Day of the Dealt Hand

 

It's Day of the Dealt Hand, the 48th day of Summer in the Universal Solar Calendar. Time to deal out Jacks or better on a table by the beach.

Yesterday, I for dealt a bad hand. I received an email, allegedly from PayPal, telling me that someone was requesting $225 for some unspecified goods or service. It had two button: Pay Charge or Deny Payment.

I've seen these before and didn't fall for it. I didn't push either button, I just deleted the message and forgot about it.  

Later that day, I got another email from PayPal, stating that a fraudulent charge for $225 on my account has been cancelled, and that I should call a provided phone number. The domain name of the sender's address was "paypal.com" and the message looked legit, but again, I didn't follow any links or call the provided number. Instead, I went to my laptop and opened my PayPal account.

To my surprise and disappointment, the cancelled charge was actually there. The PayPal website clearly showed that the charge was cancelled (there was a strike-through line through the total, and it said "cancelled"), but it also said that I should call the same number as provided in the email to delete the charge.

I wasn't sure why I needed to delete a cancelled charge, but I called the number listed on PayPal's website anyway. The gentleman who answered didn't ask for any personal information, account number, password, or anything like that, just the transaction number of the cancelled charge. He directed me to another website with a name something like "account-dispute.com" to remove the charge from my account. Trusting that I was on the phone with a PayPal rep, I entered the link in my browser.

That's when things went to shit. Soon after landing on the site, my screen went to a very sketchy shade of blue (not the Windows "blue screen of death" blue, but a brighter, almost neon, blue) and the words "Program Downloading, Do Not Turn Off Your Computer" appeared on the screen. I asked the "gentleman" on the phone what the hell this was, and he just calmly said, "Don't worry, sir, it's just part of the security system."

Bullshit. I turned the laptop off before the program could complete the download. The "gentleman" hung up on the phone as soon as I stopped the download.

A few minutes later, I turned the laptop back on, and that download screen instantly reappeared. I turned the laptop off again, and waited about an hour. When I tried again, things looked normal and I ran a quick virus scan. But before the scan was done, there was that download screen again. 

Whatever that website had downloaded to my laptop was executing before I could even find the file, much less delete it. I turned the laptop off, unplugged it, and took it to my local PC repair and service shop.  After I brief discussion, we decided the safest thing to do was just completely wipe the hard drive, delete everything, and then re-install Windows 10. I'll lose everything, but after my hard drive crash of 2016, I've learned to keep important things backed up on external hard drives and the cloud. I'll lose some things, sure, but that laptop hasn't been my principal computer since 2020, when I bought a gaming computer that quickly became my primary computer. 

The laptop's still at the shop now, and we're hoping they're done before close of business today (they're closed weekends). I've been checking my PayPal and bank accounts almost hourly for any suspicious activity and changing passwords on everything I can think of in case they were able to get any data off my laptop before I shut it down.

But what really pisses me off is that I called a number listed on PayPal's legit website (the number's still online there) and still wound up in the hands of scammers. To be sure, the fraudulent number is listed under the cancelled charge, and I realize now that the number is part of the charge description written by the scammers, not independently listed elsewhere on the website. 

Be careful out there, folks. The dealers have cards up their sleeves and are dealing from the bottom of the deck.