1st occurrence - years ago, my company had a business account at a Minnesota bank. I was issued a debit card on that account. The debit card was bilked for $850 by an “unknown” party. I informed the bank. They complained that I had a personal debit card on a corporate business account - which was not allowed (heck I never even asked for it) - if it were a business card I would be covered, but with a personal card I was not. They canceled the card, never to be replaced. Needless to say I communicated my displeasure, but at the end of the day there was nothing I could do.
2nd occurrence - in the past 12 months, I get the classic text message, “Steve, as you know it’s my brother’s birthday and I always send him a $500 gift card. I am in the hospital unable to communicate or take care of this, and I was wondering if you could do it for me - here is his number : 212-xxx-xxxx.” Now I DID know it was his birthday and I DID know she always gave him a $500 gift card (pretty nice sister), and I DID know she was in hospital for a few days. I also knew that he lived in NY so the 212 area code was a nice touch. But I also am very familiar with gift card scams, so I just wrote it off. I was thinking I should just call him, wish him a happy birthday myself and ask him a personal question about his sister to which only he would know the answer. In any event I was just about to board a flight and it would no longer be his birthday when I landed. Then literally 5 mins later I get another text from one of our mutual friends, who lives on the other side of the country - “Steve, is there any way you can help, <name withheld> needs someone to send the birthday gift card to <name withheld>. I told her I could not do it but suggested she might ask you instead.”. Okay this was now getting interesting, The texts came from 2 separate women. I knew both of their Verizon accounts were set up with 2FA (heck I set it up for them!). What’s the chance of both of their accounts being hacked at the same time? (extremely high as any cyber-security expert knows). Both of these women were trusted personal friends - it wasn’t some inside job - they were in fact hacked. Verizon was hacked. Etc. I have some last minute urgent business distracting me, with which I am on the phone with my PA - at the end of that call, I instruct my PA “oh also, send a $500 gift card to <name withheld> at 212-xxx-xxxx from <name withheld>”. I figured she would do it through our Amex facility, which has recourse for such fraud. She just bought one off a website. Now everything that happened I knew better. But it happened anyway. It was one of those perfect storm situations where I just wanted things taken care of and I wasn’t being diligent. I’m not proud of it, quite embarrassed in fact. The ex-husbands of both of those women are cyber-security clients of mine. Part of me even thought it was one or both of them. In the end, THEY were the only ones to whom I reported the scam (oh and whoever is reading this) as I felt a professional obligation. Any cyber-security expert will tell you that it is this social engineering and grooming that is the key to many of these scams. Scammers are even more surreptitious now, using AI-generated voices to leave messages sounding just like the known confidant. Be very wary and just always …. say no!
2nd occurrence - in the past 12 months, I get the classic text message, “Steve, as you know it’s my brother’s birthday and I always send him a $500 gift card. I am in the hospital unable to communicate or take care of this, and I was wondering if you could do it for me - here is his number : 212-xxx-xxxx.” Now I DID know it was his birthday and I DID know she always gave him a $500 gift card (pretty nice sister), and I DID know she was in hospital for a few days. I also knew that he lived in NY so the 212 area code was a nice touch. But I also am very familiar with gift card scams, so I just wrote it off. I was thinking I should just call him, wish him a happy birthday myself and ask him a personal question about his sister to which only he would know the answer. In any event I was just about to board a flight and it would no longer be his birthday when I landed. Then literally 5 mins later I get another text from one of our mutual friends, who lives on the other side of the country - “Steve, is there any way you can help, <name withheld> needs someone to send the birthday gift card to <name withheld>. I told her I could not do it but suggested she might ask you instead.”. Okay this was now getting interesting, The texts came from 2 separate women. I knew both of their Verizon accounts were set up with 2FA (heck I set it up for them!). What’s the chance of both of their accounts being hacked at the same time? (extremely high as any cyber-security expert knows). Both of these women were trusted personal friends - it wasn’t some inside job - they were in fact hacked. Verizon was hacked. Etc. I have some last minute urgent business distracting me, with which I am on the phone with my PA - at the end of that call, I instruct my PA “oh also, send a $500 gift card to <name withheld> at 212-xxx-xxxx from <name withheld>”. I figured she would do it through our Amex facility, which has recourse for such fraud. She just bought one off a website. Now everything that happened I knew better. But it happened anyway. It was one of those perfect storm situations where I just wanted things taken care of and I wasn’t being diligent. I’m not proud of it, quite embarrassed in fact. The ex-husbands of both of those women are cyber-security clients of mine. Part of me even thought it was one or both of them. In the end, THEY were the only ones to whom I reported the scam (oh and whoever is reading this) as I felt a professional obligation. Any cyber-security expert will tell you that it is this social engineering and grooming that is the key to many of these scams. Scammers are even more surreptitious now, using AI-generated voices to leave messages sounding just like the known confidant. Be very wary and just always …. say no!