Who's to Blame when Scamming is So Easy?I am really getting tired of trying to protect the senior PC users around me. At club meetings I extol the virtues of being alert and looking out for scams, but to what effect? I write a newsletter for my clients and friends which, in nearly every issue, features a horror story about malware infections or other scams and prescriptions about how to avoid having the same problem, but to what effect? Should I stand on the corner and scream? This week a very nice, but innocent, lady PC-user disclosed to the club in the open session that a foreign-sounding man called her on the telephone during the week to report that he was from Microsoft and they were getting error messages from her computer. She needed to fix the problem immediately.

We can guess what your response would be to this call. You would probably hang up or give the caller an earful. You might try to get some information to report to the authorities. She did none of those things. Being nice, but innocent, she followed his instructions and went to her computer where she entered the commands as he said to do, and eventually he reported that she had serious problems and it would cost $99 to fix them. In the meanwhile, she confirmed that nothing worked now that he had completed his analysis. He told her that he could fix everything remotely, and all she needed to do was to give him her credit card information, which she did. She gave him credit card information!

By the time she came to the club meeting, she had realized that she was the victim of a scam, but, and this truly astounds me, she asked us what she should do now. This implies that she did not take immediate action to stop further losses. The room rang with encouragements to immediately call her credit card company and then to report the scam to the authorities. After that initial outburst following her disclosure, a heated discussion ensued as other club members argued about of exactly who to report the scam to. I did not participate in any of this because I was too busy shaking my head in disbelief. When scamming people is so easy, can we really blame the bad guys for taking advantage? I cannot imagine making my career as a leech scamming off the innocent, trusting, population, but I am not everyone. Obviously a subset of humanity seems to be doing okay living off ill-gotten gains. Do they sleep easily?

Someone in the meeting quoted me as saying that neither Microsoft nor your bank calls you and asks for personal information. I have said things like that, but to what effect?

For comic relief, a friend of mine who prefers Linux for almost everything reported that his wife also received such a scam call during the same week. She turned the phone over to him, and he listened politely to the scammer’s pitch. He even asked some questions to play along. Then they got to the place where he was supposed to enter something in his machine, and he said that he could not open Windows because he used Linux. He did not have a Windows computer. This apparently did not stop the caller immediately. He tried again to get my friend to boot Windows. “I don’t have any Windows computers,” he said, “I only use Linux.” This finally got through, and surprisingly, the caller was polite, wished him a nice day, and hung up. The caller never did explain how Microsoft was receiving error messages from that household when there was no Windows machine in it. Maybe its error-detecting system needs some work.

At this juncture, someone pointed out that we now had the scam caller’s telephone number and could call back and generally play games with them. Again, I did not participate, but cooler heads suggested several reasons why that would not work.

Once again we learn that the first line of defense is you — not anti-virus software, and not the authorities. You have to be responsible for your own safety. It does not take rocket science to decide if a stranger asking for personal information is probably a scammer.

Scams seem to work best on one of two principles: (1) go for the naïve, innocent victims (as this woman happened to be), or (2) play off the greed and false sense of superiority that a potential victim has. The second scam works by presenting a scenario where the victim can score on some money by doing something quasi-legal that looks reasonably safe.

Actually I might have to terminate this piece prematurely; my email just notified me that a rewards account in someone’s name which is similar to mine has been updated with a $20 savings! The site does not look familiar, but maybe I can score on that $20 which seems to be floating around freely. I will be right back after I check th…