FRAUD SQUAD

The Tech Support Scam That Cost a Senior Citizen Her Life Savings

Wednesday, December 13th, 2023

VIEW ALL FRAUD SQUAD ITEMS

Cyber security risk management solutions from DefenseStorm.

Technology is advancing at an unprecedented pace, and even the most tech-savvy individuals can find themselves in need of assistance to remain connected and productive. Unfortunately, with the increased demand for tech support comes a rise in fraudulent activity exploiting this important service. Senior citizens are the most vulnerable group because they are more likely to seek help in navigating the complexities of technology.

The Tech Support Scam That Cost a Senior Citizen Her Life Savings

The Scam: Technology is advancing at an unprecedented pace, and even the most tech-savvy individuals can find themselves in need of assistance to remain connected and productive. Unfortunately, with the increased demand for tech support comes a rise in fraudulent activity exploiting this important service. Senior citizens are the most vulnerable group because they are more likely to seek help in navigating the complexities of technology. Tech support scams are fraudulent schemes that prey on individuals needing technical assistance – whether the help is initiated by the cybercriminal or the victim, the process is the same. Scammers pose as legitimate tech support representatives and use scare tactics to convince victims that their devices are infected with viruses or malware that threaten to compromise the safety of their personal data and money. They then empathetically offer to fix the problem, but in reality, are stealing personal information, installing harmful software, or instructing the victim to pay or transfer assets to a fraudulent account to rectify the issue.

The Scheme: In April of 2021, Marjorie Bloom, a 77-year-old resident of Maryland, was working on her computer when it suddenly froze. A pop-up window appeared from Microsoft, instructing her to call a customer support phone number listed on the screen for assistance to mitigate the problem. After seeing the security pop-up window, she made a costly mistake by calling the number provided. On the call, a person claiming to be a Microsoft engineer informed her that foreign hackers had taken control of her computer and stolen sensitive personal information. The scammer also suggested that her financial accounts were at risk because of the breach. When she mentioned that she banked with PNC, the fake engineer transferred her to an accomplice posing as a PNC fraud investigator who was ready to help. The “investigator” convinced her that there were pending transactions worth $29,000 tied to her bank account and urged her to move her money to a new account without delay while they fixed the problem. He further explained that the perpetrators had used her stolen data to gain access to her accounts, and to protect her money, she should move the rest of her assets quickly and discreetly. He warned her that sharing the issue with anyone, even her children, could jeopardize the process.

Over the course of 28 days, Bloom authorized 5 wire transfers, totaling $661,000 – the entirety of her life savings. The fraudsters instructed the victim to transfer funds from her PNC bank account to an account at Signature Bank in New York [which is currently not operational]. The funds were then transferred to a cryptocurrency trading platform, Coinbase, where the scammers had created an account using the victim’s personal information and picture. Her assets were subsequently converted into cryptocurrency, and then transferred to offshore accounts on the Binance crypto trading platform located in the Cayman Islands.

In May 2021, a month after she was initially contacted, Bloom awaited a call from the investigator who “saved” her from hackers to receive instructions on how to access her money now that it had been moved. But the call never came, and when she dialed the number to reach him, it was disconnected. She then contacted PNC Bank, who informed her that there was no investigator by that name associated with the bank – that’s when Bloom realized she had been scammed.

Fraud Geek Explains

Tech support scams are a widespread problem that affects people of all ages and backgrounds, but senior citizens are a particularly attractive target. According to the Statista Research Department, “Tech support frauds have increased in recent years in the United States, with losses duplicating since 2020, costing up to 806.55 million U.S. dollars in 2022, more than double the 2021 amount.” Senior citizens are often targeted because scammers know they may be less familiar with technology and more likely to trust someone who claims to be an expert. In fact, the FTC found that people over 60 were five times more likely to report losing money to a tech support scam than people under 60. The Federal Bureau of Investigation (FBI) reported that older adults [over 60 years old] were defrauded of $588 million in tech support scams in 2022 alone.

In May 2022, Bloom filed suit against PNC Bank, claiming that the bank failed to prevent fraud, and sought full financial compensation to cover the monetary loss and the cost of interest and attorney’s fees. She alleged that PNC Bank ignored clear warning signs and evidence of financial exploitation, citing that the unusual wire transfer requests in large amounts within a short time frame were red flags that the bank did not investigate and, therefore, was negligent and in breach of its contractual responsibility to protect its customer and her assets. A judge dismissed the case for negligence but proceeded with the breach of contract lawsuit, and both parties agreed on an undisclosed settlement.

Fraud Geek’s Advice

Consumers can protect themselves by remembering the following:

  • Do not trust unsolicited calls or pop-up messages claiming to be from tech support.
  • Don’t click on any links directing you to tech support or to access more information.
  • Never personal information or allow remote access to your computer.
  • Unsolicited tech help is a RED FLAG. If your computer freezes or pop-ups alert you to a breach, don’t click on anything, and don’t continue to work on your computer. Immediately seek help from a trusted source.
  • Regularly back up important files and data to an external hard drive or cloud storage.
  • Don’t share personal or financial information with anyone you don’t know or trust, especially over the phone or via email.
  • Remember that pressure to act quickly is a RED FLAG. Scammers often try to create a sense of urgency.
  • Be cautious of requests for secrecy, which is another RED FLAG. Scammers frequently attempt to prevent their victims from sharing information with others to avoid being caught.
  • Keep your software and devices updated with the latest security patches, and use anti-virus and anti-malware software to protect yourself from potential attacks.
  • If you suspect a scam, report the incident to the appropriate authorities. File a complaint with the Federal Bureau of Investigation (FBI) Internet Crime Complaint Center.
  • If you are a senior or know a senior who has been a victim of Elder Fraud, contact the S. Department of Justice (DOJ), Office for Victims of Crime for people to report fraud against anyone age 60 or older.

Financial Institutions: Keep Your Customers Protected

  • Educate customers on common fraud schemes, including tech support scams, and how to avoid them.
  • Monitor customer accounts for unusual activity, such as large or frequent wire transfers, and contact the customer to verify the transactions.
  • Use fraud detection software to identify suspicious patterns and behavior.
  • Train employees to recognize and report potential fraud, including tech support scams.
  • Share information about known scams and details used by the fraudsters, such as the phone number they use when calling victims, with other financial institutions.
  • Partner with law enforcement agencies to share information and coordinate efforts to combat fraud.
  • Conduct regular audits of security protocols and procedures to ensure they are up-to-date and effective.
  • Implement secure verification procedures for wire transfers and other high-risk transactions using multi-factor authentication techniques, remembering that one-time passcodes can be compromised so look for stronger factors like biometrics.
  • Use encryption and other security measures to protect customer data from unauthorized access.
  • Stay up-to-date on the latest fraud trends and tactics and adjust security protocols accordingly.

The DefenseStorm Difference:

DefenseStorm approaches fraud differently by looking at both monetary and non-monetary transactions to catch fraud before funds leave the bank. Our GRID Active Fraud Prevention product would have recognized the unusual patterns, such as exceptionally large withdrawals within a short period of time, which was not consistent with Bloom’s normal activity. Our ability to monitor, detect, and alert on suspicious activity across all departments – including Originations, Online and Mobile banking, and Internal Fraud with Employee Activity Monitoring – allows the FI to stop fraudsters before funds leave the account.

 

Resources:

https://www[.]statista[.]com/statistics/1301913/tech-support-fraud-losses-usa/

https://www[.]cnbc[.]com/2023/10/08/how-one-retired-woman-lost-her-life-savings-in-a-common-elder-fraud-scheme.html

DefenseStorm

DefenseStorm experts collaborate to share valuable insights, tips, trends, and resources about cyber risk management. Information sharing is a critical component of cyber risk readiness and considered a best practice to improve cyber risk awareness. As a leader in the industry, we strive to build a community of trust by providing the most current and important information that affects your financial institution.