(^36) The last word
Now type in your bank password...
You
Tu
be
had 45 minutes. “He was very insistent,”
Langer told me recently. On her computer
screen, the caller typed out what he wanted
her to say at the bank. “Don’t tell them any-
thing about the refund,” he said.
Later, Langer rang the number the caller had
given her and told him she had been unable
to get to the bank in time. By now, she was
beginning to have doubts about the caller.
She told him she wouldn’t answer the phone
if he contacted her again.
“Do you care about your computer?”
he asked. He then uploaded a program
onto her computer called Lock My PC
and locked its screen with a password she
couldn’t see. “If you want to use your com-
puter as you were doing, you need to go
ahead as I was telling you or else you will
lose your computer and your money,” he
told her. When he finally hung up, Langer
felt shaken.
M
INUTES LATER, HER phone rang
again. This caller introduced
himself as Jim Browning. “The
guy who is trying to convince you to sign
in to your online banking is after one thing
alone, and that is he wants to steal your
money,” he said.
Langer was mystified that this new caller,
who had what seemed to be a strong Irish
accent, knew about the conversations she
had just had. “Are you sure you are not
with this group?” she asked.
He replied that the same scammers had tar-
geted him, too. But when they were trying
to connect remotely to his computer, he had
managed to secure access
to theirs. For weeks, that
remote connection had
allowed him to eaves-
drop on and record calls
like those with Langer.
“I’m going to give you
the password to unlock
your PC because they
use the same password
every time,” he said. “If
you type 4-5-2-1, you’ll
unlock it.”
Langer keyed in the digits.
“OK! It came back on!”
she said, relieved.
For most people, calls
like the one Langer
received are a source
of annoyance or anxiety. According to the
FBI’s Internet Crime Complaint Center, the
total losses reported to it by scam victims
increased to $3.5 billion in 2019 from
$1.4 billion in 2017.
The person who rescued Langer delights in
getting these calls, however. “I’m fascinated
by scams,” he told me. A software engineer
based in the United Kingdom, he runs a
YouTube channel under the pseudonym Jim
Browning, where he regularly posts videos
about his fraud-fighting efforts. I’ll refer to
him by his middle initial, L.
L. started going after scammers when a
relative of his lost money to a tech-support
swindle, a common scheme with many vari-
ants. Often, it starts when the mark gets
a call from someone offering help in rid-
ding a computer’s hard drive of malware.
In other instances, victims are tricked by
a pop-up warning that their computer is
at risk and that they need to call a certain
number. Once someone is on the phone, the
scammers talk the caller into opening up
a remote-access application on his or her
computer, after which they get the victim to
read back unique identifying information
that allows them to establish control over
the computer.
L. flips the script. He starts by playing an
unsuspecting target and allows the scam-
mer to connect to his device. This doesn’t
have any of his actual data, however. It is a
“virtual machine”: a program that simulates
a functioning desktop on his computer. The
scammer’s connection to L.’s virtual machine
is a two-way street that allows L. to connect
From offices in Kolkata, scam callers try to separate Americans from their money, said Yudhijit Bhattacharjee
in The New York Times Magazine. With the help of an anti-scam hacker, I went to find them.
Hackers have turned the tables on scam callers, getting video of call centers in action.
O
NE AFTERNOON IN
December 2019,
Kathleen Langer, an
elderly grandmother who
lives by herself in Crossville,
Tenn., got a phone call
from a person who said
he worked in the refund
department of her computer
manufacturer. The reason
for the call, he explained,
was to process a refund the
company owed Langer for
anti-virus and anti-hacking
protection that had been
sold to her and was now
being discontinued. Langer,
who has a warm and kind
voice, couldn’t remember
purchasing the plan in ques-
tion, but at her age, she didn’t
quite trust her memory. She had no reason
to doubt the caller, who spoke with an
Indian accent and said his name was Roger.
He asked her to turn on her computer and
led her through the steps so that he could
access it remotely. When Langer asked
why this was necessary, he said he needed
to remove the software from her machine.
After he gained access to her desktop, using
the program TeamViewer, the caller asked
Langer to log in to her bank to accept the
refund, $399, which he was going to trans-
fer into her account. Langer made a couple
of unsuccessful attempts to log in; she
couldn’t remember her user name.
Frustrated, the caller opened her bank’s
internet banking registration form on her
computer screen, created a new user name
and password for her, and asked her to
fill out the required details—including her
address, Social Security number, and birth
date. When she typed this last part in, the
caller noticed she had turned 80 weeks ear-
lier and wished her happy birthday. “Thank
you!” she replied.
After submitting the form, he tried to log
in to Langer’s account but failed, because
Langer’s bank activates a newly created user
ID only after speaking to the customer who
has requested it. The caller asked Langer if
she could go to her bank to resolve the issue.
Because it was late afternoon, however, she
wasn’t sure if the bank would be open when
she got there. The caller noted that the bank
didn’t close until 4:30, which meant she still
antfer
(Antfer)
#1