She Played a Scammer Like a Skilled Musician! — To protect her real identity, we will call her Rita. Rita first contacted us on June 18 to share her story. Rita is clearly not a scam-baiter, by hobby or profession. She’s a 63-year old mom, a wife and a good-hearted person. She’s also an amateur detective as a researcher for her work. We would also say that Rita is savvy, brave and she made a split-second decision to do whatever she could to waste a scammer’s time. The more time she kept this blood-sucking leech on the phone, the less time he had that day to target other people. Rita later learned that this scam targeted people across western Montana, and possibly other areas of the northern Rockies as well. She told us her story so well, that we asked for her permission to share it with you in her own words. It begins shortly after she and her husband arrived at a vacation cabin in Montana…
“I’ve never fully engaged myself in a scam call like this before but all the right ingredients were there for me to safely follow along and I was able to waste about a half hour of their time. My husband and I have a vacation cabin in Montana. We had just settled in after a long cross country drive. We have a land line here [in Montana] because there is limited cell service and you have to have it here to get internet, even if you don’t use the land line.
I got a call yesterday from a guy claiming to represent “PCH” — Publishers Clearinghouse. He told me I’d won $8,500,000! I decided to have fun with him and see where, and how far, this scam would go. He wanted me to drive to Wisdom, Montana to collect my check after I told him I was in the middle of the forest and had no physical, or mailing, address (that was mostly true). He knew my full name and that I was in the town of [REDACTED]. It’s easy to find out that information since my number is published in the local White Pages. I tried to trip him up by asking him what the closest town was to Wisdom. He let Google Maps do the work and was able to correctly answer “Jackson.” But then I told him that my husband was gone all day and I had no way to get to Wisdom. From that point, he began giving me information that I’d need in order to be presented with the check…
His name, he said was “Dave Miller” but he sounded Croatian to me.
His Employee number: DM00181
My Customer Code number: 6974265880025PCH
He gave his phone number as: 828-558-8329
Mr. Miller went on to tell me I’d also won a 2022 Ford Explorer! When he asked which I preferred, given a choice between White and Cherry Red, I told him that – of course – I’d take the red! He wanted to know if I wanted to make the presentation of the check public or if I wanted to keep the prying eyes of my friends and family out of it in order to avoid being exploited by unscrupulous characters? [Ironic, right?] By this time, I was trying hard not to laugh out loud. I told him, “Oh, I want to do this in a very public place of my choosing in Dillon, Montana, like a supermarket. I was about to tell him, “In order to stick it to all the Son’s a Bitches that swore I’d never succeed” but then I figured my game would certainly be up then. After all, he hadn’t found out anything about me he didn’t all ready know. He told me I’d need to bring my ID and Customer Code with me to the presentation.
And then finally, he let out the hook. In order for me to receive the check, I would have to give them a cashier’s check for $5,000 “to cover the taxes.” I immediately told him “That won’t be a problem.” I did allude to the fact that I was a long way from a bank and that I’d have to work on that. He then turned to a couple of quasi benign questions about me… How long have I been married? “Oh, about twenty years.” Then “What three things will I do with the money once it’s in my bank account?” “Well first, I’m going to Disneyland!” I said. “Next I’m going to… Oh yeah, that’s right! I’ve just won a brand new Ford Explorer! I was going to say buy a new car but now I don’t have to! I’m so excited, I can’t think of a third thing!” Later on, I’d wished I’d thought to tell him that for the third thing, I was going to pay off all my Mother’s medical bills from her cancer treatments (my mother passed away many years ago so that would have been a lie.)
It was about then that he changed the terms and told me that they have some paperwork for me to sign and that they will accept a personal check. I then told him I’d have to make sure that I have enough in the account I would be using to write the check from since that was different from how I would get a cashier’s check. I then asked him what address I should send the check to. (I don’t know this for sure, but isn’t it true that once the Postal Service is involved, mail fraud is also part of this crime?) He stepped back and asked me to find out if I would be able to fund a personal check and then call him back at the number provided. I told him, “Okay!” Meanwhile, my husband (who was not really gone all day) came in and was furious when I told him about my “little adventure” with this scammer. His annoyance was only compounded when the phone started ringing again and “Publisher’s Clearinghouse” caller ID came up over and over. If my husband hadn’t been there, my plan was to answer in a panic telling “Mr. Miller” that I’d lost my purse and subsequently, my ID and checkbook. Then perhaps I could coerce that address out of him!
From what is obviously a cell phone (probably a burner) with a caller ID of 828-558-8329 (Waynesville, NC), they made their original contact with me on my land line. It turns out that while I was playing “Dave,” his team was busy data mining my cell phone number. Suddenly calls started coming in there too! I got a text message from Mr. Miller, which my upset husband erased, and a voice message which he didn’t know about. (Below is that voice message!). By this point, my husband was really angry. He then answered both phones, one after the other. On the land line, he sorta invited “Dave” to go have sex with himself but in more colorful terms. And then, on my cell phone, he informed “Dave” that I’d died yesterday!
I suspect that this little scam is running through every small enclave in western Montana. I’ve since found out that two other women in the vicinity, one also in [REDACTED] and another in [REDACTED], have been contacted by these clowns. I did file a scam report with PCH so at least there is that. Thanks for letting me tell my story! Keep doing the excellent detective work y’all do to keep the rest of us safe from the “Daves of the world. Take care, Rita”
Can you identify “Dave Miller’s” accent? If you can, let us know what you think!
Dave Miller from Publishers Clearinghouse
We applaud Rita’s effort to waste a scammer’s time! She told us that she’s never done this before and not likely to do so again. She later told us “I’m sure I would have messed it up (for myself) in some way if I had intentionally tried to scam a scammer. What was different in this case was that I had a pretty foolproof firewall built into the communication. ‘Dave’ had no physical address for me and there was no way he could ever find one. It was that realization which motivated me to go ahead and mess with him. What he knew about me was so inert that I instantly made up one rule to follow; no matter what he asked me, the answer had to be a complete fabrication. All that said, I would NOT recommend that the average person try what I did on a “cold call”. With no time to prepare, a person is at the mercy of the “artists” on the other end of the line who could set a trap and catch some vital, meaningful info that the person just blurts out with no thought to it being used against them. Best to leave the baiting to the professionals, like Rob!”
One of her surprises in this small foray into the scam-baiting world was learning that the scammers knew her full name, general location, land line and cell phone numbers! We’ve often told readers about how easy it is to acquire information about people online. And, this lack of privacy today is worse than it was just five years ago. We frequently monitor the appearance of our own information online and are notified several times each you that our email addresses, personal addresses, and/or phone numbers turn up on the “dark web” or were stolen in data breaches. There are also many data brokers across the Internet who gather, analyze and sell massive amounts of data legally. Their analysis and sale of data can have surprising, creepy and have life-changing impact on people. Here are two simple examples…
In mid-May, Doug and his wife decided to go shopping for a new rug. At about 1 pm on a Sunday afternoon, they walked into a furniture store called Arhaus. The saleswoman asked if they had ever purchased anything there before (they had) and asked to confirm their contact information in case anything new came in that fit the type of rug they were looking for.
At about 10 pm that same evening, Doug decided to look at the news of the day on CNN.com. Look at the very first Ad he was shown on the CNN website! Not only was the advertisement from Arhaus, but it even showed him rug colors and pricing in the range of what he and his wife were looking for that afternoon! To some, this may seem convenient to show someone targeted ads that fit their particular interests. But to Doug, this felt creepy and unsettling. It meant that their afternoon exploration became data points immediately sold to advertisers across the Internet who knew exactly where he was and how to manipulate the content in front of him. If that’s not creepy, we don’t know what is!
In February, 2019, Wired Magazine published an eye-opening article called The Wired Guide to Your Personal Data (and Who is Using It!) (We recommend reading it!) A paragraph from this article still resonates with us today…
“Personal data is often compared to oil—it powers today’s most profitable corporations, just like fossil fuels energized those of the past. But the consumers it’s extracted from often know little about how much of their information is collected, who gets to look at it, and what it’s worth. Every day, hundreds of companies you may not even know exist gather facts about you, some more intimate than others. That information may then flow to academic researchers, hackers, law enforcement, and foreign nations—as well as plenty of companies trying to sell you stuff.”
Our second example concerns life-changing circumstances. According to a July, 2021 article published on several news sites, including APNews.com, a religious Catholic publication purchased smartphone app data from data brokers and were able to confidently accuse a priest of using a dating app called “Grindr” to hook up with other men. Read Priest Outed Via Grindr App Highlights Rampant Data Tracking. (APNews.com / July 22, 2021) We’ll say it again… there is no such thing as “online privacy.” It is an oxymoron, just like “jumbo shrimp!”
Textbroker[.]com Review: Is It a Scam? – As graduates around the world enter the workforce in an uncertain post-COVID climate, companies offering freelance remote working jobs are, unsurprisingly, proving very popular. One such company is Textbroker. In our research, we have noted a large number of queries from job-seekers wondering if it is a legitimate company. With that in mind, we thought we’d do our digging — so you don’t have to.
A Good Laugh That Made Us Bananas! – In the online world of deceit and fraud, it’s important to find and take those opportunities to laugh at the scammers who, thankfully, slip up. Here are several scam emails that we’ve enjoyed seeing because they made us laugh. Let’s start with Mr. Wilson Banasa. He contacted our friend Rob, claiming to represent the International Monetary Fund, with $3.5 MILLION dollars waiting in an account for Rob. Rob only needed to pay a $500 fee for the release of this money. However, Mr. Wilson couldn’t get his name straight! First became last. Last became first. And “banasa” became BANANAS! We are especially “bananas” after reading the opening sentence from Mr. whatever-his-name-is! It reads like some woefully bizarre artificial intelligence translation gone bad!
In a follow up email to Rob, Mr. Bananas sent Rob a picture of his IMF Identification Card to prove that he really was an authorized employee of the International Monetary Fund. This also put a big smile on our faces because it is extremely obvious that this ID is fake! (Note: We’ve given Mr. Bananas Wilson a hat in his ID picture, befitting of his name.)
- The name “Mr. Bananas Wilson” was photoshop’d into this fake ID
- The signature doesn’t come close to the name “Bananas Wilson.” In fact, this signature was found on another man’s “STAFF IDENTITY CARD” that was posted on RomanceScam.com! The other man’s name is “Jeff Uda” and he is also a “DIRECTOR OF INVESTIGATION” but his ID card is modified with a different title. Visit this link on RomanceScam.com and scroll down to the entry posted on April 1, 2022. Identical signatures!
The Daily Scam recently received two emails from themselves! Moreover, they came from accounts we didn’t know we had! At 11:11 AM several days ago, we received an email from voicemail “@” thedailyscam.com informing us that “2 New Voice Messages Received From XX-XXX-X985” The email even told us that our domain was copyright protected and “incorporated.” (Inc.) Of course, the link to “listen to your voicemail” led to a malicious website and so we decided to let those messages go unanswered! (Though we wonder if they might be calls from Dave Miller from Publishers Clearinghouse telling us we were a winner! Oh well.)
Less than 2 hours later, we received another bizarre and fascinating email telling us that we have 15 undeliverable messages! This time the email came from “security “@” thedailyscam.com! Fortunately, the email contained a link that would allow us to review these “15 Failed Messages.” (Does that even make sense?!) Of course the link in the email was malicious but perhaps more fascinating was the fact that the emails pointed to the same domain as the other email just above, but with a different sub-domain. Some cybercriminal was clearly unsatisfied that we didn’t click his first link! We hope to hear from him again and look forward to seeing new and interesting email addresses for our domain at The Daily Scam! (By the way, Virustotal.com informed us that at least 3 security services found the links in both of these emails to be malicious. Never a dull moment!)
An important footnote…
Given the continued Russian war against Ukraine and the resulting rise in global food prices from both the loss of Ukrainian food production and rise in gas prices, we feel it is important to donate to global charities. There is a great deal of help that charities bring to disadvantaged people around the world. But there are also many scams that target people who wish to donate! Check out this valuable article on Scamadviser.com, titled…
Walmart, Amazon and Norton 360! – Last week, two different readers shared these bogus Walmart phishing emails with us. Both try to convince you that you placed a order with Walmart and it will be charged to your credit card. The first order actually came from an email server in Egypt and the second smelly phish tries to make you believe that your order is also being shipped to the wrong person in Honolulu, Hawaii! Of course, both emails contain phone numbers so you can call the scammers and cancel these orders that you never placed and were never charged to your credit card to begin with! Lunge for the delete key!
Ahhh…. A day without a smelly Amazon phish, is like a day without sunshine! This rotten carp has a hysterically funny opening paragraph about your “suspicious login” containing MULTIPLE English grammar errors! The link pointing to the Amazon alert center actually points to a crazy-name domain that was registered less than 2 hours earlier. The crazy domain, WAPRI78IDLOKIMBUN[.]com, was registered at 1:15 pm “Zulu time zone.” (Notice the “Z” at the end of the “Creation Date” in the WHOIS search results. This time zone, along with that lovely opening paragraph, strongly makes us wonder if the creator of this scam might be located in Eastern Africa. (Check out the countries that use Zulu Time Zone.)
Finally, we have another bogus email about your purchase of security services software. This time it is about Norton 360. Deeeeleeeeete!
We Have Money For You – Sometimes it feels to us that mobs of people are trying to give us money! We hear from scammers every week, and from seemingly legitimate businesses, who want to lend us money too! Take this exciting email from Ms. Sharon Koh of “1839 AssetManagement LLC.” She claims to be a business consultant who wants to offer us financing for whatever projects we might have going on. But her email was filled with red warning flags that suggest she’s just another scammer! For example….
- If Sharon Koh represents “1839 Asset Management LLC” why did her email from afrom “samuel” at aaryaauto[.]com, a domain that was registered in March, 2022 by someone named “muna fenadez.” Muna included an impossible address in her registration that doesn’t exist! (“no 54 able street Bath Road Taplow Shopping Park, Unit 3, Bishop Entre, Maidenhea, new york, AZ, 12020, us”) Also, Muna’s email address listed in her WHOIS record, pointe to a server in Hungary. Oh, and that website aaryaauto[.]com, is hosted on a server in the Netherlands.
- Why does the “reply-to” address that Sharon Koh provided point to a personal Gmail account and NOT a business account for 1839 Asset Management?
Yes, we can confirm that there is an investment firm called 1839 Asset Management AND that a woman named Sharon Koh is a partner in this firm, according to 2 online sources we checked. However, the email we received doesn’t pass the smell test!
And then there was this fabulous email that Rob got from a well known bank in Austria. In fact, Bawag PSK bank became the 4th largest bank in Austria after a 2005 merger, according to Wikipedia. HOWEVER, notice that this email from Mr. Anas Abuzaakouk ACTUALLY came from a personal Gmail address! The bawagpsk.com email address was placed in the name field of Mr. Abuzaakouk’s email! Rob had exchanged multiple emails with Mr. Abuzaakouk, who also had lots of money he was trying to transfer to Rob, after Rob pays appropriate fees of course! What made this particular email so funny was that Mr. Abuzaakouk included lots of photos of his dental work! Would you believe that this scam effort against Rob began in 2019?! Mr. Abuzaakouk, and other representatives from the fake Bawag PSK bank, have been contacting him for nearly 3 years!
Finally, as one more exciting example of people giving away money, we have this remarkable email from Jeff Green. If you read through the details of his long email, you might think that this man is destined for sainthood! And he wants to give us a MILLION DOLLARS because we were one of 20 random people selected by a “data form.” But, sadly (**sigh**), “Jeff Green” is just another scammer and the proof can be found in his FROM email and REPLY-TO email addresses. (So much for thinking about early retirement.)
You Are The Five Billionth Search Winner and Click to View PDF – David at TDS got hit with this junk popup when he visited a website that had been hacked. Ironically, he hadn’t just completed a Google search! And yet, he was the lucky winner of a $1000 Amazon gift card just for making the 5-billionth search! If you ever see popup crap like this, be forewarned that it is not safe to click ANY of the choices presented! Not even “cancel” or “close.” Doing that may trigger scumware installation or a browser extension install that will not be in your best interests! Best thing to do is quit your browser. (If you are unable to force-quit, then shut down your computer.) Restart your web-browser and CLEAR YOUR BROWSER CACHE! (Clearing cached files is typically found under the menu item named for your browser in the upper left corner of your computer screen.) As you can guess, the “recent winner” posts that appear in the background of this popup are complete fiction!
Last week we complained about how poorly our web browsers were at detecting certain types of common online fraud. To their credit, Google stopped this very dangerous email from hitting our inbox, but we pulled it out of spam anyway. The email claims to have an attached pdf invoice. However, the attached file is an “html” file. (Same as a “htm” file.) These files are extremely dangerous to open because they contain instructions for your browser! For example, they can tell your browser to visit a certain malware-laden website, download the malware and then install it! You should NEVER click an html or htm attachment!
Pay You in Advance for Your… – Have you got something you want to sell online? It doesn’t matter what or how you post it. Scammers are very likely to be the first people to make you an offer! They’ll buy the item unseen, or sometimes offer you more than you are asking in order to hold it for them or set it aside until they get there. But most importantly, scammers will ask to pay you in advance! We’ve heard from several people who have reported this to us, as well as seen it posted on Reddit.com in the “scams” discussion board. Someone’s account, called “Proud_Tone_5270,” posted this screenshot on June 20th of a text conversation she/he/they had with another person who was interested to buy a used gaming console and pay for it in advance. NEVER accept advance payments from strangers using Zelle or Venmo! Venmo has posted a detailed article of common scams that try to use the Venmo platform. It’s very informative!
Until next week, surf safely!
Copyright © 2021 The Daily Scam and Scamadviser. All rights reserved. You are receiving this email because you
have subscribed to it via Scamadviser.com or thedailyscam.com
Keurenplein 41, UNIT A6311 | 1069CD Amsterdam, The Netherlands