We read about Internet crimes against the elderly all the time. We pity those poor, feeble individuals who can’t fend for themselves, those old grandmas and grandpas who are easy marks for slick and practiced scammers. How condescendingly we cluck and laugh at people gullible enough to be taken in. We say we would never be caught so off-guard. You can’t pull the wool over our eyes, by crackey.
Well, I’m here to tell you that recently, more than fifty of my intelligent, sophisticated, and cynical friends went so far as to bite—if not be pulled entirely out of the water—on the fishing line of a devious Web criminal.
Here is my story. I offer it as a cautionary tale. It may be old news to some, but clearly not for many people in my universe. I think it says something about how differently the Internet is perceived by the young and the not-so-young, and how its presence in our lives has insidious side effects, opening windows into a tantalizing pseudo-intimacy with the world on the little screen.
I got up very early one day last week and was looking forward to an uninterrupted morning of writing after too much time away from my own head. I was at the computer by 5:30 and spent two quiet, intense hours picking away at a piece I was working on. I turned from it to check my email at 7:25, but found I couldn’t log on. I kept getting an error message saying that my password was invalid. I re-entered it several times and then gave up, annoyed, choosing to return to the writing, thinking I would try again later.
At 7:31—early for calls to our house—the telephone rang. It was Bob, the husband of my husband Michael’s first wife, a welcome but unlikely telephone visitor at any hour, and especially so first thing in the morning.
“Are you okay?” he asked.
“Well, yes, but all of a sudden my G-mail password doesn’t work, so my day is already a mess,” I answered.
“Well, at least you’re not in Nottingham,” he said.
“Nottingham? What are you talking about?” I asked.
“I just got the strangest email from you. Want me to read it?” he offered.
“I’m writing this with tears in my eyes. My fam and I came down here to Nottingham, United Kingdom for a short vacation unfortunately we were mugged at the park of the hotel where we stayed, all cash, credit card and cell were stolen off us but luckily for us we still have our passports with us.
We’ve been to the embassy and the Police here but they’re not helping issues at all and our flight leaves in less than 3hrs from now but we’re having problems settling the hotel bills and the hotel manager won’t let us leave until we settle the bills. Am freaked out at the moment.”
A plaintive missive indeed, but I most certainly was not in Nottingham. We verified that the spelling of my name and my email address were correct. However, the digits on the phone numbers of my default signature had been reversed.
“What did ‘I’ want from you?” I wondered.
“Apparently nothing,” Bob replied.
And that, too, was strange. It was obvious that a hacker had gotten into my email account, stealing my password and blocking my access to it. But why was “I” making no demands?
Within minutes, both my husband’s and my cell phones rang. The first call was from my sister.
“Oh, my God, are you okay?” she fairly shouted.
She had jumped to the conclusion that I had gone to England without telling her—an irrational leap, because we talk almost every day. Still, this email message really scared her. She got off the phone quickly to call our mother, who would have panicked if she had seen it without knowing what was going on.
More calls started coming: Stanley, JoAnn, Susie, Mike, Jean, Judy, Susan, Lilly, David, Sandy, Kerry—family, close friends, slight acquaintances, household service providers, old friends not heard from in years. More than fifty over the course of the day. It was becoming clear that everyone in my contacts list received this email. It was amazing to me that some marginal people in my life believed this was a true plea from me, without stopping to think that I had a support system to which I would sooner appeal than to them. It had that much emotional resonance for some.
People were behaving exactly like themselves. A skittish friend said it was urgent that I contact the authorities. Another was frightened because the hacker now had his email address. One kind person wrote back to “me” offering to help in any way she could. Her sister lives in the U.K. and she would contact her immediately. By the time it occurred to her to call me, she was trembling. Friends traveling in Barcelona and Berlin called, one couple joking that they were about to skip over to Nottingham with a bucket of cash. A banker called Michael after fantasizing that since she hadn’t spoken to us in a while, we had separated and I was stuck in England. She wanted to alert him in case he didn’t know I was in trouble.
Some of the callers dismissed this as a hoax right away. I appreciated that many people said they were tipped off by the fact it did not sound like me. The punctuation was egregious and there was wording that was clearly not in my voice: “my fam and I came down here to Nottingham…” At the same time, one friend speculated that under stress I could have turned into a lousy writer. For whatever reason, people called because this was just plain unnerving and they wanted to talk about it.
As I thought about who got in touch with me, I noticed that they were all middle-aged or older. When my children and others in their 30s and younger read it, they knew in an instant it was a swindle, pushed Delete, and went on with their day. They function on the Internet in such a reflexive and nuanced way, there was an immediate understanding that these facts did not add up. We older people, as computer-wise and technology-dominated as we have had to become, may be slower to accept that the world works this way now. We have become easy users of the Internet, but perhaps more vulnerable than we should be to its power. We may have less guile about it than our children. A desperate message from a friend is something to be taken seriously, isn’t it?
My callers needed to tell their stories, to chew over just how they had been duped, or not. Some called with accounts of having replied, either in earnest or to test the legitimacy of the letter with questions only I would be able to answer. To a one, they received the following response:
“Glad to hear back from you. It has really been embarrassing for us. Well all we need now is just 2,240 pounds, you can send it to me via western union money transfer to my full name and present location, Here are the details you need to get it to me:
Name – Shelley Singer
Address: 30-33 High Pavement, Nottingham
Country: United Kingdom.
I still have my passport so I can use it as identification, email me the transfer details and the confirmation number. Here is the hotel manager’s number +447024015257”
I called my local police, not knowing if this was a reportable crime or whether I should be contacting the FBI. A kind and patient officer at the County Computer Crimes Unit let me tell my story, which I was as eager to do as my friends were, and answered right away that this was a common scam, virtually undetectable by the authorities. Wired money can be received anonymously, and by the time the victim realizes he has been defrauded, the trail is cold. He told me the email is likely to have originated in the Ukraine or Nigeria, not England. The next day—once my account had been reopened after I reset my password—Google sent me an alert saying that an unaccustomed use of my email had been made the day before in Nigeria. My in-box, which had been unavailable to me until the reset, contained thirty or so questioning emails.
That night, I Googled “I’m writing this with tears in my eyes” and found a universe of websites and articles about the scam I have been describing. This is going on every day, all over the world. I sent a mass email to my contacts list to explain that this was a hoax, imploring them not to send money. I don’t think anyone did.
It was disturbing and creepy that these fiends had invaded my email account and ascertained my password. It was, of course, a lesson in the need to be alert to scams. At the same time, it was a gratifying experience to see that people cared.
Note to Reader: Strengthen your password immediately. Consider changing it to a nonsense combination of letters and numbers. Google, for instance, will assess the strength of your current password and your proposed one, should you request a change.
But what about our emotional passwords? Should they be strengthened, too? Should we deny friends who write “with tears in my eyes?” Along with myriad learning curves, the Internet presents us with a personal and communal challenge: staying open to the real needs of people we care about while learning to trust the world—especially the online world—a little less.