Tuesday, May 11, got started well enough with not much happening in the morning. Reading about how many lies George Santos had been telling, around one in the afternoon, I decided to write a blog post about the scoundrel and typed in “Lies by George Santos” on Google where I was directed to a website with that name, which I clicked. A red warning sign popped up that this was a risky website. Before I was able to read more than five or six of his lies, a sound like a siren went off, and the following message with the Apple logo appeared: “Apple Has Determined Your Computer Has Been Hacked. We have locked It to protect your device. Contact Apple now and do not shut off or unplug your computer since it may result in severe damage. Call Apple Help now. Call this number.” The message took up the whole screen and flashed on and off. The siren continued.
It seemed a bit odd. I tried to cancel the message and unlock the computer to no avail. Embry came in my office, and we both suspected it might be a scam. Despite the dire warning not to turn off the computer, I turned off the computer and unplugged it anyway. When I turned it back on again, the flashing continued. The computer remained locked, and the siren was even louder. What to do?
I was wary of calling the telephone number on the screen, so using my iPhone decided to call the Apple Help number listed on the internet so I would be sure to get an Apple technician. I noticed there were several Apple Help numbers and without giving it much thought called the first one. Someone from Apple immediately answered. “Yes,” he said,” We understand your problem and can help. There is a lot of computer theft like this going around.” The technician had what seemed to me a slight Indian accent.
The usual procedure is to let Apple see your screen enabling them to use an arrow to point to things you need to do to fix what is wrong. I agreed to screen sharing. The Apple tech guy immediately reported that he thought this was part of a hacking scheme going on and stated that he could fix it but would need the use of my iPhone and asked for permission to screen share that also. I agreed to that as well.
The procedure of using the iPhone took quite a bit of time and I had no idea of what he was doing. After about 15 minutes, he said, “Mr. Howell, l can confirm that your computer has been hacked. I have determined that the hackers are in Houston, Texas, and that they have targeted your bank, PNC, and are on the verge of taking all your money. They have been able to hack into your computer and get all the information they need to rob you. I can stop this from happening, but I will need to get into your system to stop them.
What to do?
He continued, “We at Apple are familiar with this scheme and can keep the hackers from steeling your money but we must act now. And you must do everything I say and do it immediately.”
“Are you really an Apple technician?” I asked timidly.
“Please, Mr. Howell, of course, I am. You insult me. We know this scam. We deal with scams like this every day. If you don’t act fast now, you will lose everything in your account, which I believe is $23,526.33.”
“Good heavens,” I thought. “This guy knows exactly how much money is in my PNC bank account. How did he figure this out? How did he get this information?”
With some reservations I agreed to let the Apple technician move forward in fixing the problem, which involved beating the hackers to the punch by transferring all the money out of PNC to a safe haven bank account in San Francisco, which only I would be able to access. I complained that I did not fully understand how this would work. He assured me it was standard protocol and the only way of averting catastrophe. The clock was ticking, and Apple is a trusted company.
It turned out the process of transferring my money from PNC to a California bank took over an hour. He was constantly telling me what to do and scolding me for taking too much time. He kept reminding me that the hackers would steel my money it if I didn’t move faster in following his instructions. Toward the end of the hour, he said that everything was in place and all that was needed was the password I used for the PNC account. No one would see the password except for PNC so I need not worry.
I took a deep breath and typed in my password.
It was at this point that I realized that I had just given my PNC password to someone I did not know and who probably was not actually an Apple employee. I broke into a cold sweat.
“Hurry, Mr. Howell, do as I say, do it now or all will be lost. All you have to do is click on “transfer.” Do it now. Now!
I clicked on “transfer.”
“Good job, Mr. Howell. You have saved the day. We have beaten the hackers. Your money is safe. Now look at your phone and tell me what you see. I am unlocking your computer.”
I looked at my phone and reported back, “Transfer denied.”
“Shit,” he said, “I am bringing in my boss.
The boss got on the phone. His accent was much stronger than that of the technician I had been dealing with. I could barely understand what he was saying, and he was surely not a happy camper. He then directed me to go to the nearest Target store to purchase what I thought he said was an Apple card, which he said would be needed to complete the transfer. He would remain on the line, and I should hurry.
What? This made no sense.
There are idiots in the world and there are outrageous, hopeless idiots. Clearly, I fall into the former category, but even for a naïve, trusting idiot like me, this was too much.
“You know where you can stick the Apple Card–or whatever it is I am supposed to buy. I am reporting you to the police.”
I hung up.
But I had to act fast. The hackers had my bank account information and password and probably would eventually figure out how to make the transfer. I immediately called PNC and after giving the automated system my name, social security number, and date of birth, finally got a person and told her my predicament. She transferred me to the fraud and abuse line. An automated voice came on the line announcing that the wait would be approximately 45 minutes, and all calls would be taken in order.
Forty-five minutes? All could be lost in 45 minutes. I felt a panic attack coming on. On pins and needles, I waited for the call to be answered while trying to keep my composure.
Finally, a woman’s voice answered. I told her what had happened and that she needed to protect my account. She then asked me the usual security questions—full name, date of birth, address, social security number, last for digits of my PNC account, the name of my first pet and my mother’s maiden name.
“All good,” she said, “Just one more question: What is your oral password?”
“Your oral password. If you are who you say you are, you have an oral password. Without an oral password there is no way PNC can help you.”
I was not aware of ever having had an “oral password.” I told her I had been a PNC customer for over 25 years, and no one had ever given me or asked for an oral password. And furthermore, I stood to lose $23,000, which would be transferred to a bank in California. I begged her to help me now. There was no time to spare. How could she think it was not me when I knew the name of my first pet, for God’s sake?
“Don’t raise your voice with me.” She replied, I don’t care what the name of your first pet was. No oral password, no business!” The phone line suddenly went dead.
I was stunned. Over an hour had passed. The hackers had all the information they needed. Somehow the transfer had not gone through the first time, but it could happen at any minute. The end of this movie was starting to look like a tragedy.
I reported back to Embry regarding the desperate situation and told her I was headed to the nearest PNC branch and arrived there in about ten minutes. It was now after four p.m. I had been consumed by the hacker scam for over three hours. I stumbled into the branch, shaking. The manager greeted me and invited me into her office. Someone brought me a bottle of water.
Then came the security clearance–driver’s license, debit card, and check book. Then she asked me for the oral password.
“I am not supposed to do this but I will give you a hint. All are numbers and there are six of them.”
Immediately I responded with a guess: a special date, which I will not divulge. She smiled. I had gotten it right!
I described what had happened and how the account needed to be frozen. She made a quick call to someone and reported back that the account already was frozen. PNCs security system had immediately identified the transaction as fraudulent, and shut it down.
Disaster averted. She opened new accounts with new passwords and transferred all the money to the new accounts. I was finally able to relax. The next day I called the real Apple line and got my computer cleaned up wiping out all the cookies and changing all passwords.
The question that I suspect many will be asking is how I could have fallen for the scheme in the first place. The short answer is that yes, I am an idiot and way too trusting. This is certainly true, but at the same time I have got to say that the scam was well executed. The fake Apple guy was knowledgeable and very convincing that this was all legitimate. He answered most of my questions assuring me that this was the proper protocol. Since I got the telephone number off the internet under the name Apple Help—not from the number that was on the warning on my computer screen–I can’t figure out how were they were able to pull this off. But in the end, PNC’s software and algorithms saved me. They have picked up fraudulent activity in my account within minutes of the activity on several occasions. They surely came through on this one. In the end, all I can say is that I was lucky. The horrible, no good, terrible day had a happy ending.