Don’t Get Scammed: A Lesson from Susan's Experience

Today, I had lunch with a dear friend, “Susan”, a retired editor and journalist known for her intelligence and keen research skills. Susan is the kind of friend you call when you need some good research. As we chatted over our meals, Susan shared a shocking experience that left her feeling violated and ashamed. She had unwittingly fallen victim to a sophisticated scam—a reminder that even the most savvy individuals can be deceived.

The Setup

It all began last Monday when Susan received an email claiming to be from Norton Anti-virus Software. The message alerted her of an upcoming annual renewal charge of $300. Confident that she had recently paid for her renewal, she called the number listed in the email to clarify the situation.

On the other end of the line was a friendly phone attendant who quickly transferred her to another representative named “James”. He was charming and personable, reassuring Susan that he could help her resolve the issue. James directed her to a website that turned out to be bogus, in order to allow her to reverse the payment.

The Manipulation

As Susan struggled with the website, James patiently guided her through the process, suggesting they share screens so he could assist her directly. While what felt like an eternity on the phone—over an hour—they exchanged pleasantries while he worked on resolving the supposed extra charge.

Then came the twist: James “accidentally” credited her account multiple times, supposedly refunding her an additional $600. His demeanor shifted from helpful to panicked as he expressed fear of being penalized through a paycheck reduction, or worse, losing his job over this mistake. James insisted there was no way to rectify the transaction. Feeling sympathy for him, Susan thought there must be a way to fix this situation. James insisted there was nothing he could do about the overage but suggested that she could help him by purchasing gift cards to cover his losses.

Caught in a web of emotional manipulation, Susan found herself at Walmart buying $600 worth of gift cards for someone she believed was in distress.

The Aftermath

It wasn’t until after their conversation ended that reality hit Susan. She realized she had been scammed from start to finish. In hindsight, everything seemed obvious—the friendly conversation, the urgency, and the emotional appeal were all part of a carefully crafted deception.

Immediately, Susan unplugged her computer and took it to her trusted tech expert for a thorough scan and reset. She contacted credit agencies to freeze her credit, alerted her bank, and canceled all her credit cards. She even reset all her passwords, ensuring each one was unique. By now, the entire ordeal had consumed most of her day.

Fortunately, aside from the $600 spent on gift cards, there were no unauthorized charges on her credit card. However, many others have not been so lucky; we have a client who lost hundreds of thousands by inadvertently sharing passwords and two-factor authentication codes.

Lessons Learned

Susan's experience serves as a powerful reminder: anyone can fall victim to scams, regardless of their background or expertise. Here are some essential steps you can take to protect yourself:

1. Use Strong, Unique Passwords

Create complex passwords with a mix of upper and lowercase letters, numbers, and special characters. Avoid reusing passwords across multiple platforms—consider using a reputable password manager like Bitwarden or LastPass.

2. Enable Multi-Factor Authentication (MFA)

MFA adds an extra layer of security by requiring a second form of verification—like a text message code—alongside your password.

3. Be Cautious with Emails

Never share personally identifiable information (PII) through email. Always verify the sender’s identity before clicking links or downloading attachments. Be especially wary of unexpected communications that appear legitimate.

4. Keep Software Updated

Ensure your antivirus software is active and up-to-date. Regularly run scans on your devices and keep your operating systems updated.

5. Lock Your Credit

Consider placing a security freeze with major credit reporting agencies (Equifax, Experian, TransUnion) to prevent unauthorized access to your credit report. Here is an article with more details: How To Freeze Credit

Conclusion

Susan's story is both cautionary and informative. It underscores the importance of vigilance in our digital interactions and highlights how easily trust can be exploited. By staying informed and taking proactive measures, we can better protect ourselves against these cunning scams that prey on our emotions and trust. 

If you ever have a question, please feel free to reach out to us before responding to a questionable communication. This is especially true with Docusigns, only click if you are expecting one from us. We will always let you know in an additional communication that we are sending a Docusign.