Recently, I made the mistake of clicking on an email from an unfamiliar sender. It said "Membership Renewed," as in, money had been spent by yours truly. But I hadn't spent any money renewing a membership that I knew of, and there is, I imagine, the axis on which some phishing scams are turning: By piquing your instinct to know where and what one's money is doing. Maybe I forgot something? Maybe my wife, Dina, paid for something and forgot to mention it? Maybe, maybe, maybe – so I clicked. The email looked as if it had been sent by "Geek Squad”, with whom I have a service contract, so I called to inquire further about this "paid membership."
The conversation began innocently enough. They confirmed my membership and seemed to have my pertinent data as well, so I continued. When I couldn't recall this money being spent – and they couldn't tell me the last four numbers of the account which had been debited, I grew cautious, as I had been down this road once before. Nevertheless, I persisted. Since I had "Geeks" (or whomever, unbeknownst to me) on the phone, I figured I'd ask if they could fix a computer problem (no volume) and asked if the repair was covered by my service contract. They assured me that it was. And so, I gave them access to my computer so they could address the problem remotely. After computer fits and starts, and curious delays, they confessed that they were unable to fix the problem. So, and here it is, the hook: since they were unable to fix my computer, they wanted to refund me the "membership" fee. That was excruciatingly familiar, so I knew it was time to exit stage right.
What had happened to me previously is that I didn't get out soon enough. I didn't know then what I know now, so I agreed to the refund and gave them the last four of my account, and sure enough they electronically deposited the money into my checking account (or so it appeared. I later learned that no actual money had ever been transferred). However, they made a mistake, they said. They deposited $3,000 instead of $300. They apologized profusely at their mistake and requested that I pay them back $3,000, which I thought was odd; why not just withdraw the money the same way they deposited it? They said they couldn't and I needed to pay them back. When I refused to follow their directions on how to pay them back (again, since they couldn't withdraw the money/stop payment, whatever), by getting cash and then going to a Western Union office and sending it back that way, I knew I was hooked. Then they threatened to disable my computer unless I paid them back exactly as I had been instructed. Then they erased all the icons on my desktop as a last attempt to coerce me to pay up. At this point, it had been nearly two hours since I made first contact, and I could see/feel where the conversation was going, so I risked it and hung up. Sure enough, my computer was wiped clean and locked. I couldn't access anything. The next day, I called Best Buy and explained the problem and how it had happened. They suggested I bring in my computer tower for an analysis. Within a day, they had identified the problem and offered a solution. They could unlock my computer, no problem, but the computer would have to be reset to the way it was when I first bought it. It wasn't a total disaster, as most data was retrievable. As "The Three Stooges" would have said: "It wasn't a total loss."
This recent caller was once again leading me down the garden path. A path which would have ended at a rabbit hole into which me and money would have disappeared. The caller tried desperately to keep me on the line. I said I was at work and had to go. I told him I didn't expect the call to last so long and I promised to call him back. He had access to my computer – remotely, so I was afraid he could cause similar computer trouble as had happened before under eerily similar circumstances. He confirmed – so he thought, that I had his phone number and so I hung up, cautiously optimistic that I hadn't earned his wrath. I never called him back, but for the next four hours, he called me back several times, a number from Los Angeles. I never answered, obviously. If I had, I might not be pleased with myself.