this post was submitted on 14 Sep 2024
1620 points (99.1% liked)

Technology

58115 readers
4389 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
1620
Be careful. (feddit.org)
submitted 5 days ago by [email protected] to c/[email protected]
178 comments fedilink hide all child comments
 

Source.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 88 points 4 days ago (35 children)

I almost fell for an unrelated scam just a couple months ago. Basically, I was on vacation visiting family, had just gotten a new phone (w/ GrapheneOS, so it didn't have Google's network of spam detection), and was out and about at the time. Here's how it went down:

  1. received text earlier that day saying that my CC was used for an unauthorized purchase (happens a couple times/year)
  2. got a call from someone claiming to be my bank (not one of the popular chains like Chase or whatever)
  3. caller asked me to verify myself through text code, and I didn't read the text message carefully and provided it (later inspection showed that it was a password reset code)
  4. after going through some (fake) recent transactions, I told them they all sounded fraudulent (they were on the other side of the country)
  5. they asked me to confirm myself again through another code to finalize, at which point I told them they don't need a second code since I already proved my identity, and they hung up

I immediately went to go reset my password and found I was locked out, so I called my bank. They confirmed that my account had been automatically locked for suspicion of fraud (good job!!) and confirmed what I suspected, the scammer had reset my password (first code) and was attempting to add an external account (second code). Had I given them that second code, they likely would have been able to submit the transfer and it would've been a giant headache to try to get that money back.

I didn't lose anything and I immediately improved the security on my account, but I felt like an idiot for letting them get that far. I had also recently consolidated my other accounts to this one, so this would've been a big blow. They changed my account numbers, I changed my username and password, and they held my account for a week or so to ensure everything was good. This bank is one of the few that actually cares about security, so I set up voice recognition (they said they track it anyway, this just turns on an extra feature) and Symantec VIP (I prefer my regular TOTP app, but they don't support that).

I don't think it'll happen to me again, but I was still surprised that I got so far through the process before recognizing that it's a scam. And I consider myself pretty security conscious (e.g. I use TOTP everywhere, password manager, keep credit bureaus frozen, etc). I guess they got my info from a breach somewhere because they knew my name, my username (to be fair, I used it everywhere), and the bank I use (could've gotten lucky). I have since changed most of my usernames to be random, so hopefully I'll be more safe going forward.

Anyway, stay on your guard, it can happen to you.

[–] [email protected] 11 points 4 days ago (3 children)

I think you should not feel like an idiot in this case. Just keep in mind that EVERYONE can fall for a scam, even the experts. The people who think they wouldn't are themselves likely victims.

[–] [email protected] 4 points 4 days ago (2 children)

Idk, I think feeling like an idiot is important, because it shows that I should have known better and can do better next time. I only fell for it because I was in a hurry and away from my normal routine (I'd usually jump on my computer and verify pending transactions before giving any codes).

And that's all it really takes, you could be tired from travel (we had just driven the entire previous day) or whatever, and a few minutes later your money is already on its way out of your account. Something similar happened to Rachel Cruz recently (from Ramsey Solutions), and that's someone who would absolutely know better since she likely takes calls from victims of scams as well.

I guess my advice to everyone is, it can always wait a few days, almost nothing in life is so urgent that it has to be done today. If you feel like you're a little out of sorts, hang up and deal with it later. That would've prevented this problem entirely, and would also prevent most other scams as well.

[–] [email protected] 1 points 4 days ago (1 children)

I don't think "feeling like an idiot" is productive. People helping scam victims try to make them not feel embarrassed, as it can get in the way of thinking rationally about this.

[–] [email protected] 1 points 3 days ago

Idk, if you put all of the blame on the scammer, there's less reason to change behavior to prevent the next time. It's fine if it's to get past the initial anxiety and start making progress toward a solution, but that feeling of being stupid really motivates me to change my behavior to protect myself better.

You shouldn't blame yourself for causing the problem, but you should recognize the actions you should have taken to prevent the problem. If you don't have at least some shame, why would you do something different the next time?

load more comments (31 replies)