If this can happen to me, after nearly 40 years online, it can happen to you.
All our money is at risk.
My story starts Friday night, with an e-mail claiming to be from service@paypal.com. The e-mail claimed it had an invoice it would pay the next day. It was a transaction I had not made.
There was a phone number attached so, stupidly, I called it. The person who answered had an Indian accent but was very sympathetic and insisted he didn’t want any personal information. After 10 minutes, he offered to switch me to a supervisor.
I was already suspicious. I became more so when the “supervisor” made a key mistake. He said the invoice came from Baretta, a gun maker. The invoice in the e-mail, however, said Barrett. There was a second tell, his overly enthusiastic sympathy, identical to the first rep. It was when he suggested I download a file to fix things that I got scared. But I downloaded it anyway.
Had I loaded that file, everything I owned would have disappeared. The phisher would have had my entire identity, control over all my computer files. Thanks to my dearest love, who warned me to stop at the crucial moment, I didn’t load it. She then found the command in Windows to permanently erase the file. When I checked an hour later, the original phishing email was also gone.
What led me on, what nearly killed me, was the supervisor’s naming of the banks my Paypal account was linked to. Somehow, they got into Paypal, at least in a limited way. They didn’t clear out the account, but I’m canceling Paypal. It’s a risk I’ll no longer take.
Changing all my passwords became a nightmare. I had hundreds, and a third-party password manager called Dashlane knew them all. But changing my Google and Microsoft log-ins required that I use their processes, and it’s clear both now want to be my sole password manager. I couldn’t secure those accounts until the next day.
Then there were my banks and credit cards. We used the telephone to put temporary holds on all of them, a hassle since our son came down the next day for a one-week visit. My credit cards are still being declined today, although I lifted the holds and could find no suspicious transactions. When we went to visit a sick friend yesterday, my son paid for the gas.
Everything I have is now on 2 factor authentication. There has been no further contact from the thieves. We’re fine but it was very, very close.
We’re now in a time of cyber war, along with a cyber crime spree. The best opportunities in tech are now in cyber security, where new techniques are badly needed, for securing people and their money. My phone now has biometric protection, using my fingerprint. Retina scans are coming, maybe camera image analysis. Whatever the requirements, I accept them.
Mind how you go.
