I’ll Kill Your Mom If You Don’t Pay Me Now! — Warning: This story contains adult language and may be uncomfortable to read. Last week we heard a horrific story from a young woman, whom we’ll call Beth to protect her identity. She was targeted by a brutal phone scam that we’ve heard about, but never firsthand from a victim. Beth is a teacher in a New England school. She tells us that her mother never calls her during her school day because Beth is so busy and almost always with students. But on January 10 at about 2:00 pm, her phone rang and when she glanced at the screen, the contact showed it as “mom.” At that moment, her students happened to be out and she was free. She decided to answer the phone. That’s the moment her world collapsed. Beth told us that she immediately heard the sound of a woman crying and saying “help me, help me.” And it sounded like her mother. Immediately after, she hears a man say “get in the other room” and then to Beth he says “I’m going to kill your fucking mom!” The next 3 minutes were brutal as this man threatened to kill Beth’s mother UNLESS she immediately sent him money!
The man told Beth that he had just gotten out of jail and her mom had tried to help him. But Beth told us that there’s no way her mother would have picked up a hitchhiker, and this confused her. The man continued to scream at Beth that he was going to kill her mother unless she did what he asked. During those opening seconds, Beth continued to hear someone crying in the background. The man screamed at Beth more than once “are you going to fucking help me or not! I will fucking KILL YOUR MOTHER!” Beth told us that she was scared to death and frozen, not knowing what to say or do. The man continued screaming at her “Give me your Venmo! Give me your Paypal or I swear to God, I’m going to kill your mom!”
We asked Beth if she had any doubts in those opening seconds that this wasn’t real. She said that after the initial “slap” in the face, she actually wondered if this were a scam, but then thought what if it isn’t? The woman’s voice in the background did sound like her mom, or so she thought. And it was her mother’s phone number! Compounding this frightening call was the fact that Beth has poor phone service at her school and that fact was also making the man at the other end really angry! But after about 3 minutes of this insanity, Beth had the strength and courage to demand “put my mom on the phone!” And then the man hung up or the connection dropped. Beth recalls that this man repeatedly said “I will fucking KILL THIS LADY! Do you want to help me or not?” And so when the call suddenly ended, she was shocked. Did this man just kill her mother?
TDS NOTE: There are phone apps that enable anyone to “spoof” a phone number so that a call appears as though it is coming from any phone number entered into the app’s field. Also, sadly, it is remarkably easy to use online data mining websites to learn the phone numbers of family members, including their cell phones.
Beth was so scared and upset. She immediately ran out of her classroom and down the hall to the Vice Principal’s office, who was also a good friend. As she ran in, CLEARLY UPSET, she asked a student to leave and closed the door. She quickly gave her friend, the Vice Principal, a summary of what happened. Immediately, he told her to try calling both her dad AND mom at work! She quickly called her mother and practically held her breadth as the phone rang. After two rings she heard “Hi honey, what’s up?” calmly said by her mom. In that instant, Beth realized that the three minutes of hell she had just suffered was a scam. She told her mother all that had just happened and her mom cried. She felt so badly that some bastard would target her daughter with such a vile trick. Next, her mother called the police! After getting off the phone, Beth also spoke directly to one of the police officers who was at her school about her experience. As soon as school got out, she drove to her mom’s business because she needed to see her mom and hug her! Even the idea that this was real had left a deep bruise in Beth.
Reflecting back on what happened to her, Beth told us that she suspects her call with the scammer was being recorded. She says this because he kept screaming questions at her that required a simple “yes” response. For example, he said “Are you going to help me? Say YES! Say YES!” She doesn’t think she gave that response, and would often respond with a question for him. This is, perhaps, also one reason why he hung up so quickly once Beth demanded to speak to her mother.
TDS NOTE: The “say yes” scam was widely used in 2017. This scam is explained well in this article at Triadanet.com (Triada Networks)
We heard from Beth less than 2 hours after she received this frightening phone call. During our conversation, we asked Beth to describe the man’s voice as best she could. She told us that he didn’t have any kind of foreign accent and was American. But, she said, he sounded as though he was African American. When we asked why she thought so, she said “He sounded like other Black men I know.” We recommended that Beth also contact the FBI because it is highly likely that this scam was perpetrated by someone outside of state, and believe it or not, someone who is already incarcerated. This scam is known as the “virtual kidnapping scam” and has been active since at least 1997, according to this 2017 article on the FBI’s website and titled Virtual Kidnapping – A New Twist on a Frightening Scam. It turns out that this particular scam targets parents much more frequently about a fake kidnapped child, than the reverse. This scam typically involves several key factors:
- The caller immediately goes for a “gut punch” trying to trigger a strong emotional response from the victim. This can be disorienting, interfering with the victim’s ability to think logically or critically about the circumstances.
- The caller makes a great effort to keep the victim on the phone, preventing them from calling the loved one or reaching out for help from anyone else. Some years ago, we heard how this circumstance led a mother who thought her teenage daughter was kidnapped, to drive to her bank to set up a wire transfer. Completely coincidentally, when she arrived at the bank, she walked in to find her husband and daughter calmly in line together!
- The caller will extort money that requires a digital transfer of funds that can rarely be traced or reversed.
How should you respond to this perceived threat?
According to the FBI’s own article, the best course of action is to immediately hang up and call your family member. HOWEVER, we have also heard of instances in which partners to this scam have also called the supposed kidnapped victim on the phone and are pushing another scam to keep them engaged. For example, the “kidnapped” person might be told that they have won a random gift drawing if they answer a few survey questions from the caller. The goal is to prevent them from answering/responding to a call from the family member who thinks they’ve been kidnapped.
If you choose to engage the scammer, do NOT give out the name of the person who is supposedly kidnapped. Demand to speak to him or her! And don’t be fooled if the “kidnapper” presents information designed to make you believe that he has your family member in custody! We know of another example when one woman, who was told her daughter was kidnapped, was also told by the scammer that he was holding the bright red socks she had just been given for her recent birthday! THIS INFORMATION scared her beyond measure! But it wasn’t true! It turns out that the daughter’s Facebook account had been compromised by this team of scammers and they had seen the daughter’s post about the red socks! (They also had the daughter on the phone with another scammer.)
There is a web page with the Federal Trade Commission on which Americans can report scams perpetrated over the phone, such as the virtual kidnapping scam. It is: https://reportfraud.ftc.gov/#/ Sadly, if you Google virtual kidnapping scam you’ll find a lot of information posted about this scam. But what all of these articles and information cannot possibly make clear enough is how emotionally brutal this attack can be! The low-life leeches who perpetrate this scam are horrible people without an empathetic bone in their wretched bodies. If you are ever the victim of this type of fraud, write down as many details as possible about it! Anything about the scammer’s voice, phrasing, accent, time of day, or information about the background noises, etc. And then call both the police AND the FBI!
Another article about this scam:
Hot Scams of the Week! – American Express, Amazon, Netflix, Costco, and Walmart. Can you spot all the scams? Protect yourself with this FREE, all-in-one tool
Lame, Lame, Lame! – OK, it may be 12 days late but is it too late to wish someone a happy new year? We don’t think so. We were happy to hear this opening message from Mr. Kabo Uago which included a big surprise. Mr. Uago was going to give us $13.5 Million dollars that he had just inherited. Our message?…. My God, Man! If you’re going to run an advance-fee scam like this, you’ve got to put more back-bone into it! Give us a story! Make us cry! Make us laugh! Otherwise, we can only award you for The Most LAME Advance-Fee Scam for your effort!
At the start of this year, we wrote about “dark patterns” from legitimate companies used to manipulate consumers in scammy ways. Another example, in our opinion, recently arrived into one of our reader’s mailbox through the U.S. Postal service. It was a “SPECIAL LOW-RATE OFFER” from Athleta and Barclays Bank for 0% interest on all new purchases made with your Rewards Mastercard. But the devil is in the details! Talk about a dark pattern? Check out the “fine print” that appears at the bottom of this wonderful offer (said dripping with sarcasm)…
To recap this “special cardmember offer” it says…
- Your 0% interest rate will jump to nearly 30% when the offer ends!
- You won’t find out WHEN the offer ends UNTIL you sign up for this offer and receive notification 24 hours later! Gee…will it end a month later? A week later? The next day?
- Any balance remaining on your card once the offer ends will then be subject to the nearly 30% interest rate!
With this wonderful special offer, doesn’t it make you want to “book a vacation” or use it for “another large purchase?” This is what they suggested to consumers on the top inside cover in LARGE print. No thanks, we’ll pass!
Doug at The Daily Scam has been teaching Internet Literacy for over twenty years, including how to create sets of STRONG passwords that are easy to remember. His young students are EXCELLENT at creating strong passwords! In fact, their skills are FAR better than some of the adults working for the United States Interior Department, according to this article on Fedscoop. About 5% of the folks who work there use the word password as their password! Now that’s lame!
OK, continuing our focus on lame scammers, we have this lovely email sent from Barrister Mark Smith of “SMITH & ASSOCIATES.” He’s reached out to one of readers because that person has the same last name as one of his clients who died and left lots of money behind. But Barrister Smith NEVER says what that last name is!
To close out this lame theme, check out this nasty extortion scam that arrived in our inbox. Apparently, we’ve got malware on one of our computers and it was used to capture our “UNCENSORED HOT NEWS.” Oh, dear! The extortionist wants us to pay him $1000 in Bitcoin to prevent him from sharing all of this hot news with our friends, relatives and colleagues from work. But he left out a few minor details, such as…
- What’s our name? There’s nothing in this email to identify us besides our publicly-available email address!
- What specific photos of us did he capture? SHOW US an example of a photo of us!
He explains that this extortion is nothing personal, he’s just doing his job. Nice job, buddy. At least he recommends that we have good anti-virus software on our computer. We agree and we do.
Digging Deeper into a PayPal Scam, plus Geek Squad and Norton – We’ve seen a big increase in the new variation of the Paypal phishing scam. Imagine receiving a legitimate email from Paypal.com informing you that someone has requested payment. If you actually have a Paypal account this can seem confusing, as it is intended to! That’s what happened to one of our readers. Her email below contained a “note” from the scammer but it was written as though the note was from Paypal itself. And when she logged into her Paypal account (see 2nd screenshot below) to investigate further, the same note was found… “Unusual activities detected in your account…” She was asked to call the scammer at 888-973-8447. Fortunately, she’s much smarter than that! Also notice the great advice that Paypal offers in the email they send to people when a payment is requested…
We absolutely love it when scammers make mistakes, and they often do! Check out this automatic renewal notice from “Geek Sqard.” They tell us that they’ve renewed our subscription, at our request mind you, and “hope you are with us.” We don’t make this stuff up, people. At least they aren’t charging us for shipping!
Apparently, attached PDF files are popular now amongst scammers! Like the Geek Squad invoice above, here are Norton invoices, each with its own attached PDF file. We believe that a “reveal” indicating that these scams are from foreign cybercriminals is the fact that they feel it necessary to use “+1” in front of the 888 phone number.
In this second Norton phishing email, the attached PDF file was created using software from a company called Amyuni. It is based in Canada and Portugal. (We peaked under the hood of this PDF file to discover that.) It’s also important to point out that this last phishing scam came from a legitimate service at Intuit.com. Don’t believe junk like this JUST BECAUSE it may come from a legitimate service!
Medicare Advantage Plan, BankUSANet[.]com, and Kredyt! – The elderly are FREQUENTLY targeted by cybercriminals, showing us all how wonderfully empathetic these scum are. One way they target the elderly in the US is to send out clickbait disguised as information about Medicare. Check out this example with a link to “upgrade your 2023 Medicare Advantage Plan.” The link points to the legitimate Amazon’s AWS service but is 100% malicious!
Check out this lovely text we received from BankUSANet[.]com. In our experience, if the domain name has USA or US in it, it often means it was registered/created by criminals in other countries! The domain BankUSANet[.]com was registered in Iceland last August. Big surprise, right? Not only has this domain been found to be malicious, but it has a redirect on it that will also send you to another domain called YouGetGreen[.]com created just 5 days before we received this text! Gee….do you think this other new domain is also malicious? (Can you say “rhetorical question?”)
The word “kredyt” is Polish for loan. Which is odd if you consider that Mr. Paul McCann tells us that he represents a company called “Capital Funding One Limited” in the UK! At least it is consistent with his offer to loan us “PLN,” the zloty currency in Poland (Source: Wikipedia) However, Mr. McCann doesn’t bother using an email address from any REAL domain for Capital Funding One Limited. He uses a free email service at financier.com.
Deactivation Notice, Renewal of Services and Removal Approved! –Lots of people, organizations, bloggers and businesses own/operate their own websites nowadays. We wonder how many of them get malicious clickbait like the emails below that came to us. It’s a malicious trifecta! We’ve received SO MANY variations of this first email that we’ve lost count! It’s got to be more than 70-80 in the last two years. This one appears to have come from a legitimate mortgage company in Florida. We’re told that one of our email accounts recently made a request to be deactivated! Let the fun begin! The link in this email was found to be VERY MALICIOUS!
In addition to lots of malicious clickbait similar in design to the email above, we are also sent oddball emails like this one pretending to be from our hosting service. The design is to trick us into believing that our services are about to end, unless we click to renew. But this email came from an oddball domain called eigbox[.]net and the link points to akashgowdaracing[.]com. Apparently, Akash Gowda is a professional Indian race car driver and also the NEW hosting service for The Daily Scam? According to this database, Mr. Gowda’s career peaked in 2016 and has gone downhill ever since then. Maybe that explains why he wants to host our website? No thanks, we’re OK right where we are now.
And last, but not least malicious, is this delightful email claiming that one of our accounts will be removed from the server on which it resides. They claim this is happening “due to ignorance” and that it will take anywhere from 48 to 240 hours to happen! Seriously? We LOVE that description! That last part translates to 2 to 10 days. Hmmmmmm…..We think our clock JUST RAN OUT! Oh well, we’ve got LOTS of other email accounts to play with!
If you receive emails like this trifecta and aren’t sure if they are legitimate or not, send them to us to evaluate! firstname.lastname@example.org
5-Star Scoring and Join the Bitcoin Discussion Group –You KNOW a product is worth it when the manufacturer sends a text message saying “We appreciate ur 5-star scoring!” Last time we checked, “U” was spelled YOU and “I nch” was spelled “inch.” No matter, they want to give us something that’s 82 inches long in appreciation for our score! Hmmmm….. 82 inches of maliciousness? We’ll pass.
Are YOU interested in Bitcoin but not sure how to trade it? Why not join this Whatsapp group set up by an unsolicited, anonymous person claiming to teach you how to make between $1000 – $5000? She/He sounds like an expert on the topic to us, using a credible method to advertise their group. We can’t wait!
Until next week, surf safely!
Copyright © 2022 The Daily Scam and Scamadviser. All rights reserved. You are receiving this email because you
have subscribed to it via Scamadviser.com or thedailyscam.com
Keurenplein 41, UNIT A6311 | 1069CD Amsterdam, The Netherlands