This blog was originally posted by a master storyteller herself. Denise Summers of Amphora Communications wrote this post in September 2020 and graciously shared with me for this blog post.
They had never met in person and most of their interactions, other than the initial contact on the dating site, had been by email. Julie had never given him her address, although he had her cellphone number. They arranged to meet one day, but at the last minute he told her he had to fly to the UK on business and then go on to the Middle East.
When he emailed her to send him money so he could get out of the hospital in a foreign country after a ‘traffic accident’, he suggested she go to a nearby London Drugstore, where she could send the funds by Western Union. The drugstore was only two blocks from the condo she lived in.
This story, unlike some, had a ‘happy’ ending. Julie might have been lonely, but she was not gullible. There were a few red flags earlier on. Some of the emails he sent had some repetitive portions, repeating things they had already discussed. She wondered if he was writing to other women. When he eventually asked for money, she realized what the game had been all along and decided to turn the tables on him. She emailed him that she was running out the door to immediately send him the money. She told him how worried she was about him and that he needed to recover. He wasn’t to worry about the money, she was sending it right away. After a few emails and finally a phone call from Jeff wondering where his money was, she told him she would never be that stupid. He ‘ended the relationship’ by hanging up on her.
Although she contacted local law enforcement fraud department, nothing could be done. There is no way to find these ‘cyber actors’ and online scamming is now one of the most lucrative ‘businesses’ in the world. Cybersecurity Ventures predicts cybercrime will cost the world in excess of $6 trillion annually by 2021, up from $3 trillion in 2015. https://www.herjavecgroup.com/the-2019-official-annual-cybercrime-report/ 09/20
‘Emily’ sent pictures when the 14 year old boy in the chatroom wanted to verify that she was the 16 year old she claimed to be. Over the next two days, the two spent many hours talking online. ‘Matthew’ lived in Canada; she said she lived in NYC.
On the third day, she told him her parents had kicked her out. She had no money and nowhere to go, Emily said. Then she asked him if he could send her some money to help her. By then, he felt like they were friends. He tried to send her some of his money via a Google Pay card. Because they lived in separate countries that didn’t work, so she suggested PayPal for Friends and Family. He sent her the rest of the money he had. As soon as Emily received it, she cut off all contact with him. He was devastated. Because the money was sent through PayPal for Friends and Family, there was no way to trace the funds.’
Jeff attempted to create empathy with Julie in his story — he was a widower, just moved to a new country. He also tried to portray himself as a decent kind man — very close to his grandmother and a best friend who was a man of faith. He wrote long, loving emails. If Julie had been more vulnerable, she might have sent him the $3000+ he requested.
Emily used the same method, spending a great deal of time online with Matthew, flirting with him and appealing to his teenage ego. She told him several stories about her friends, the school she went to. They traded stories back and forth.
These criminal individuals used stories to create empathy, to connect with their intended victims. It’s how we humans have always built relationships.
Today, some of most skilled storytellers are the cyber criminals or cyber threat actors, as they are sometimes called. In this time of high uncertainty and anxiety, they have ramped up their efforts to scam those who are vulnerable.
With so many of us now working remotely without the increased security provided by our employers, both corporate and personal data is much more vulnerable. Our at home systems often employ old hardware. Add to that, the fact our children who are spending much more time online (if that’s even possible:)
‘Cyber criminals are adapting their attack methods. They are targeting the human layer—the weakest link in cyber defense—through increased ransomware and phishing and social engineering attacks as a path to entry.’ https://www.accenture.com/us-en/insights/security/cost-cybercrime-study 09.20
My colleague, Anne Genge, a 2020 Global Cyber Defense Award Winner, has a flair for teaching cybersecurity in a way everyone understands. In 2017, she co-founded Alexio Corporation, a national and global award-winning cybersecurity firm, with a specialization in small business and healthcare. She tells me we are more at risk than ever, especially as we work remotely.
Once a hacker has access to your data, they can go through your company organizational structure and your emails to see how payments are made, who makes the buying decisions and has signing authority, etc.
“It’s easy for them to send an email pretending to be the business owner to an administrative person, asking them to order something from this vendor, and have the money sent to a particular party (the cyber criminal), says Genge. “They can get into your bank accounts and access client emails, and then also begin to try to infiltrate your clients’ data. If you’re a healthcare provider, they can access patients’ medical records, potentially providing them with the ability to extort money in exchange for not publicly releasing information. ”
Her advice — here’s a list of things you shouldn’t share online:
- Your full name
- Any type of photograph (even of your pet!)
- Your current location (some phones have automatic GPS apps built in that may need to be turned off)
- Home or school address or the address of any of your family or friends
- phone numbers
- Social insurance/security number
- Passwords or credentials
- Names of family members
- Credit card numbers
According to Genge, some of these criminals go to great lengths, spending weeks or months wooing their targets. Each of us need to defend ourselves hundreds of times every day from these attacks, through our security systems. They typically have many people they are trying to fleece at one time, and if they can be successful with one or two a week, it can be very lucrative.
The bottom line is these individuals can be very clever at creating empathy and a good story. Ensure you, your loved ones and your business are safe.