I fell for a phishing scam. Twice. OK, three times. Yes, I know all the warning signs. Only the naive and uninformed fall for these scams right? Maybe. But I did. And it wasn’t my first phishing trip.
Didn’t enter my thick head that it might be a scam.
I was on my walk, minding my own business (actually listening to an amazing book, but that’s a subject for another post), and this popped up on my phone.
Was my thought, “Oh — this looks like a scam!” Or “Why would sunpass contact me by text?” NO. My thought was, “Well crap. My husband went through a toll in Florida and didn’t pay. And now I get to pay this stinking fine.”
It made sense.
We have a car in Florida. That car is registered in my name. We’ve had other bills from sunpass for unpaid tolls (albeit none of those were sent by text). And my lovely husband had just been to Florida, and probably drove through some tolls. I hate these toll bills. And if you don’t pay them on time, a tiny bill gets a huge penalty.
So I clicked on the link.
Never ever ever click on the link. Yes, we all know that.
It asked for my name and social security number, which I gave them. (Yes, I should know better.)
“Hello Laura!” — is what the website said, after I foolishly provided my name and social security number. “You have a toll charge in the amount of $4.72. If not paid by June 10, you will incur a $75 penalty. Please click here to pay your fee.”
Well well well. You’re not going to get me, Florida Sunpass. I’m not going to incur that sneaking $75 penalty. Yes, please — take my credit card number, as well as email and home address!
Like candy from a baby, or information from a baby boomer.
I gave them what they asked for. The curser churned and churned, and said that payment failed.
So what did I do? I did it again, putting in a second credit card number.
And I got another error message, stating I still owed the tab.
I finally wised up.
I called Sunpass. The first thing you hear is a warning about a text-based phishing scam using their name. If i had been in Florida (I am in Ohio) I would have seen PSAs and news stories about the scam. But I had not.
The damage is done.
We’re not sure what will result from this. We’ve notified credit cards, banks, and the credit agencies. It might be a long time before we see any repercussions. Or it could be right away.
And as we say in Oklahoma, this was not my first rodeo — or phishing trip.
I also fell for a phishing trip about a year ago. This one was an email, and was a notification that my subscription through Best Buy was ending, and would automatically be renewed for several hundred dollars. But I could call to cancel.
And I did call. They asked for the reference number in the email, which I gave them, and they said that the expiring subscription was on the laptop we bought Rosie (my daughter) from Best Buy a few years ago (which we did). It sounded completely legitimate. And I bit, hook line and sinker.
There’s a reason that’s a phrase from fishing. Those poor fish. They fall for that tasty bait, just like I did.
Be smarter than I am.
If you want advice about how to avoid phishing scams. . . you should google it. Clearly I’m not the person to give you that advice. I will warn you that neither of the scams I fell for had typos or other glaring errors. These phishers are tricky.
Good luck.