So, the IRS calls me...

[Robert Maxwell]

I've never gotten a fake IRS call but I've gotten fake ones about credit cards, mortgages, car warranties, etc. I avoid most of them by not answering unfamiliar numbers to begin with.

ETA: Just thought of a fun one from a year or so ago. Apparently, there are people who scrape real estate/rental listings on sites like Craigslist and Zillow, and put up their own versions, impersonating the owner/seller. Usually, they will sell the scam by saying they're out of town and just need you to send them your deposit/downpayment/whatever, and they will send you the keys.

I got to the point of this guy asking me to mail him the deposit, and it was at that point I started googling around just to make sure this was legit. It wasn't. Turns out this same guy had done it with dozens (if not more) properties, scamming people left and right. Many of them gave him their money.

I reported it to the FBI Cybercrime division, and also let the real owner of the house know someone was running a scam based on his property. (He didn't care--he was quite rude to me about it.)

 

[Locutus of Bored]

I've never gotten a fake IRS call but I've gotten fake ones about credit cards, mortgages, car warranties, etc. I avoid most of them by not answering unfamiliar numbers to begin with.

That's what I usually do as well, but unfortunately the two examples I mentioned above came through on my Caller ID as "Private Caller," which is also what my grandma's number comes up as when she calls from her landline. My sister's job is to take care of my grandma because she had Alzheimer's, and if her cellphone's battery is dead she'll use the landline instead, so I have to pick it up.

All of which is a lot of extraneous information to tell you that they come up as "Private Caller" sometimes so it's not always clear.

 

[tharpdevenport]

Actually, it's fallacy that one has to be doing "dodgy" browsing or downloading things to get infected. You can simpyl get infected by a hacked ad service displaying an ad on a site, adversting on a radio stream, or a website that is safe gets hacked and you don't know about until you are there.

All it takes is one time to get somethign nasty that squirrels it's way in. And there are different kinds and you don't know for sure if you are clean until you've had a good search. And there are ones that even after all that an expert will tell you even though it's clean there could be a backdoor or something lurking that can't be found and the only way to be sure is to simply wipe and reinstall.

 

[Squiggy]

About 10 years ago someone with a thick accent and claiming to be from the United States Department of Grants said I won a scholarship or something and needed my checking number.

They wouldn't do it if it didn't work occasionally.

No bank or government agency would ever contact you over the phone.

I just paid off some back taxes using an installment plan (as long as it's under 10k, the IRS is very friendly about everything). Whatever you do over the phone (which you have to call) is confirmed by mail. If they get upset about not paying on time they send you certified mail.

They don't email. If you need to change your PIN for their antiquated electronic payment website they snail mail you a new PIN...even if you call in to change it.

Someone has to keep USPS in business.

 

[sojourner]

Actually, it's fallacy that one has to be doing "dodgy" browsing or downloading things to get infected. You can simpyl get infected by a hacked ad service displaying an ad on a site, adversting on a radio stream, or a website that is safe gets hacked and you don't know about until you are there.

All it takes is one time to get somethign nasty that squirrels it's way in. And there are different kinds and you don't know for sure if you are clean until you've had a good search. And there are ones that even after all that an expert will tell you even though it's clean there could be a backdoor or something lurking that can't be found and the only way to be sure is to simply wipe and reinstall.

Sigh, yeah. You can obviously get something from pretty much anywhere on the net at some point. But reasonable precautions can avoid the majority of it. If, on the other hand, you are routinely having to use 4 or 5 (!) cleaners/AV software, you need to think about taking better precautions and looking at your browsing history.

My background is in IT. I've been there.

Back to to the topic:

One of my favoirte phishing emails I recieved was a very official looking email from the FBI stating I had an unclaimed international shipment waiting in customs. I just needed to provide some "Basic information" to get the package released for delivery. It all looked fairly well done, with proper grammar and lots of official sounding terms. Then you get to the name at the bottom of the email: Agent Fox Mulder. I shit you not.

 

[Amaris]

Not by telephone, but a couple of years ago my computer got infected with the FBI Cybercrime scam virus.

I've helped so many family members with that one. It's a pain in the ass, too.

I once had the Dutch version of that one...
Just restored to a previous Windows backup and it was gone...

Sure, if you don't have family members who tried to "fix it" on their own.

"What did you do, Uncle?"
"I couldn't get anything to work, so I started hitting delete."

 

[B.J.]

Sometimes even genuine callers from my bank have had the most bizarre reactions to my scepticism (despite what it says on their own literature about being careful). My bank rang me out of the blue recently on, it turned out, legitimate business, but started by asking me to confirm my address and date of birth for identity purposes. Hang on! You phoned me, you tell me what my bloody address is. I know my identity, it's yours I'm concerned about

That does bring up a good point. How does one go about verifying who called you? I'm sure in some cases you can look up a phone number on a website and call them back with an extension or something, but that's not always an option, or it won't be within the same exchange. Any ideas?

 

[Sector 7]

One of the most unusual scams may be a good one.

Child porn scam.

I discovered this when a house guest showed me his phone and asked for help. The virus locked his phone and demanded a "fine" be paid (through said virus) as a federal penalty to avoid criminal charges. I checked it out online, told him it was a scam & not to pay. His phone was useless for about 60 days!

Needless to say, he has never been allowed to visit again! He kept swearing, "those girls were all legal", but to no avail. I terminated our acquaintance.

 

[Mr. Laser Beam]

Sometimes even genuine callers from my bank have had the most bizarre reactions to my scepticism (despite what it says on their own literature about being careful). My bank rang me out of the blue recently on, it turned out, legitimate business, but started by asking me to confirm my address and date of birth for identity purposes. Hang on! You phoned me, you tell me what my bloody address is. I know my identity, it's yours I'm concerned about

That does bring up a good point. How does one go about verifying who called you? I'm sure in some cases you can look up a phone number on a website and call them back with an extension or something, but that's not always an option, or it won't be within the same exchange. Any ideas?

Caller ID can be faked so easily that I'm not sure it's even reliable anymore.

 

[Velocity]

My sister was fooled by a call from "her phone company" that offered her a discount for the next month's bill if she would take a survey. Her phone was blocked the next day and when she called about it (from another phone) they said her number was being billed for phone calls to Cuba, so the company froze her account until they could check with her. Good thing they did and she ended up not having to pay the $400.

 

[Squiggy]

Sometimes even genuine callers from my bank have had the most bizarre reactions to my scepticism (despite what it says on their own literature about being careful). My bank rang me out of the blue recently on, it turned out, legitimate business, but started by asking me to confirm my address and date of birth for identity purposes. Hang on! You phoned me, you tell me what my bloody address is. I know my identity, it's yours I'm concerned about

That does bring up a good point. How does one go about verifying who called you? I'm sure in some cases you can look up a phone number on a website and call them back with an extension or something, but that's not always an option, or it won't be within the same exchange. Any ideas?

Caller ID can be faked so easily that I'm not sure it's even reliable anymore.

I've had people call me as myself before. Don't quite know who they think they're going to fool but there you have it.

 

[CorporalCaptain]

Sometimes even genuine callers from my bank have had the most bizarre reactions to my scepticism (despite what it says on their own literature about being careful). My bank rang me out of the blue recently on, it turned out, legitimate business, but started by asking me to confirm my address and date of birth for identity purposes. Hang on! You phoned me, you tell me what my bloody address is. I know my identity, it's yours I'm concerned about

That does bring up a good point. How does one go about verifying who called you? I'm sure in some cases you can look up a phone number on a website and call them back with an extension or something, but that's not always an option, or it won't be within the same exchange. Any ideas?

I think the takeaway point here is that there is never a compelling reason to engage in business with an uninvited caller, especially for the purpose of initiating new business. At least, I've never known any reason, at least not one that I can think of right now. I can reach all my utilities, doctors, financial institutions, etc. myself. Notifications from them to me that require my attention arrive via snail mail, or in some cases via their website that I securely log into myself. In the case of replying to snail mail, that will either go back through snail mail or via a phone call, and in either case it's a reply that I initiate. The only danger there, and thankfully it's unlikely, is sending something to the wrong address or dialing the wrong phone number; in the case of a web login there is also a theoretical danger in going to the wrong URL. But at least in all of those cases, I am in control of the address that I mail things to/phone number I dial/URL I visit. Anyway, that's how I deal with it.

 

[Sector 7]

Sometimes even genuine callers from my bank have had the most bizarre reactions to my scepticism (despite what it says on their own literature about being careful). My bank rang me out of the blue recently on, it turned out, legitimate business, but started by asking me to confirm my address and date of birth for identity purposes. Hang on! You phoned me, you tell me what my bloody address is. I know my identity, it's yours I'm concerned about

That does bring up a good point. How does one go about verifying who called you? I'm sure in some cases you can look up a phone number on a website and call them back with an extension or something, but that's not always an option, or it won't be within the same exchange. Any ideas?

I think the takeaway point here is that there is never a compelling reason to engage in business with an uninvited caller, especially for the purpose of initiating new business. At least, I've never known any reason, at least not one that I can think of right now. I can reach all my utilities, doctors, financial institutions, etc. myself. Notifications from them to me that require my attention arrive via snail mail, or in some cases via their website that I securely log into myself. In the case of replying to snail mail, that will either go back through snail mail or via a phone call, and in either case it's a reply that I initiate. The only danger there, and thankfully it's unlikely, is sending something to the wrong address or dialing the wrong phone number; in the case of a web login there is also a theoretical danger in going to the wrong URL. But at least in all of those cases, I am in control of the address that I mail things to/phone number I dial/URL I visit. Anyway, that's how I deal with it.

Whenever I receive an e-mail from a place with whom I do business, I never click on a link in the e-mail. Instead, I log in to my account directly. Once, I discovered the e-mail was a phony attempt to get my information. Once is all it takes.

 

[CorporalCaptain]

email is good for scheduling appointments.

 

[cultcross]

Sometimes even genuine callers from my bank have had the most bizarre reactions to my scepticism (despite what it says on their own literature about being careful). My bank rang me out of the blue recently on, it turned out, legitimate business, but started by asking me to confirm my address and date of birth for identity purposes. Hang on! You phoned me, you tell me what my bloody address is. I know my identity, it's yours I'm concerned about

That does bring up a good point. How does one go about verifying who called you? I'm sure in some cases you can look up a phone number on a website and call them back with an extension or something, but that's not always an option, or it won't be within the same exchange. Any ideas?

There's probably no totally foolproof way, so I wouldn't hand over anything too damning even if I thought the person was legit, but there are ways you can satisfy yourself to a certain degree that they're probably on the level. One of my favourites for banks/utilities is to ask them how much my balance is with them. Granted, I probably don't know the precise right answer off the top of my head but I'll know the ballpark figure I'm expecting. Another good one for banks or credit cards is asking who the last transaction was with. If they won't give that out (some will, some won't because understanding of data protection rules is scant at best), I'll just ask them to write to me with whatever they want to discuss.

 

[Leviathan]

Looking up the number on-line also turns up others reporting this number trying to pull the same, or similar, scams.

...so, help me understand this. You have their phone number but have NOT posted it up on a personals ad as a "Free Phone Sex Confessional hotline - nothing too strange for me".