The automated call rang my wife’s phone a little after 3 a.m., saying it was the big box store’s automated fraud prevention line, complete with the company’s number on the caller ID.
It had just sent a numeric code to my wife’s text messages, according to the message. It just needed her to type in those numbers to prove she’d received the message.
In an early morning stupor, she followed the directions. About a minute later, she heard the ding from the first email, saying she’d just bought a $100 gift card. Then another email hit, saying she’d changed her password on that company’s site.
She’d unwittingly just fallen for an identity theft scam. That text message had been a security feature by the retailer, making sure it was really her trying to access her account. The phone call was not authentic, though. It was someone who wanted that information to take over her account.
Before she had the sense to disconnect our credit cards from the company’s site, someone had also purchased another $200 gift card.
When the people committing fraud claim to be part of fraud prevention units, you know they’re getting clever.
It’s getting harder and harder to tell the good guys from the bad guys nowadays. The call sounded so authentic to her, and companies ask for codes all the time anymore.
When people in public ask if I’m the guy from the newspaper, I’ll joke that I can’t imagine why anyone else would want to be me. It turns out there are plenty of people out there who do want to be us, for nefarious purposes.
A few days ago, someone tried to reset the password on my Facebook account. Fortunately, because of my connections to the newspaper’s Facebook page, I have my security locked down for that account, so the person wasn’t able to use it without accessing an authentication app on my phone.
My wife wasn’t so lucky. Many people on Facebook are victims of cloning, where someone creates a new account and uses your pictures and friends list to mimic your original account. My wife was the victim of an actual hacking, where someone got into her account and changed her password.
Now she’s in “Facebook jail,” as people like to call it, for 30 days for something she allegedly posted involving child pornography. The closest we can find is she shared a photo from the preschool class our oldest daughter teaches, of the kids building insects from bananas and pretzels.
It’s all a good reminder to be vigilant. There are always people trying to get our personal information. While many of us have gotten smarter about seeing what address an email really came from or ignoring pleas for our personal information from Nigerian princes, the efforts are more and more imaginative.
Fortunately, with my wife’s account, we were able to work with the credit card provider to cancel the card with that big-box store’s purchases before any more damage could be done. And as far as Facebook is concerned, my wife’s weighing whether a break from the social media scene might be good for her.
The next time we get a call at 3 a.m. to confirm our account information, which literally happened the following night, we’ll be better prepared to just hang up the phone and go back to sleep.
David Trinko is editor of The Lima News. Reach him at 567-242-0467, by email at [email protected] or on Twitter @Lima_Trinko.