Cyberspace Pirates Are Attacking!

First they come for your data. Then they come for your gold.

Nov 27, 2021

Last week I received a telephone call from a manager at my bank’s branch office. “Did you make a $16 deposit into your savings account?” she asked. “No,” I said, “that’s odd.” “We thought so too,” she said, “which is why we’ve locked your checking and savings accounts.”

My wife and I endured five days of hassle as we opened new accounts at the bank and redirected about a dozen automatic payments from the old account to the new one. But it was worth it – we were hours away from seeing thousands of dollars silently siphoned away.

Apparently some nefarious ne’er-do-well obtained my account number and password – I’m not sure how but see below for possibilities – and sent the small deposit through to test whether it would slip by unnoticed. If it had, boom! A speedy withdrawal of all our funds into his pocket.

Lucky for me, the bank noticed and was on it right away. Also lucky for me, the mysterious malfeasant directed his test to the savings account rather than checking, where I might have assumed it was a purchase refund and ignored it until too late.

But the point is that the dangers of cyberspace piracy are real. All it takes is one slipup and your identity can be stolen or forged to your detriment, and then the magic of cyberspace can make your money disappear faster than you can say “Aaarrgg!”

If you don’t feel like you’re under constant attack, perhaps you’re not paying attention.

For example, I looked through my emails and text messages for the past 30 days. In that time I received all these enticements from pirates. I think of them as equivalents of hand-scrawled notes pinned to my desk at dagger point:

1. An invoice from “PayPal” for my bitcoin purchase of $599.99. “If in case you did not make this payment please call us to cancel.” I received this invoice again yesterday.

2. An “invoice” for the automatic renewal of my contract with “Geek Squad” for $399.00.

3. A notice that my Apple iPhone 13 Pro Max has shipped, for $1599.00. “If you need further assistance or to cancel your order Call our Customer Service (Toll-Free)

4. A Dear Customer note from “Norton” regarding my three-year subscription to Norton LifeLock Security for $599.99. “If you wish to cancel this subscription then please feel free to contact our billing department as soon as possible.”

5. “Congratulations CID#4845404. An exclusive reward from AT&T us waiting For You Claim it here.”

6. “Costco GiftCard for CID#186917.”

7. “WALMART BALANCE: Your Walmart account has been refunded. Check your new balance:”

8. “CVS: Customer Appreciation Giveaway 100$ credits.

9. “Home-Depot: Customer Appreciation Giveaway 100$ credits.”

10. “10-uPhone13 from AT&T TODAY/CODE:RPLSV”

11. “Did you claim your gift from ATT? Hurry up!”

Not to mention the robocalls reminding me of my car’s extended warranty, that my electricity will be cut off within the hour for nonpayment, my $299 refund from the computer service center, a suspicious purchase on my Amazon account (another iPhone), and the dire consequences of failing to pay my delinquent state taxes.

That’s what I call a veritable barrage. So what is going on here?

It’s the Season for Stealing

For starters, although theft and deception are 365-day, 24/7 enterprises, studies have shown that cyberspace pirates are particularly active during the end-of-year holiday season. This is the time, it seems, that we are most likely to take the bait – and with so many legitimate retailers and online marketers hawking their discounts and deals, it’s that much harder to separate the beef from the bologna.

So what should you do when you suspect a pirate lurking in your inbox or calling on your phone?

First: Do Not Respond to them! It’s so tempting to pick up the phone or dash out an email to set the record straight at once, but resist it! What the pirates are looking for is your personal information – a password, an account number, your Social Security number – any of which will give them access to dig up your personal treasure and relieve you of it (as almost happened to me). As you know, the art of placing these email or telephone lures is called phishing. Lately there’s a newer term, smishing, to refer to baiting the hooks on social media.

Also, do not try to unsubscribe from spam mail. Assume that no link in a spam mail is what it appears to be. Let is pass. (This is probably where I left myself open to attack.)

Second: Check out the facts – go directly to the company you do business with. If you receive an email from “Amazon” saying a package could not be delivered, close the email. Go to the Amazon website or app and check out whether the issue is real or ruse.

Third: Recognize the warning signs of something phishy:

- any requests for your personal information

- a sense of urgency (as in, we’re cutting off your electricity right now)

- wrong organization logo and branding

- typos and grammatical errors

- an unusual sender email, unrelated to the organization

- multiple recipients

- impersonal greetings such as “Dear Customer” or “CID54321”

- emails from organizations you don’t do business with.

Fourth: Report it.

The Federal Trade Commission has useful information about how to recognize spam texts and email and how to report them.

You can find additional information about common scams and frauds, including the latest related to Covid-19.

Keep your treasure buried and safe from pirates. Be vigilant and be wary.

Delivery Error

Apparently there was a glitch in last week’s email post, and many were never delivered. If you missed it (it was on sleep loss), you can find it at https://TheEndGame.substack.com.

Introducing The Council of Elders

Be sure to check out our new podcast which was also delivered today. The “Council of Elders,” a panel of four “sages,” engage in a free-wheeling conversation about ageism in media and advertising, among many other things. Have a listen!

The EndGame

Discussion about this post