I was reading this New York Times Article today titled: ” How one man lost $740,000 to scammers targeting his retirement savings”.
This is a shocking reminder that scammers are getting more and more sophisticated. It is going to get worse. Criminals on the internet are increasingly going after Americans over 60 for their retirement savings. Potential losses last year were over $3.4 billion.
Another link that is relevant: https://www.livenowfox.com/news/top-scams-2023-ftc-imposters-investments-social-media
What steps should we take to protect our assets from scammers? What telltale signs will you look for, to warn you of a potential scam in the making?
Did you just log in? If you don't see the commenting form, please refresh the page.
It’s best not to access bank accounts on your phone…..Beware of this new Android malware that empties your bank account, clears your device completely (msn.com)
If you are purchasing a home and using wire transfer to close, watch out for such scams
https://www.cnbc.com/2024/07/23/wire-fraud-in-real-estate-silicon-valley-executive-warning.html
Sick of scams? Stop answering your phone. (msn.com)
This article has useful tips to spot and avoid common scams targeted at retirees
https://www.itcu.org/resources/news/blog/financial-awareness/guide/how-to-spot–and-avoid–common-retirement-scams
This may be heresy in a group of low cost DIY investors, but maybe the answer is to let someone else manage your investments with instructions to TALK TO YOU for any move above $X? Aging individuals with assets are always going to be a target.
FWIW, calling number can be spoofed. I got what turned out to be an obvious scam yesterday from what caller ID showed to be my electric utility.
Some good advice from the FTC:
https://consumer.ftc.gov/consumer-alerts/2016/05/scammers-can-fake-caller-id-info:
“Don’t rely on caller ID to verify who’s calling …”
Great advice. I skipped picking up calls from an unknown number, and finally they sent a text message. It turned out they were legit. I lost some time. That is a price you pay to avoid scammers.
I also had a bank account targeted. In that case, I don’t know the specific mechanics that enabled a non-authorized party to trigger electronic fund transfers. I’m no expert on bank security.
It seems that party had my account info but
couldn’t log in and didn’t know how much money was in the account. (Not too much, thankfully.) There were about seven transactions in all, smaller then larger, and included a couple of deposits as well as the withdrawals.
I found out when I got a series of emails saying I’d been charged $25 for a withdrawal with insufficient funds. Since I hadn’t done any withdrawals, I logged in and looked and saw the bad transactions.
After some phone calls with the bank, it was all squared away but I had to basically close that account and open a new one with a new number.
There were some comedic errors and so although the bad players might have got a few bucks they might actually have lost money on this one… which would go to the bank as I just wanted my funds. And the leftover money the bad actor had deposited can go to the bank I guess to help defray the cost of their fraud detection unit.
Like about 100 million other people, my info has been part of more than one inadvertent data leak (Target was one I think, the state pension fund another.) This data gets bundled and sold on the dark web, or so I read. Each leak comes with enrollment in a “credit monitoring” system. Supposedly these are supposed to help. But these have never “caught” anyone using my credentials. So I still enroll but don’t have any faith they are protective. The anti-fraud people from my banks, I trust these people.
Isn’t the idea of a designated “trusted contact” supposed to help with this? Someone besides yourself who a financial firm will call under certain circumstances?
I myself was “led astray” after buying a single user copy of MS Word at my Apple Store. Instead of a CD disk inside, there was a web address to register and obtain the 25 character serial number that would allow me to download and activate the product. Which I entered and it turned out that (I think) somehow a bad actor had hijacked the web address printed in the Microsoft product. The (fake) web address home page looked legit but filling out the form didn’t provide the serial number… and also had a phone number to call…
cue the “fooled you” music!
after a short series of questions from a “customer service rep”, which I should not have provided any answer to, the next question sparked my scam radar and I hung up. Took me a while to find a thread online describing this exact misdirection. Was able on the Microsoft main website to eventually find an alternate means to getting my serial number. No harm no foul but a serious close call.
i think this happened as Microsoft is moving from “selling” software to “renting” it with an annual fee. Once the last single license box is sold, that purchase path is over. I think there’s a lot of loose ends in most systems and they are being exploited.
came across this sorry tale this morning.
https://www.cnbc.com/2024/07/23/wire-fraud-in-real-estate-silicon-valley-executive-warning.html
Given that so many of the scams seem to play on secrecy and guilt/fear how about a belt and braces defence of asking the counterparty for an email setting out all details so you can get the advice of a son/daughter/ nephew/ neighbour etc who is a cybersecurity expert?
Scammers may run a mile at this OR ramp up the intimidation which again is a sign of dishonest intent.
About a month ago, a friend of mine got scammed/defrauded over the course of two days, with many similarities to the 77-year-old lawyer’s NYTimes story and especially OldITGuy’s story below. Initially, she swore me to secrecy about all the details because she (and her husband) were mortified about what happened.
I made her spell out exactly how her ordeal started, since that’s the part I wanted to avoid! She told me that she independently searched for Netflix’s phone number on Google (as she often does for company phone numbers, she said), found the number, called Netflix about an account issue she was having … and two long days later, was parted from tens of thousands of dollars. Yes, unbelievable but it happened. By the end of her long tale, it sounded like some very smooth and swift brainwashing had happened to her and her busy husband, who “just wanted it to end already so we can get back to regular life.” A sentiment you hear in nearly all these stories.
So this is a sharp reminder that Google is NOT the Yellow Pages. We need to understand that our favorite search engine is serving up fake contact info and fake sites just as the rest of the world has caught on to how easy it is to swindle retired Americans, unfortunately.
Someone was scammed when the scammers spoofed Schwab’s phone number.
A good basic article and it’s certainly a topic everyone needs to be periodically reminded of. About 2 years ago I became aware of a scam that swindled a senior out of $200K. It went something like this: 1. the senior gets a fake email receipt for payment of a fake charge for tech support. 2. the senior calls the number in the email and complains. 3. the “company” quickly agrees to refund the money and directs the senior to “their web page” to get his refund. (at this point, the senior thinks he’s dealing with a reputable company because they’re being so helpful trying to return his money) 4. the senior can’t get “their web page” to work, so the helpful “company representative” offers to log into the seniors computer to help them. 5. sometime during all this, the hackers (who now have access to the seniors computer and info on his bank account for the refund) get into the seniors bank account and activate a pre-approved HELO loan that was in place. 6. the hackers convince the senior that during the refund process, the senior mistakenly transferred $200K out of their company account and into the seniors account. Sure enough, when the senior looks, there’s now $200K in his checking account. So the senior believes the story and now cooperates to transfer the money back to the company. Long story short, this scam took many days and several phone calls with the hackers. The hackers had convinced the senior he had committed a financial crime (so he wouldn’t ask anyone for help and would keep all this secret), and they got his full cooperation in (eventually) taking the $200K, converting it to bitcoin, and sending it offshore. It wasn’t until the first payment came due that he realized his pre-approved HELO loan had been used to put the $200K into his account. Since the senior had actually done the transfers of money the bank wouldn’t cover the loss. So yeah, some of the hackers have very complicated schemes that they’ve figured out over time can work, especially if they can convince the victim to keep it a secret.
Amazing story. Thanks for sharing. This guy was a lawyer so you would think he would be hard to fool. It shows that these people are very smart, and use a lot of psychology in their approach.
I fell victim to a scammer earlier this year. I gave him some personal info including the first 5 digits of my SS number. In retrospect, I was stupid, but these guys know to reel you in. So far, no financial loss. I changed accounts and already had credit frozen.
The lawyer is 76 & may have some cognitive decline. The best advice is not to answer the phone unless you know who is calling, people can leave a vm if it’s important & always go directly to the FI or agency yourself if there’s an issue.
The lawyer withdrew from tax advantaged IRA to pay scammers. After all the other losses, he is still stuck with $285K tax bill to pay federal and state taxes.
Is the theft loss deductible?
Not anymore. The 2017 tax bill removed that provision.
While your advice of not answering calls from unknown numbers, in his case, he didn’t get a call. It almost sounds like he laptop was compromised wherein he couldn’t login to the 401k site. Then mysteriously after couple of days, it started to work but had him call the scam hotline (which he seems to have done). Here is a snippet.
For Mr. <name removed>, it began in September, when he was unable to log into his 401(k) retirement account. When he tried again several days later, he got in, but the screen quickly changed and instructed him to call the 401(k) provider’s fraud department. He called the number on the screen, which had the firm’s logo on it.
yes, his laptop may have been infected, I read the article the other day & didn’t remember all the details
This story sounded so familiar, then I realized that I recently read a story by a female financial writer in Brooklyn who almost fell for a very similar scheme: was told by the “government officials” who were trying to “save” her money not to tell her husband and that both he and their child could be in danger, but when it got to the point of putting the cash in a brown paper bag and waiting for the car to pick it up, her husband learned about it and stopped her. Don’t have the link to post, and I may have misremembered some of it, but you get the idea. Cash in a bag to be picked up by someone in a car …never a good idea.
Linda..I think this is the article you referenced https://nypost.com/2024/02/15/business/ny-magazines-financial-advice-columnist-lost-50k-to-scam/
‘Cannot believe she was a finance advice columnist. Scammers play on emotions and all logic goes out the window.
Must be the same people who tried to sell me a bridge in Brooklyn—sorry I couldn’t resist.
Having walked the last few years of life with my Dad, I’m pretty sure “be vigilant” is not a strategy I can depend on. I just retired from a leading Internet security firm, and the IT staff there regularly”phished” its own employees who, one presumes are more security savvy than most. IIRC such programs have an alarmingly high hit rate.
Not sure exactly what my plan is, but I think transferring the risk to a trust company or purchasing annuities may be a better plan than expecting future me to stay ahead of the scammers.
I’d never considered the purchase of an annuity as a tool to avoid being scammed. It’s a good idea. Of course I would never want to put all my money inro one, so it would only be a partial solution.
I of course got that idea reading Humble Dollar. So many good ideas here ….
Unfortunately many people of all ages are not well informed about scamming and do the things you shouldn’t do. I recommend everyone take some time to educate themselves.
Don’t answer calls from unknown numbers. Don’t click links in emails even from friends. Do protect your passwords.
My phone is set to send calls from unknown numbers directly to voicemail. Now if I could just do the same with texts.
I get very few scam texts. I don’t know whether T-Mobile is blocking them, or whether it’s a hangover from the years I used my landline as a scam defense. I only gave out the landline number, except to friends and family, and I turned the ringers off on the physical phones. Not free, but effective.
Thanks for posting this. I couldn’t see the NY Times article because it’s behind a paywall, but I think this is the same story:
https://dnyuz.com/2024/07/29/how-one-man-lost-740000-to-scammers-targeting-his-retirement-savings/
Easy to access…
Of course there are no potential security risks clicking on links to a news aggregator registered in Arminia that plagiarizes pay walled news articles without attribution and which has been de-monitized by Google. What could go wrong? :-/
https://www.buzzfeednews.com/article/craigsilverman/drudge-report-links-site-plagiarizes-stories
He is surprising open for a shady actor:
Registrant Name: Hayk Karapetyan
Registrant Organization:
Registrant Street: Bagratunyac 40/1-1
Registrant City: Yerevan
Registrant Country: AM
Registrant Phone: +374.91487188
Registrant Fax:
Registrant Email: Hayk_Karapetyan@hotmail.com
Of course, all that info could be completely fake. You never really know on the internet!
Thanks for that heads-up. I had no idea what dnyuz was. I did a search to confirm what you identified.
If you haven’t already, set up whatever two factor authentication is available and use it. And yes, with AI getting more smoother and seamless it’s going to be harder to easily spot a scam than it was in the past. Saying that though, you need to change your mindset and remind yourself no one is going to contact you about your retirement account via phone or email unless it’s a scam. The scammers are counting on people wanting to be polite and helpful – don’t be. Ignore them. If it’s so important, there will be a message sitting in your account’s portal.
Absolutely. All your suggestions are on the money. Click on website address from your favorites. If you type in and make an error in spelling, it brings up a fake website and a scammer is waiting for you.
Good point! Not knowing if a valid website uses .com or .org can lead you to a scammers website.
I’m also overwhelmed by the hundreds of junk mail I get daily, and much of it goes to the Junk Mail box. I have to set up rules when I get an email from the same source 10 times a day. I feel like I’m in a sink-hole and can’t get out of it. Other than creating a new email address, I don’t know how to fix it. I receive a daily email from Kim Komando that helps me keep abreast of scams and other good information.
Great topic. I check our accounts fairly regularly looking for anything suspicious. I have alerts set in our main credit card but should look at the other. This was something I worried about when we were taking care of elderly relatives’s finances.
I have only two credit cards. I have the notifications set to send email and text notifications for any amount over $1.00. I have notifications on our banking and brokerage accounts set to notify me of every event they will notify me of. One cannot be too careful! I check our accounts daily. I also use a password manager and authenticator app, and my passwords are 20 characters generated by the PM. Sadly, some log-ins do not allow 20 characters, so I use the maximum allowed.
Scammers are getting smarter every day. There is little risk of their getting caught because a lot of them operate out of other countries. As you said, elderly could be more trusting and less knowledgeable about internet security. This is a major concern.