funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Grandparent scam

From: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rmslade () shaw ca>
Date: Sat, 3 Mar 2012 16:35:39 -0800
No, I didn't get hit.  Someone even older than I am (although he's got fewer 
grandchildren) almost got hit.  Twice.

This is not a stupid guy.  He still runs his own investment company.  A few years 
ago he recounted a weird call that he thought came from one of his grandkids-in-
law.  Everybody who heard the story recognized it for what it was, particularly 
when it was determined that the grandkid-in-law in question, who does travel a lot, 
had never made the call.  The scam was explained to the call recipient.

Well, today he sent his whole family into an uproar.  He'd got another call, and 
seems to have been one phone call away from wiring off $2500.  Fortunately, a 
couple of family members determined what was happening, in time, and explained 
the situation.  Again.

Let me try to explain a bit how this works.

The recipient gets a phone call.

Recipient: [answers phone] Hello?
Caller: Grandpa?
Recipient: Is that you, Mary?

OK, at this point the caller knows that whoever answered the phone has a 
grandchild named "Mary."  Allow me to theorize why this is the grandparent 
scam.  Many (older) people may have more grandchildren than they have 
children, so the odds of hitting someone with a grandchild of the same gender as 
the caller increase.  Also, most people don't know their grandchildren, and the 
doings of said grandchildren, as well as that of their kids.

The fraudsters who make these calls may do it at random, or they may have 
bought calling lists of those with interests, demographic information, or 
medication purchasing patterns indicating that they are older.  These calls may 
also be targeted at geographic areas with a higher proportion of retired people.

Caller: Yeah.
Recipient: Gee, your voice sounds different/that doesn't sound like you.
Caller: I'm not feeling well/have a cold.

This answer serves two purposes: it explains the differences in voice (although it 
might not explain an Asian, Russian, or south Asian accent), and also calls on the 
sympathy of the recipient.

R: That's too bad.
C: Yeah.  Actually grandpa, [caller launches into story of woe, ending with a 
requirement for funds for a) medical services, b) legal fees or bail, c) 
documentation expenses, d) travel expenses, e) etc.]

This particular call added a few refinements.  The explanation ended with a plea 
that this situation was all very embarrassing, and so would grandpa please not let 
anyone know.  Grandpa apparently complied with this request: grandpa did do 
some checking with the family to try and find the grandchild, and, coyly, wouldn't 
tell what was going on.  It wasn't until a) a few family members had had frustrating 
attempts to find out what the calls were about, and b) the grandchild had been 
found (well, but busy with an event for one of the great-grandchildren) that the 
whole story came out.

Fortunately, there was a second refinement.  In an attempt to add verisimilitude to 
an otherwise bald and unconvincing narrative, the caller had finished with the 
statement that a lawyer would be calling to make arrangements for the money 
transfer.  Lawyers are trustworthy, of course (no laughing down there in the cheap 
seats), and the fact that you can no more authenticate the person who claims to 
be a lawyer than the person who claims to be your grandchild is probably lost on 
most people.

I say "fortunately," because the calls grandpa made to the family probably blocked 
the second call, at least for a while.  It is quite possible that the scammer or 
scammers, hitting a busy signal a couple of times, suspected that calls were being 
made to family, and cut their losses rather than carry on with a now likely 
compromised scam.

This is not a new scam.  It's a variation on 419s, which were, themselves, 
variations on the postal mail based "Nigerian" scam, which was a variation on the 
"Spanish prisoner" scam going back to the middle ages (which was probably based 
on a similar and even older scam).  But the scam is widespread, targets generosity 
rather than greed, and seems to be somewhat resistant to eradication.

Please raise this issue with, and explain it to, older friends and relatives.  The 
media reports on the scam tend to be minimal, and don't explain how easy, and 
likely, it is to give away information in what you think is normal conversation.

Oh, and just to conclude, when you answer the phone and someone says 
"Grandpa?" or "Grandma?", the correct answer is, "Who's speaking, please?"

======================  (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca     slade () victoria tc ca     rslade () computercrime org
I want everybody to be smart. As smart as they *can* be. A world
of ignorant people is too dangerous to live in.       - Garson Kanio
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: