the caller would “send the sheriffs to arrest you.” They’re a lot better at it now. The callers all sound convincingly American, and I think in some cases the scammers are using AI-generated voices for the initial portions of the calls.
I’ve also been getting a torrent of Facebook spam messages. Usually it’s along the lines of “your community page is suspended for violating community standards, please click on this link to resolve.”
This one was pretty good, I have to admit:
I’ve written before how everyone has a psychological pressure point for these kinds of scams and phishing attempts. I’m a Crusty Former IT Guy and therefore suspicious of everything technological, but I still have a psychological pressure point. For me, I almost fell for one earlier this year because it had to do with Facebook Ads, and I had lots of bad experiences getting randomly blocked from Facebook Ads in 2020 when Facebook was losing its mind over election advertising. This one didn’t work on me because I don’t run an ecommerce business in the traditional sense and therefore I don’t have business reviews.
But! Imagine you run a food delivery place and Yelp reviews are the bane of your existence, or you have a business that relies on drop-shipping and you have this one disgruntled customer that leaves bad reviews everywhere. If you got a phishing message like this, you might freak out and click on the link.
So there’s no good answer to this problem except to maintain good security practices for your online life. Have different passwords for every site. Use multi-factor authentication when possible and available. And be very suspicious of any threatening email that contains a link.
-JM
I will admit that I almost fell for one – a call purporting to be from my bank that actually showed the correct phone number, claiming that there was a large sum of money being transferred out of my account. They had me going until they wanted my online password. “Say, why would you guys need that? It says that you’ll never ask for it!” “Well, our system is having problems and so we have to do it from the user side.”
That made me think that perhaps the person was spoofing my phone number, so I requested a bit of personal information that I’ve provided to the bank previously. The scammer lost some of their cool at that point and tried to BS me. I laughed at them, hung up and reported it to the bank.
Yeah, the level of personalization to these things is worrying. I know of a recent case where a scammer sent a text message to everyone within a congregation using the pastor’s cloned phone number, claiming to be in financial distress and asking for money. Thankfully the pastor realized what was happening in time and no one lost any money. But unfortunately everyone has a potential psychological trigger for this kind of scam.