Fraud Protection & Compliance
Imagine this: You could be at your bank, waiting in line on a regular day, and see a con unfold before your very eyes. Here’s what it might look like: An elderly gentleman almost pleading with the branch manager on the other side of a Plexiglas divide, asking her to send a wire for $12,000. Every few seconds the gentleman says a few words into his mobile phone, on speaker. Bystanders even ten feet away hear the conversation: “It’s OK, Doris, I’m sending the money right now,” the gentleman says. “Please, I need it! Wire it right now!” Then, “I can’t help you wire the money, sir,” the branch manager calmly responds. “This is a scam. Hang up the phone.”
Best case, this exchange would go through a few iterations until the elderly gentleman ended the call and stalked out of the branch.
A YouTube Star Investigates the “Double Zero” Scam
In fact, this type of scenario is real, and scams like this are playing out around the globe. Here’s how it might work: A con artist calls a potential victim and says they work for a software company (Microsoft and Norton anti-virus software are popular). The scammer tells the victim that a $120 refund was issued to their bank account for unused software — but the person who entered the amount into the refund system (i.e., the con artist) accidentally added two zeros onto the amount, making it $12,000. The criminal pretends to be terrified of losing their job due to the error, and begs the victim to wire back the money.
As it happens, this Double Zero con is a hot ploy in today’s scam bazaar, cutting a wide swath not just across South Florida, but the entire US, with moving parts located around the world. I learned many more details about how the con is perpetrated from an entertaining 23-minute video by Mark Rober, a YouTube star with more than 17 million subscribers.
Mark started investigating fraudsters after porch pirates stole online purchases from his house one too many times; he retaliated by planting “glitter bombs” in delivery boxes, complete with an embedded tracking device and video cameras. After the glitter bomb exploded on a thief, Mark, the police and a camera crew arrived to film the very surprised perpetrator, covered in irrefutable, unerasable evidence. Anyone who has encountered small children knows that flecks of glitter will remain buried in crevices and carpets long after the kids have graduated from college.
After he heard of the Double Zero scam, Mark put his formidable creativity to work to catch the con artists in the act on payday, collecting cash from their victims. In the Double Zero scam documented in Mark’s video, the con artists didn’t risk large, unusual wire transfers. Instead, they had victims send them cash via FedEx to an Airbnb home rented for one night as a delivery site and picked up by a mule, who later handed over the box to the fraudster. The Airbnb rental provided a convenient delivery site, and employing a mule to pick up the FedEx boxes skirted the proliferation of pesky surveillance cameras now found in residential areas.
Mark’s video also went into the criminals’ call center and technical tricks, the latter of which involve software that legitimate support representatives use to assume remote control of a customer’s computer, with permission, to perform diagnostics and repairs. Simple HTML editing software was used to alter the numbers displayed on the user’s screen, presenting seemingly airtight proof that the erroneous deposit had arrived in the victim’s bank account.
Eavesdropping on Criminals
Investigating a bit further, I also found this excellent article in The New York Times Magazine, a profile of members in the criminal rings and illicit call centers that perpetrate the Double Zero con and related scams. This article (a podcast is also available), “Who’s Making All Those Scam Calls?” additionally includes an interview with a cybercrime-fighting Lone Ranger, who goes by the name Jim Browning (not his real name) and is identified in the article by his middle initial, L.
As it happens, L became an online vigilante after he was worked as a potential victim by a scammer. Instead of falling victim, he figured out how to place software on the scammer’s computer that would allow him to “eavesdrop” on the scammer’s computer and record every on-screen move.
As it happens, L’s clever crime-fighting hack was the breakthrough that allowed the Double Zero and an entire family of related cons to be cracked. He is a software engineer based in the United Kingdom, where he runs a YouTube channel called “Tech Support Scams” under the pseudonym Jim Browning. There, L regularly posts videos for his three million subscribers, identifying by name the call centers and con artists involved in the crimes.
I am amazed at the lengths that fraud vigilantes like Mark Rober and Jim Browning go to, to raise awareness of popular scams and make calls for justice. To protect yourself, check out their YouTube videos and The New York Times article and steer clear of Double Zero con artists.
To learn more about how financial institutions can better protect customers from scams, read these blogs from my colleagues that outline best practices: