Scenario #2 – Computer scammer remotes into woman’s account

“Hello, this is Kathy Jackson. I am calling you from the Microsoft Refund Department. Please do not hang up. You paid for your computer technical support a few months ago, and we are calling to refund your $400 as the company has been ordered to close down. Please call us on our toll-free number, 855-789-0307. Repeating again: 855-789-0307. Thank you.”

Jim and I watched live as a woman named Betty, 78, called the phone number after getting such a call. The man on the phone told her she was eligible for the $400 refund, but he would have to remote-access into her computer to confirm it. He started by walking her through the steps for how to give him access using — you guessed it —TeamViewer.

After gaining access to her computer, the scammer told Betty that to get her refund, she needed to log in to her bank account so he could deposit the money directly. What she didn’t realize was that the scammer could see everything she was doing. And so could we. We watched as she entered her bank account username and password. Within seconds, we could see the scammer himself logging in to her bank account.

“What he will do next is look at how much the victim has in her savings account,” Jim told me, having observed many of these transactions. “You see there—she has $180,035.74 in savings. The scammer will love that.”

Once he saw her sizable stash, the scammer pushed the “Blank Guest Monitor” button on the software to blacken Betty’s screen so she couldn’t see what he would do next: transfer $40,000 from her savings account into her checking account. The scammer then went into the HTML code on her computer (which determines what Betty would see on her screen) and changed the savings balance back to $180,035.74. He did this so when she looked, it would appear that nothing had been transferred but that her checking account had gone from $4,657 to $44,657.

Why do this? To set up the story he was about to feed her: that he had made a horrid mistake and transferred $40,000 of his firm’s money into her account instead of $400.

If Betty had known to refresh her screen, or log out and log back in, she would have been able to see that the scammer had simply transferred her own money from one account to another. Absent those actions, the story seemed believable. So it wasn’t hard for the bad guy to convince her that she needed to send the difference between $40,000 and $400 — $39,600 — to a bank in China to pay him back or else he will lose his job.

Because we were literally inside the scammer’s computer, we could see him logging in to his Bank of China Hong Kong branch account to get the right account numbers to give the victim.

As he continues on with Betty, he tells her she would need to physically go to her bank and wire the money (that way, it would be untraceable). She should not, under any circumstances, mention what she is doing to anyone. Jim says scammers typically will coach the victim on what to tell the bank: “Say you are sending money to a sick relative.”

It seemed pretty obvious to both Jim and me that unless someone intervened, Betty would comply with this request. While I listened, Jim called her bank to warn someone that Betty might be coming in soon to transfer funds and that it was a scam. Then Jim tried calling Betty, pretending to be a representative from her bank (any other explanation would have been too hard to explain), but she hung up on him—a good sign because it meant she was growing suspicious.

A few days later, I called Betty, a longtime AARP member, to make sure she never sent the funds. She confirmed that she had been contacted about a software refund, but told me that she figured out it was a fraud and never sent them any money.

“Don’t worry, honey, I’m fine. But thanks for checking on me,” she said.