In light of the "CDK is down" thread, it got me thinking about the different scams, cheats, thefts, and ransomware attacks that I have experienced personally. So what kind of stuff have you guys had happen? Was there legal action taken? Vigilante? Let's hear it!
1) Anyone with a credit card has surely had their number stolen at least once. About 10 years ago, had our number taken and used while I was traveling for work. Bank called, wife shut down a few charges (including a Taco Bell order in Milwaukee airport, still feel bad about that one), and got new cards issued. This is a favorite of mine because one of the things ordered by the thief was a care package for a prisoner. IMO, this should have been pretty easy to track down, but I'm sure it was easier to just write it off.
2) When I first started at my current employer, we had a ransomware attack. Nobody knows how it got in but we all suspect the (former) CEO. Anyways, it was about 30 minutes of "oh no, what are we going to do?" then the nerd squad just unplugged the affected server and went to the (verified clean) backup.
3) Currently dealing with this with a family member: We suspect that the accounting software they use has some backdoor vulnerability. Anyways, scammers got onto a work PC and siphoned off money from company bank accounts, personal retirement accounts, and anything else they could get to. We suspect the accounting software because they later had their personal account hacked after the accounting firm they use (uses same accounting software) paid the monthly payroll tax using personal numbers. So, we've got a new computer for all internet access, setting up 2 factor authentication, going to new account software and new accountants (those last 2 were planned anyways).
3A) In that time, the scammers ordered an Iphone from ebay. It was purchased from Verizon (originally) but reported stolen by Verizon customer. Seller on ebay matched the Verizon customer (she used her actual name for her ebay handle, paperwork in pictures matched name), so it seems she reported it stolen and then sold it on ebay...to a scammer...who didn't get the message to change shipping address, so it ended up at the business. I said "congrats on the new iPhone" but I don't think it could be activated.
calteg
SuperDork
6/20/24 9:06 a.m.
Nothing crazy. First time our CC got stolen, the scammer ordered 3 new GoPros...which then got delivered to our house. Visa detected the fraud and shut the card down immediately after. Just strange that they're smart enough to steal a CC but not smart enough to change the delivery address.
A small business owner friend of mine had his UPS account # hacked, and was being used to drop-ship packages, even though the return labels were his shop address. He called UPS and they reversed the charges after he disputed them, which was super easy and pretty painless. Well, part of that process was intercepting any disputed packages in transit and returning them to sender. He ended up receiving one of the packages that the scammers sent on his account- a 2000pc puzzle box filled with 5lb of cannabis, haha.
I urged him to keep it for research purposes, but he's pretty straight-edge and called the authorities :p
My Ebay account got hacked and somebody ordered a ton of E46 M3 parts. They probably chose the perfect account to use as ordering a bunch of random BMW parts was very in line with my purchase history! They attempted, but failed, to change the delivery address to a forwarding agency (reported to FBI) that would ship all the parts to Russia. I caught it quick, notified the sellers, and got charges canceled.
Unfortunately some of the parts shipped and there wasn't much I could do about it, so they were eventually given away. So I guess there's a Russian scammer somewhere out there unwittingly helping the BMW community.
I don't think I ever had a credit card number stolen but I had a debit card number stolen a couple of times, one time I'm pretty confident I know where it happened, at a very secluded ATM with some particularly stiff buttons. That time all my money was withdrawn by the thief and it took forever to get it put back, the bank seems to have suspected that I did it, at one point I got called into a meeting with a bank manager to review some footage they found of the person who withdrew the money. The guy had wrapped himself up from head to toe so that you couldn't even tell if he was a white guy or a black guy, but what was certain is that he was extremely swole. But maybe they thought it was me wearing some very convincing superhero costume padding. Anyway, after many months of that BS they finally restored my money. Since then I try to keep some cash stashed away at home, just in case my bank allows a thief to take all of mine and then decides to play hardball with me for a few months.
A place I used to work at got hit with some primitive ransomware a few times, always the same way, some genius decided to run attachment.pdf.exe from an email. The result was having to restore all the data on the network shares that person had access to from backups overnight, and wiping and restoring their own computer (and any others that might've run ransomware executables left on the network). But one incident was particularly noteworthy, we had a new CEO who demanded god-mode access to all the data on all the network shares, a level of access that nobody in IT even normally operates with. She got it. And then she opened that attachment. This was before the days when ransomware would exfiltrate data, and the company's upload bandwidth was low enough to make that impractical, but imagine if that was an option?
A couple years before the pandemic my grandmother had remarried to a guy who soon began to fall off a dementia cliff just as he was getting hit by tech support scams. He saw the first one as a legitimate business transaction and had a hard time accepting that he'd been scammed. Unfortunately that was the first thing he became completely incapable of remembering, and the only way to keep him from getting scammed again and again was to keep him away from incoming scam attempts and the means of payment. Did you know that they make $500 and $1000 gift cards? Sadly he died basically as a result of the dementia a few months ago.
More recently I had an uncle who fell for a "long lost son" scam and eventually sent off something like $30k.
Vigilantism story: One time I got a text with a link to a scam site, was bored at home and decided to berkeley them up. Reported them to the correct authorities and then hit the site with a low-n-slow DoS attack that allowed me to hold them down completely using just a few connections until the authorities could take the scam site offline.
Also I'll waste phone scammers' time occasionally, often with a Nigel Standish impression. One of them thought it was funny but most of them get very angry which is even funnier. Incoming scam calls always decrease for a while after I do this.
I can think of a couple more times I've been scammed that probably aren't traditionally considered scams, maybe I should make a thread for those...
Was convinced to buy long term care insurance. Premium has increased every year to the point where it has nearly tripled in ten years. Insurance in general is a scam.
1988RedT2 said:
Was convinced to buy long term care insurance. Premium has increased every year to the point where it has nearly tripled in ten years. Insurance in general is a scam.
Ouch, I'm really sorry to hear that.
Unless the actuaries are getting it wrong, most people will get less out than they pay into any form of insurance as operational expenses and profit need to be added to the claim payouts.
RevRico
MegaDork
6/20/24 11:24 a.m.
There's this organization that collects money from paychecks, then at the end of the year, they send you a math test to see if you got it right or if your going to jail.
Toyman!
MegaDork
6/20/24 11:54 a.m.
RevRico said:
There's this organization that collects money from paychecks, then at the end of the year, they send you a math test to see if you got it right or if your going to jail.
Yep. That's the only scam that has ever gotten anything out of me. The ROI is terrible.
Mr_Asa
MegaDork
6/20/24 12:00 p.m.
Not 100% sure its a scam. Not on me, at least. But Rashaun has been using my number for various things for 2 years now.
Best ever was my debit card was skimmed and used to buy a LOT of prostitutes in LA at a soap house. Like a LOT, a whole lot a few thousand dollars worth.
Bank calls because I used my physical card to try and buy tacos for my wife and I about two minutes after the stolen charge. The bank actually talked to my wife so she could confirm it really was me in San Diego and we really did just get tacos. They laughed and revered the charges immediately and killed the card. I made sure the tacos got paid for in cash.
wearymicrobe said:
Best ever was my debit card was skimmed and used to buy a LOT of prostitutes in LA at a soap house. Like a LOT, a whole lot a few thousand dollars worth.
Bank calls because I used my physical card to try and buy tacos for my wife and I about two minutes after the stolen charge. The bank actually talked to my wife so she could confirm it really was me in San Diego and we really did just get tacos. They laughed and revered the charges immediately and killed the card. I made sure the tacos got paid for in cash.
There's a joke in there, but I'm going to let it go.
Tacos can be expensive!
In reply to wearymicrobe :
Wait, which tacos?
Motojunky said:
wearymicrobe said:
Best ever was my debit card was skimmed and used to buy a LOT of prostitutes in LA at a soap house. Like a LOT, a whole lot a few thousand dollars worth.
Bank calls because I used my physical card to try and buy tacos for my wife and I about two minutes after the stolen charge. The bank actually talked to my wife so she could confirm it really was me in San Diego and we really did just get tacos. They laughed and revered the charges immediately and killed the card. I made sure the tacos got paid for in cash.
There's a joke in there, but I'm going to let it go.
Tacos can be expensive!
Both sorts...
Credit card called me once because I had just filled up with gas in Michigan and also purchased lingerie at a Lions Den in NY. Yeah, nothing there is going to look right on me.
Toyman!
MegaDork
6/20/24 12:38 p.m.
wearymicrobe said:
Best ever was my debit card was skimmed and used to buy a LOT of prostitutes in LA at a soap house. Like a LOT, a whole lot a few thousand dollars worth.
Bank calls because I used my physical card to try and buy tacos for my wife and I about two minutes after the stolen charge. The bank actually talked to my wife so she could confirm it really was me in San Diego and we really did just get tacos. They laughed and revered the charges immediately and killed the card. I made sure the tacos got paid for in cash.
Pretty sure that's the wrong kind of blow to go with tacos.
Some hellacious stories!
I was flying cross-country in a Cessna 182 a few years ago. Landing after one leg, I had a whole bunch of excited messages from the credit card company - they couldn't understand how I was buying $200 in gasoline four times across five states in one day!
Mr_Asa said:
Not 100% sure its a scam. Not on me, at least. But Rashaun has been using my number for various things for 2 years now.
I recieved an official mailer letting me know that my unemployment insurance I had been receiving was going to run out. I had been employed for 9 years at that time, so was pretty sure I was not drawing unemployment. After a few back and forth calls with the office of unemployment for Tennessee, I was informed the case was going to the TBI. Talked to an agent once, and my employer said they contacted them also. Case cleared. However, Tennessee (and most other states) require evidence that you are actively seeking employment to recieve unemployment benefits. I wonder if some other folks were receiving texts letting them know that I was or was not a good fit for jobs I personally was not actually applying for...
Mr_Asa
MegaDork
6/20/24 1:10 p.m.
wearymicrobe said:
Best ever was my debit card was skimmed and used to buy a LOT of prostitutes in LA at a soap house. Like a LOT, a whole lot a few thousand dollars worth.
Bank calls because I used my physical card to try and buy tacos for my wife and I about two minutes after the stolen charge. The bank actually talked to my wife so she could confirm it really was me in San Diego and we really did just get tacos. They laughed and revered the charges immediately and killed the card. I made sure the tacos got paid for in cash.
Bank talked to your wife and not you about your card? That sounds like a scam behavior to me. Dont they always say "never share info. we will never ask for blah blah blah"?
Mr_Asa
MegaDork
6/20/24 1:11 p.m.
In reply to travellering :
I kinda wondered the same thing here.
Got no problem with someone trying to get around unemployment rules, thats between them and the state, but get your own phone number on there at least
Mr_Asa said:
wearymicrobe said:
Best ever was my debit card was skimmed and used to buy a LOT of prostitutes in LA at a soap house. Like a LOT, a whole lot a few thousand dollars worth.
Bank calls because I used my physical card to try and buy tacos for my wife and I about two minutes after the stolen charge. The bank actually talked to my wife so she could confirm it really was me in San Diego and we really did just get tacos. They laughed and revered the charges immediately and killed the card. I made sure the tacos got paid for in cash.
Bank talked to your wife and not you about your card? That sounds like a scam behavior to me. Dont they always say "never share info. we will never ask for blah blah blah"?
I have a private banker setup and I had the phone on speaker so I get better service then most. They were very polite when they call me and they always do the secondary verification or ask me call back on the direct line they setup in advance. This was years ago and honestly if it happened now I would think the same thing. they have dropped the ball so bad I had to leave that bank.
travellering said:
I recieved an official mailer letting me know that my unemployment insurance I had been receiving was going to run out. I had been employed for 9 years at that time, so was pretty sure I was not drawing unemployment. After a few back and forth calls with the office of unemployment for Tennessee, I was informed the case was going to the TBI. Talked to an agent once, and my employer said they contacted them also. Case cleared. However, Tennessee (and most other states) require evidence that you are actively seeking employment to recieve unemployment benefits. I wonder if some other folks were receiving texts letting them know that I was or was not a good fit for jobs I personally was not actually applying for...
Ah, we had a ton of that kind of thing happen '20-'21 at our church. Letters from unemployment office to strange names using our church address. Turned in to Sherrif's Office, who relayed to state. Never heard much of anything else.
2 years ago someone hacked my email. They were very clever and did not let on right away. They monitored email traffic and eventually started to divert some interesting ones to a separate folder on my computer. From there they could monitor and modify the replies I got. I send a lot of international wires and they inserted themselves into a conversation between myself and a Japanese distributor. When we discussed payment of a bill, they casually added into his email that he would be changing banks and would send me new wire information. I thought nothing of that at all and a few more emails went by before I was ready to pay the invoice. I asked them where to send it and they provided me wire information for MUFG Bank in Tokyo which is a very large reputable international bank. I drove down to the bank to wire the money a couple days later and I was on the point of sending the wire when a teller overheard me mention that it was a new account and said that's how scammers operate. I assured her and also my own teller that it was all good and I had dealt with this company for a long time. But just to be on the safe side I called my contact in Tokyo who happened to answer the phone at 2:00 a.m. and confirmed that he had never changed Banks. It was $85,000 and it would have hurt a lot if I had sent it. I have no idea how they got into my email and I have no idea how they managed to set up an account at a reputable bank just to receive my money, probably from a mud hut in Rwanda somewhere which is apparently where the scammers were. A few months later a customer in Houston did exactly the same thing probably to the same people and lost 150,000. He actually sent 300,000 but it was such a large amount that the FBI got involved quickly and managed to stop half of it from leaving the country.
I appreciate the effort of financial institutions to identify and intervene when a scam is suspected. They caught and quickly corrected an issue when my debit carb was compromised.
That said, it can be frustrating. In 2020 I bought a truck from a seller 2,000 miles away. Fortunately, I had family nearby and my nephew was able to inspect the truck, handle the transaction, and store it until I could come to get it. Needing to move fairly quickly, I went to my local bank branch to wire the money. Despite my repeated assurances that I knew the recipient, and that I knew all about scams, I was in the bank for over an hour getting lectured repeatedly about how foolish I was.
The scam was buying a nice, rust free old truck for my daughter. She totaled it in less than three months. She's fine. She's hard-headed like her father. :)
Yes, insurance is a scam but really a gamble and I see it as coverage for major hits. My wife thinks every $90 visit should be free.
Pay in all your life and have major heart surgery - bam - $350,000.....then a $100,000 cancer issue?
Buy a new Raptor and it gets stolen a week later - where's my $90,000 check?