by Curt Kovener
We have all read and maybe just glossed over stories of attempts by cybercriminals to spam and scam and otherwise steal our money and misuse our identity.
I read and didn’t pay much attention. Now that’s changed.
Before the holidays as I was traveling back home to the Wilderness, my cell phone rang. It was a toll-free number. Expecting it to be a scammer, spammer, or unsolicited call, I answered in order to tell the caller to put my number of their do-not-call list.
The caller said “Curt, this is Dick Flanagan and I am with security with Verizon. Did you order two new cell phones to be shipped to California?”
“Nope,” sez I.
“Well we thought it was odd for a long time Indiana customer to order phones shipped to the west coast. It appears someone has hacked into your cell phone account and ordered $2,100 worth of phones to be shipped to California,” says Dick.
“I didn’t order them so cancel that order,” I inform Dick.
“Of course, I will be glad to but I first need to make sure of your account information. What is the zip code where the bill is sent?”, helpful Dick asks.
Figuring this was all a part of the cell phone provider’s security, I told him the zip code in Crothersville.
“Good,” said Dick. “And one final thing, what is your four digit pin?”
I do not recall all of my secret passwords, pins and other identifiers and told Dick I would call him back when I got home. And at that point, the phone call abruptly dropped as I began my drive through the traditional valley of no cell signal.
When I get home, before I looked up my pin I tried to log onto my Verizon account. And it wouldn’t let me in. My password no longer worked.
It was at that point anger and terror flooded over me. I began using some very adult words as I realized I had been scammed by the Dick who said he was going to help me!
So I called Verizon and spoke with customer service representative Heather and told her what went on. She checked my account and assured me that no phones had been ordered.
That was a relief.
Then she guided me through the steps to change ID, password, PIN.
She told me the fake Verizon Dick was telling me what he was going to do after he got into my account. But sounding like a helpful security person for the company I fell for Dick’s Good Samaritan schtick.
“There is a lot of scamming like this going on over the holidays,” helpful Heather told me.
Thank rural technology for sketchy cell signal areas, I guess.
So now I have changed passwords, PINs and anything related to getting into my accounts.
But before I did I checked with the National Institute of Standards and Technology (NIST) guidance on creating a strong password, suggesting a passphrase such as a favorite line from a movie or a series of associated words rather than using a single password. The idea is to create a passphrase that can be remembered easily and protect the account. This means passwords like – “t6&j3#QR%5”- are out.
Longer, personal phrases you can remember— for example, SnowCloudWhiteCold— are preferred. The names of your children or pets are a bad idea, they say.
But since many sites require numerals, upper case and symbols or punctuation you may need to substitute a numeric zero for an O, an exclamation point for a 1, a ( for a C, and the like.
Create a passphrase you can picture in your head and use items in your office or around your home computer for clues. The key is to create a passphrase that is hard for a cybercriminal to guess but easy for you to remember with a little bit of a hint.
And we are to use a different password or passphrase for each account, and use a password manager if necessary to keep track of passwords for multiple accounts.
But having grayhair and Medicare, I keep my passwords in a document that is titled nothing like Passwords and it is securely filed beneath layers of folders on my computer desktop. And there is that hardcopy printout that I use as failsafe stored in my fireproof file cabinet.
And having saved my bacon as well as my money, I hope I never again curse the sketchy cell signal areas through which I travel.