I thought I was too smart to fall for an online scam – then it happened to me

‘Miss Mirja, Dear, I’m downloading anti-virus programmes on your computer now. Will you pay by debit or credit card?’

‘Sorry? Pay for what?’ I asked.

‘It’ll be £200,’ said ‘Eddie’.

It was a Wednesday morning and it just dawned on me that I had been on the phone to the ‘Microsoft Help Desk’ for what must have been a good hour.

The chap on the other end of the line – ‘Eddie’ – continued to talk to me with this soft voice that was beginning to bother me.

I don’t know why my senses only kicked in then. Perhaps the prospect of parting with my money and card details was needed to finally shake me awake.

I told ‘Eddie’ no and asked him to get out of my computer. I was almost apologetic – I dared not to be rude. I still can’t quite put my finger on how he managed to con me.

Even now, weeks after it happened, I am bewildered as to why I fell for it. I still have no answer. I had never fallen for a scam before and I was absolutely convinced that I never would.

The whole experience lasted less than a good two-hour lunch but the effect it had on me, my mental health and my trust – not just in others but most importantly in myself – is indescribable.

It left me with such a feeling of uncomfortable shame and guilt that I felt I wanted to share my story to break that stigma.

Everything started with this big flashing, noisy, alarm-type three-fold screen that popped up while I was on the web. A female voice with an American accent repeated over and over ‘A virus is attacking your system. Call the Microsoft Help Desk immediately on the number below. You must not switch off your computer.’

Going through it now, I can see all the red flags, but I just couldn’t fully understand it while I was in it

(For the record, this is exactly what you must do. You must switch it off.)

I tried to close down this message but my keyboard was not responding. It was somehow disabled. I was engulfed in noise and flashing lights and was getting more and more stressed.

The message, although threatening, looked absolutely legit. ‘Microsoft Help Desk for Apple.’ It really looked genuine. So I called the number. From the get-go, computer guy ‘Eddie’ was friendly, soft-spoken, and helpful.

He sounded reasonable after he got me to check my applications and pointed out that I didn’t have my firewall turned on. ‘Dear, this is utterly careless of you. You must always have your firewall on.’

I could almost hear him go ‘tsk tsk.’ I knew I wasn’t particularly computer-savvy and felt embarrassed about that.

So when ‘Eddie’ said he needed remote access to my laptop to fix things, I only hesitated a tiny bit. Following his instructions to press a couple of buttons, I allowed him full access. I sat there, having handed control over my personal laptop to a total stranger.

In retrospect, it sounds so utterly ludicrous, but this is why I wanted to share my story. Going through it now, I can see all the red flags, but I just couldn’t fully understand it while I was in it.

‘Can you see my cursor on your screen?’ he asked. ‘Yes, I can see you do stuff.’

As I watched his cursor move very quickly into System Preferences to Security and Privacy, his smooth voice kept blabbing on that he needed me to allow him download a Microsoft package that I needed to tick so that it would work to protect my security. I could see the application he proceeded to download and ticked it.

He then gave me a weblink and told me to enter a specific number code to – in his words – allow him further permission to secure my laptop. It was a very simple looking screen that had nothing on it, apart from a flashing box requesting a code that ‘Eddie’ gave me over the phone. (This weblink turned out to be fake and I later reported it to Google.)

I’ve already said it: I am not the most computer-savvy person.

Each time ‘Eddie’ sensed he was losing me to my common sense, he came up with a new application that looked like it was the manna from computer antivirus heaven. He continued to open up different applications on my laptop, telling me these were part of a Microsoft Security package.

By this stage, I was so exhausted and overwhelmed that I just let him proceed. Finally, I could see him open up a notepad and jot down names of what looked to me were anti-virus packages. ‘Right Mirja, we’re almost done. I’m now drawing up a licensing agreement. Write your address down here.’

I was extremely uncomfortable by this point but I reluctantly wrote down my address. He had already obtained my telephone number from our first point of contact too.

‘Eddie’ now asked for the money that finally jogged my mind into a red flag alarm. Our tête-à-tête finished right there and I was left a miserable, confused version of myself.

Through the remote access, this man had seen everything that was on my desktop. He had seen photos of my dogs, asking me their names, saying ‘oh you’re a dog lover’.

‘Husky lover actually,’ I responded. ‘We race them,’ I added proudly.

‘Eddie’ very skilfully and smoothly kept asking me what seemed to be innocent questions, like the dog chat. In retrospect, I now know he was getting more information out of me. This was confirmed further when only a few days ago, I received a fake text message from the Kennel Club regarding one of my dogs. It had a (fake) link attached that it asked me to click on to celebrate her birthday. That text message was not from the Kennel Club.

More distressingly, ‘Eddie’ had also seen scanned copies of my passports, driver’s license and my daughter’s birth certificate. I had only recently enrolled her in secondary school and needed to forward that information to the school. Not expecting to be scammed, I had left those documents on my desktop.

Now, he had pretty much my full identity. He controlled me until the matter of the money, which is when I came to my senses and hung up.

After I found the strength to end this phone call, I just sat down disturbed by what had just happened. The mind is a funny thing. It wants you to believe that things are OK and it somewhat tries to protect you from seeing the truth when said truth hurts. I was terrified.

Finally, I did what I should have done from the start – I called the official Microsoft Customer Services number. They confirmed that the number from the ‘antivirus message’ was no Microsoft number.

When I ran them through some of the applications ‘Eddie’ installed on my desktop, they told me to bin them immediately. As I did this, I saw that my Apple ID was being used somewhere near Manchester. I also saw that someone was using my WhatsApp.

I immediately start to change my IDs and passwords, only to stop short realising that the scammers might still see what I was doing. So I called my nearest Apple Store and explained the situation.

The young Apple guy was so nice, he said to me: ‘Don’t feel bad. These guys are super sophisticated. I’m a tech guy and I fell for them.’ Bless him.

We made an appointment for the next day to wipe clean my entire computer and install two-step verification. This made me feel better. But the nagging voice inside my head that I still wasn’t safe didn’t shut up.

I began to feel so very angry at what had happened to me and a line from my Google fake weblink report came back to me. Google – among other questions – asks you whether you reported your incident to the relevant authorities. Since I hadn’t, I immediately began to research who would be the relevant authority and thankfully found ActionFraud.

I filed an online report and then called them for advice. I cannot recommend them enough. I didn’t just get solid advice, but I spoke to a kind, non-judgmental man, Paddy, who told me – like the Apple guy – not to feel bad.

‘You’ve done nothing wrong. You’re not in trouble. We’ve had reports from police officers who got scammed,’ he told me.

Among the obvious advice to renew all my documents, he recommended that I register with Cifas, a fraud prevention service that offers victims of attempted identity theft protective registration for £25 for two years.

I focussed on everything ActionFraud advised me to do and it kept me sane. The monetary damage of this episode cost me £500 to renew all my documents and have my computer wiped and cleaned by Apple.

The money never went to the scammers, but it was a loss to me nevertheless. The mental damage has no price tag.

My emotions reeled from terrified to embarrassment, shame and guilt. I kept asking myself how this could have happened to me.

I’m not stupid. I’m a 50-year-old mum of two, former journalist and consider myself to be fairly streetwise.

But these guys are smart. Their technology is sophisticated. No victim should ever feel embarrassed, ashamed or guilty.

It’s not us. It’s them.

They are up to no good. They make a living from other people’s misery. They bank on the fact that shame will keep us silent.

Well, ‘Eddie’, this one at least, did not work out.

Do you have a story you’d like to share? Get in touch by emailing James.Besanvalle@metro.co.uk. 

Share your views in the comments below.

Source: Read Full Article