The pharmacist’s cell phone rang as she was preparing prescriptions.
The Caller ID said the call was coming from the Ohio Board of Pharmacy. For a pharmacist, getting a call from the Ohio Board of Pharmacy “is like the police calling you,” she said.
The targeted pharmacist has asked that her real name not be used since she is still afraid of her scammers. USA TODAY has confirmed the pharmacist’s identity, her complaint with the Ohio Board of Pharmacy and also has reviewed some of the elaborately doctored documents and phone recordings she provided chronicling the scam. USA TODAY has agreed to provide the pharmacist anonymity and will refer to her as “Sally.” USA TODAY also reached out to the FBI, which the pharmacist said she contacted, but the agency’s practice is not to confirm or comment on an investigation.
International scammers are becoming more brazen by sending in-person couriers – also known as mules – to people’s homes in an attempt to trick victims out of their money.
In an alert this week, the FBI’s Internet Crime Complaint Center reported an uptick from May to December of 2023 in a scam, which instructs victims to liquidate their assets. Unsuspecting people are usually instructed to convert their assets to cash, or gold, silver and other precious metals, as a supposedly safe way to protect their funds. The scam, often targeting senior citizens, has led to losses of over $55 million, the agency said.
How does the courier scam work?
Various scams often have similarities, with the con men often posing as a person of authority to intimidate someone out of their money. In the latest scheme, scammers pose as tech support or U.S. government officials. They sometimes use a multilayer approach, posing in succession as a tech company, a financial institution and a U.S. government official, the FBI center said.The scammers inform victims that their financial accounts were hacked or at risk of being hacked, and their funds need to be protected. Criminals then instruct victims to liquidate their assets. Sometimes scammers instruct victims to wire funds to a metal dealer who will ship the precious metals to victims’ houses.
Scammers have victims hand over cash, precious metals
The next step, according to the FBI agency, is the scammers send couriers to retrieve the items at victims’ homes or public locations. Scammers may direct victims to authenticate the transaction with the courier using a passcode, such as the serial number of a U.S. dollar bill. Scammers tell victims they will safeguard the assets in a protected account, but in reality, the victims never hear back from the scammers and the victims lose all their money.
However, the presence of local in-person criminals increases the chance that local and federal authorities can catch someone.
Pierson acknowledges that the couriers may be participating in the crime, but it’s also possible they are unwilling or coerced participants.
But catching the local in-person criminals can give authorities digital forensic evidence or “digital bread crumbs” on phones and computers “for a better chance of criminal prosecution” and ties to higher-ups in the crime ring, he said
What is new about this scam?
The escalation and change to in-person tactics for scammers, who usually “hide behind the veil of the internet” or remote countries, is what is different about the latest scheme, said Chris Pierson, CEO of BlackCloak, an Orlando, Florida-based cybersecurity firm,
“This is a total changing of the playbook” because the organized criminal syndicates and/or nation states “are actually burning a resource” as the last stage of the crime, Pierson told USA TODAY. They are no longer at arm’s length, he said.
“They are burning an individual that could be caught on videotape, the car, their license place, etc.,” he said.
Cybercriminal victims can lose money, be kidnapped
There are a variety of ways cybercriminals can victimize consumers. Last month, a Chinese exchange student, who authorities say was the victim of an international online kidnapping scheme, was rescued after nearly freezing to death in a tent in Utah. He ran away from his host home after cybercriminals convinced him his parents in China were being threatened. His parents told authorities they paid $80,000 in ransom.
Even celebrities get scammed. Bravo Host Andy Cohen told TODAY that he lost money when his bank account was hacked in an imposter scam. It happened after he lost his debit card.
Tips to protect yourself
Here are tips from the FBI Internet Crime Complaint Center:
◾ The U.S. Government and legitimate businesses will never request you purchase gold or other precious metals.
◾ Protect your personal information. Never disclose your home address or agree to meet with unknown individuals to deliver cash or precious metals.
◾ Do not click on unsolicited pop-ups on your computer, links sent via text messages, or email links and attachments.
◾ Do not contact unknown telephone numbers provided in pop-ups, texts, or emails.
◾ Do not download software at the request of unknown individuals who contact you.
◾ Do not allow unknown individuals access to your computer.
◾ The FBI requests victims report these fraudulent or suspicious activities to the FBI IC3 at www.ic3.gov as quickly as possible. Be sure to include as much transaction information as possible.
What happened to Andy Cohen?
Cohen said the scam started right after he lost his debit card. The next day, the Bravo host said he received an email that appeared to be from his bank’s fraud alert.
“It wasn’t. Because I lost my card. I was like, ‘Oh, this must be real,'” he said. “I didn’t click on the email address. You need to click on the email address — even though it may say the name of your bank, if you click on it, you can see that it’s not at your bank dot com.”
He clicked into the link in the email, which took him to sign in to his bank’s page, which gave the scammers access to his account. They then asked him to sign into his Apple ID, which was a red flag to him.
“No one will ever ask you for your Apple ID. I said, ‘This is a scam.’ I got off. I didn’t think anything of it,” he said.
Andy Cohen’s tips for avoiding imposter scams
“I consider myself a smart, functioning member of society,” Cohen said, before he shared his tips on avoiding imposter scams.
“Check the email address,” Cohen said. “Absolutely. Click on it always.”
He also said to avoid the sense of urgency when receiving a text or phone call.
“Take a breath and just go to your bank, or call the number on the back of your card you have it handy,” he said. “Nothing needs to happen now — a lot of times these people call and say, ‘Time is of the essence, you have to do this now. Don’t do that.”
One way to spot a scam is to understand its mechanics. A new and complicated scam starts with a call or text message about a suspicious charge on your Amazon account. But it’s not really Amazon. It’s a scammer with an elaborate story about fraud using your identity that ends with you draining your bank or retirement accounts.
Here’s what to know about this scam scenario.
It’s not Amazon calling. Scammers spoof their phone number to make it look like it’s Amazon calling. Don’t trust the number in your caller ID and don’t trust what the caller tells you. Worried about a suspicious purchase on Amazon? Log in through the website or app. Don’t call back the number that called you or a number someone left in a voicemail or text message.
No one legitimate will tell you to keep it a secret. If there’s a problem with your account or identity, always talk about it with someone you trust — especially if the stranger on the phone says it’s serious or involves a crime or claims to be from the government. That’s a scam.
No one used your Social Security number to open fraudulent accounts in your name. Scammers say this to scare you — don’t trust the person on the phone. To know for sure, get an instant copy of your credit report online for free and look for accounts you don’t recognize. Visit (or have someone help you visit) AnnualCreditReport.com.Don’t believe a caller who says you’ll be immediately arrested for account fraud. That’s a scam. If someone stole your identity to open fraudulent accounts, complete an FTC identity theft report at IdentityTheft.gov, then put an extended fraud alert on your credit report. Do not transfer money or drain your savings to protect it from fraud.
How to protect yourself and your pharmacy
Be alert!
Educate your team to be on the lookout for scams
Don’t trust requests for information or money from someone you don’t know
Verify the identity of suspicious communications through the state board of pharmacy or government agency website/phone number.
Never give out personal or financial information over the phone
Don’t click on links or open attachments from unknown senders or suspicious emails
Report fake/suspicious calls to the appropriate agency
Protecting our digitally-connected world is a top priority and focus of the FBI.But we can’t do it alone.Between staying connected with family and friends, shopping and banking online, and working remotely, we all depend on security in our interconnected digital world. Criminals from every corner of the globe attack our digital systems on a near constant basis. They strike targets large and small—from corporate networks to personal smart phones. No one—and no device—is immune from the threat. The only way forward is together. In cyber security, where a single compromise can impact millions of people, there can be no weak links. Every organization and every individual needs to take smart, reasonable steps to protect their own devices and systems and to learn how to spot and avoid scams.
The information you submit to IC3 makes all the difference.Combined with other data, it allows the FBI to investigate reported crimes, track trends and threats, and, in some cases, even freeze stolen funds. Just as importantly, IC3 shares reports of crime throughout its vast network of FBI field offices and law enforcement partners, strengthening our nation’s collective response both locally and nationally.
Due to the massive number of complaints we receive each year, IC3 cannot respond directly to every submission, but please know we take each report seriously. With your help, we can and will respond faster, defend cyber networks better, and more effectively protect our nation.