by Dave Moore, CISSP
02/18/2024
It’s called “social engineering;” it’s a form of psychological warfare con artists and Internet bad guys use to trick and manipulate people into giving up something of value under the pretense that it’s for a good reason, or a good cause. The things folks are “social engineered” into giving up are usually sensitive, private information, and cold, hard cash.
I once got a phone call from a worried customer (Alice) who asked if I could come to her house. I have worked for Alice and her husband Bob many times in the past, so I said, “of course, let’s look at the calendar and make an appointment.”
“No,” she said, “I’m wondering if you could come right now. Immediately. I think Bob is about to get in trouble.” “I’ll be right there,” I said, and drove the 10 blocks between their house and mine. When I arrived, a panic-stricken Alice was at the door and motioned to me. “Follow me; hurry,” she said. We hustled down the hallway to Bob’s office.
Keep in mind that Bob is a brilliant man. On the walls of his office hang numerous PhD diplomas, Presidential (as in, of the United States) commendations, awards and other testaments to Bob’s status as a true rocket scientist. Alice was right, though: her genius husband was about to get into serious trouble.
There Bob was, sitting in front of his computer and talking on the phone. On his computer’s screen was an official-looking banner, complete with a Microsoft logo that said, “Windows Defender Security Center. Access to this PC has been blocked for security reasons. Contact Windows Support” and listed a phone number to reach the “Security Helpline.”
Anyone who’s taken my class “Fight the Internet Bad Guys & Win” at our local library knows what Bob was looking at on his computer screen: a scam. A hoax. A social engineering con artist come-on trying to lure him into giving them something of value. In this case, it was Bob’s credit card number.
Yes, when I walked in the room, Bob had a credit card in his hand and was halfway through giving someone on his landline phone the card number. I looked at his computer screen. I looked at Bob. Bob looked at me and, before Bob could finish blurting out his credit card number, I reached over and hung up the phone.
Bob was not happy. The tension in the room was thick. “What are you doing,” Bob yelled out. “I was fixing my computer! Why did you stop me?” To put it mildly, Bob was hopping mad.
After the three of us had a good discussion, Bob understood what had happened, and how close he had come to getting into serious financial trouble. Bob and Alice were very grateful. It was a happy ending.
Dave Moore, CISSP, has been fixing computers in Oklahoma since 1984. Founder of the non-profit Internet Safety Group Ltd, he also teaches Internet safety community training workshops. He can be reached at 405-919-9901 or www.internetsafetygroup.org