Each month, frontline staff members at Kennebunk Savings detect and prevent fraud. In January of 2024 alone, $169,371.49 was saved from malevolent actors. This included bad checks, wire fraud, falsified international transactions, and multiple variations of the exact same “tech support” phishing scam.

We thought it would be illuminating to show how this particular scam works, step by step, in the hopes that more fraud can be stopped at the source.

THE HOOK

Usually, this scam begins with an email that prompts a phone call. The scammers are trying to trick you into coming to them.

Scammers pose as representatives from a tech company – Norton Antivirus is very common, as is MacAfee. Sometimes the scammers pose as representatives from PayPal, and this January we even had one scammer pose as a rep from PayPal… on behalf of Norton Antivirus. (Maybe they got their scripts mixed up.) Scammers intentionally choose names of familiar-enough companies to lend their stories legitimacy.

The email states that the recipient will be charged for a renewal of their antivirus software, usually a significant amount of money – hundreds or even thousands of dollars. The idea is to induce panic in the recipient so that they call the phone number listed on the email and demand the charge be reversed.

THE CALL

Scammers use a variety of tactics on the phone to take advantage of your energy – if you seem scared, confused, angry – they can play on any emotion. They will also likely throw a lot of details at you: case numbers, ID numbers, phony transaction histories – and it’s all made up! They bombard you with false information to keep you in an agitated state. But here’s the real objective: they want you to grant them permission to access your computer remotely. You may have experienced a benevolent version of remote access when working with an IT professional. A pop-up box will appear and request you grant access to the person you’ve called in a panic. Stop and use caution!

THE TAKEOVER

Once you have given over remote access to the scammer, they will attempt to access your online banking. They may even ask you to do it, even after having granted them access. It’s another trick to build trust and legitimacy. It’s important to understand that even now, you have not lost any money. Their scam is about to get a lot weirder.

THE TURN

Magic tricks always feature a “turn” when things change from “ordinary to extraordinary.” The tech support scam does too. On the phone and while taking advantage of remote access to your computer, the scammer will show you your online banking page and tell you that they’ve wired back your refund. But uh-oh! They have accidentally sent you back too much money. Instead of $500, they sent $5,000. Or maybe instead of $100, they sent $1,000. Remarkably, this fake “mistake” is a consistent tactic across dozens of attempted scams. The scammer will then ask you for a refund!

Looking at this critically, you might be asking why on earth they’d do such a thing. There are a few reasons.

1. More steps means more confusion and ambiguity. More nooks and crannies for a scammer to take advantage.

2. Pretending to make a mistake at their “job” creates intimacy. Now you’re helping them fix a problem!

3. Most importantly: they didn’t actually send you the money.

In most cases, the scammer, having taken over your computer, simply processes a transfer from your savings account into your checking account and tells you it’s the money they sent. It is all smoke and mirrors. But if you believe it, the real scam finally starts.

THE PAYMENT

The scammer has preyed on your kindness and friendliness and is pretending to have sent you too much money. Now you need to help them cover their mistake and send the money back. You’ll have to do it quickly and quietly so their boss doesn’t find out. They may even tell you not to tell your bank or spouse what you’re doing.

This section of the scam is where we see the most variety. Some scammers ask you to purchase gift cards and mail them, or simply read them the numbers on the back. The scammers in other countries may just ask for a wire transfer (they’ll ask you to tell the bank it’s for a relative). Some scammers even ask you to withdraw cash, put it in a box, and send it in the mail. It is a testament to our kindness and faith in others that, unfortunately, some people actually do this.

The ludicrous nature of this step of the scam often loses even the victims who have so far been totally credulous. They come in to our branches already fairly certain that something is wrong.

Unfortunately, this itself can be an element of the scam: pride. People are unwilling to admit they’ve been taken advantage of and refuse to turn back.

When our customers come in and wish to withdraw or move large sums of money, we ask a lot of questions. We don’t do this because we’re nosy or trying to infringe on your rights – it’s just that we see scams often and we know what to look for. And most of the time, we catch it.

When you or a financial professional determine that you’re amidst a scam, the steps we take will be based on an assessment of what has happened so far. We may close your account and reopen it with new information. We may direct you to have your phone or computer checked and examined by an expert. We will help you contact local law enforcement. And we will always keep you up-to-date on scams in our area and help you stay a step ahead.