Cesky: |
I've always been amazed at how easily people fall for a scam and lose money. I thought it was just some "intellectually challenged" individuals. Until I almost fell for it too and realized that it's really easy and can happen to anyone. All it takes is 1 minute of inattention and that's it. And for us, the older generation, this is especially concerning. As we get older, new things come along and it becomes unrealistic to cover them all. For example, I often tap a confirmation in Windows without understanding the query. And it doesn't help that as a programmer I should be more knowledgeable.
After mother passed away, we were selling off some stuff. I used to offer them on the Facebook marketplace. I got a response from a young woman who offered an ancient metal coat rack. The communication seemed like chatting with a pleasant young mom. I was doing a lot of other things at the time, so I was functioning more on automatic and not thinking much about what I was doing. That's kind of how it was:
> She: Hello, I am interested in the offered goods, is it still available?
Some default market message.
> Me: Yes, the rack is free.
> She: I can't come and get it, I have a one-month-old baby. But I have a discount on DPD courier, he would pick it up from you.
I looked at the profile, yeah, some young mom with a kid. Why in the world does she need to have an old rack shipped this far? Okay, well, it's a different time.
> Me: Send by DPD courier? I don't know it, is it complicated?
Normally I avoid sending packages, but sometimes I'm tempted to try new ways.
> She: That's easy, I'll handle everything and pay and you just enter the account number to which DPD will transfer the money. And then the courier will come and pick up the goods and pack it.
I'm not familiar with these methods, okay, I could try. I won't be required to do any posting. I was just wondering why a courier would want to pack a metal 2-meter rack.
> Me: Okay, that looks easy. So my address is ***, my account number is ****.
I was hoping she would enter the bank account number - why would I enter it somewhere?
> She: Done. So just enter your bank and account number to send the money to at this link.
She didn't, okay, so I'll have to type it in somewhere. I didn't check the link and clicked on it because I wasn't thinking too much about it, I was doing other things and wanted to get it done quickly. Similarly, when a good friend sends me a link, I don't check it either. A page popped up for me to enter my credit card information.
> Me: I must have clicked wrong, that's probably the page for the buyer to enter payment.
There was an entry of all the data and codes for the credit card - I don't need to enter this as a seller, do I?
> She: It's okay, just wait a minute and it will go to the right page.
The scammer seemed to understand that he couldn't get my credit card out of me, so he continued. It jumped to choosing a bank, ok let's say. Then logging into my bank - I automatically entered my login details without thinking about it, as I log into my bank frequently so I did it automatically. I didn't think about what I was doing and that it was nonsense. If the key hadn't protected my banking transactions, I would have already had the account gone, and I always told myself that the key was useless. I confirmed the login key on my phone, as I always do, but it didn't go to the bank as usual.
> Me: Wait a minute, I can't log into my bank.
I have no idea why I would want to log into a bank - I just ran into some automat and didn't think about it.
> She: An email will be sent from DPD to confirm that it is your account to which they will send the money.
I look at the email and read: "Do you want to activate the Smart Key on Lenovo xxx?" I was used to things occasionally stop working and happening somehow that I don't understand why. At first I thought the key just stopped working on my phone and I needed to reactivate it. But fortunately this gave me pause - what Lenovo device? I don't have one of those? If the scammer had a Samsung phone like mine, maybe even that wouldn't have bothered me and I would have clicked away. Here I had much more luck than sense. Only now have I started to think about what I'm actually doing.
> Me: Are you kidding? You mean I handed over my login credentials and now I'm going to activate the key on someone else's phone and thus hand over all access to my account?
My brakes hadn't worked sufficiently yet and I was hesitating whether it was a scam or my inexperience.
> She: It's obvious you're doing this for the first time. Don't worry, it's okay like this. Trust me, I work in the police force.
I was not convinced, but I still hesitated for a while, whether I was the stupid and panaroid one, who was unnecessarily afraid and ignorant of the current ways, or whether I had really fallen for a scammer. I was used to getting some confirmation emails every so often, so I was very lucky in that I didn't click on it automatically like I usually do, but finally started thinking already.
As I found out later, this is a common phrase of scammers: "It's obvious you're doing it for the first time. Trust me, it's okay like this." To give the impression that the person is the ignorant one, and that he is simply to be trusted.
Then I shut down the communication, I realized I had almost been fooled. Later, I thought to check my bank account to see if it was all right. I found in the history that the scammer (with my help) had logged into the bank. Fortunately, important operations were tied to a key on the mobile phone, so he hadn't done anything there. If I had clicked to activate his key, all my life savings could have been gone.
His cell phone was listed in the device list as still awaiting activation. This made me a little nervous - what if I ever accidentally clicked on it? And the scammer could have stayed permanently logged into my account (by refreshing the page) and could have done or stolen something from there. I contacted the bank. I explained my situation - it was obvious that they were prepared for such cases and it does happen. They blocked the account, unlogged the logged in pages and removed the device with the keys. They then discussed the changes with me and checked until we agreed that there was indeed nothing wrong. I then just had to go to the bank the next day to get a new activation key.
What's the future? As I understand it, it is easy to fall for a scam in the future. One is not always on the alert, there are times when one does not expect any possible fraud at all and so it does not even occur to one to think about it. Often nowadays it is "going on automatic". The pioneer saying "Be prepared! - Always prepared!" would be appropriate here, but I am not always prepared, there are times when one is not alert. And that's what scams are based on - sometimes getting into a situation where the victim is not alert. At the very least, I'll probably split my savings into 2 accounts, in 2 different banks (using different login apps) to minimize any potential consequences.
Miroslav Nemecek
