Getting scammed is easier than you think

A financial columnist fell victim to a group of con artists and ended up giving them her life savings. Can this happen to you?

Charlotte Cowles is not the kind of person to fall for a scam. She’s a financial writer, the financial advice columnist for New York Magazine and has worked for some of the top publications in the US. She lives in Manhattan, is married and has a child.

And yet, as she writes in this story, she found herself one day on a street in New York City giving a stranger in a Mercedes a shoebox filled with $50,000 in cash, nearly all her savings.

How did this educated, financially savvy writer end up believing some con artists who convinced her that she was the victim of identity theft and needed to withdraw her money from the bank and hand it over to someone she never met for safekeeping? It’s a long story.

The article is worth reading but the short version is a compelling story: Cowles was told she was a victim of identity theft. And because of that, she was under investigation for federal crimes. She was then pressured to withdraw cash for living expenses before her bank accounts would be frozen (which of course, they weren’t). The scammers kept her on the phone for hours, claiming they were transferring her from Amazon to the Federal Trade Commission to the CIA.

That cash ended up being put in the shoebox and being handed over to what she realised within a few hours were thieves who disappeared with her money.

How did she fall for this?

It’s not as hard as it sounds. It starts with the fact that anyone who really wants to can find out so much about you and your life. They knew about Cowles’ work, her child, her husband. And then they were able to make her feel like she was in danger unless she let the people on the phone help her. (On the flip side, scammers can also convince someone they are on the verge of getting something wonderful.) The phone calls were spoofed to look like they come from real places – government agencies, Amazon, the FTC.

The main point is cons have moved beyond the easily identifiable phishing emails from a Nigerian prince. They are way more sophisticated and you need to be trained to identify something if it looks suspicious. (Hint: If it seems suspicious, it likely is.)
Check out our cybersecurity training courses here.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”