KNOXVILLE, Tenn. (WATE) — Cybercriminals are increasingly on the attack, frightening people into making mistakes they ordinarily wouldn’t.
The scammers prey on concern, confusion and desire for a quick resolution. When malware, or scareware, suddenly pops up on your computer screen claiming you need to call “tech support,” some people freeze and do exactly what they’re told to do.
Insurance agent Mike Baker works from his home office. He keeps up with clients on his computer and conducts his personal banking online. Baker considers himself computer literate and not vulnerable to being scammed. That is until two weeks ago when something strange happened.
“The computer started going ‘beep beep,’ like a truck backing up, ‘beep beep beep,’ like that,” he said. “It was flashing and beeping obnoxiously loud.”
The sight and sound of a ransomware attack can be scary. Mike said an alert came up as a Microsoft technical message complete with a number to call.
“I usually call my IT guy,” Baker said. “This time I panicked. I called the 888 number because everything looked legitimate. If I had sent you a picture, you would have said, ‘yes, that looks like a Mircrosoft thing.’
“So I called the 888 number. This guy Sabastian answered. I’m on the phone with him and he’s on my computer, real-time, live with me.”
The man calling himself Sebastian was very mild-mannered Baker said and gave his ID number making it sound even more legitimate.
“I thought … there was a virus in my computer,” Baker said.
Sabastian offered to sell Mike Baker new antivirus software that would keep the “attack” from happening again.
“He said 300 dollars,” Mike said. “I said, OK, I paid for that. He said we don’t want anyone’s personal information. Here is the kicker, we want you to go out and get a gift card and pay for that 300 dollars with a gift card.”
The mistake of paying with a gift card was costly. Once you give a scammer the numbers from the card, your money is gone.
“My computer worked great all day Wednesday, all day Thursday; in fact, it worked a little faster,” Mike said. “Then Friday I get a phone call him.”
It was Sebastian again this time telling Mike he’s eligible for a $200 senior discount. All Sebastian needed was Mike’s bank account numbers. Mike obliged.
Then hours later that day Mike checked his personal bank account.
“That’s when I noticed there was a minus-2,000 dollars,” he said.
Better Business Bureau of Greater East Tennessee President Tony Binkley says what happened to Mike has happened to others who called the phony tech support number without checking first.
“Anytime there is an opportunity for a scammer to come out with something, they’re going to try to take advantage of it to get to your money,” Binkley said. “You should never call a number that pops up on your computer. You should never call back a number if someone is pretending to be your utility company, or your credit card company. You should always look that number up.”
In the last two weeks, Mike has had a new hard drive installed on his computer … and now has a new life-lock security system, plus he talked with his banker.
“So I have a brand new checking account, brand new debit card, brand new PIN number … starting from scratch,” he said.
With malware phishing attacks increasing in regularity, it is important to minimize exposure. Mike says his first mistake was responding to the phishing attack and calling the toll-free number without first double-checking it.
The second mistae was using a gift card as payment, a tell-tale sign of a scam. The third was providing his personal banking information.
Mike says he’s learned an expensive lesson.