Hacker News new | past | comments | ask | show | jobs | submit login

Also tell them about phone scams. Over the last year I have received several very convincing phone calls and voice messages from people pretending to be the IRS or cops. It takes a lot of willpower to convince yourself that they are scams.

A lot of scams can be stopped if you consult with someone before sending actual money. I think it's important to tell your parents that before they give anybody any money or account numbers or buy gift cards (a lot of scammers make people buy gift cards and then give them the number) they should talk to you first. And tell them that there is nothing legitimate that ever requires you to pay NOW. Scammers are really good at pressuring people to act immediately instead of asking somebody.

Last time I was home visiting my parents I was astounded by the number of scam calls they'd get per day. Their landline was basically unusable for incoming calls because 90% of them were scammers. And they're obviously targeting older people who by nature respect/trust authority figures: "This is the IRS!" "This is the police, you're in trouble!" "I'm with Microsoft!" "This is the State Department, we need to talk about your passport" (that one was new to me). Scam texts too on their mobile phones.

The key thing people (not just the elderly) need to understand is that NOBODY LEGITIMATE will make initial contact with you over the phone or over SMS. The IRS will mail you. The police will knock on your door. If someone you don't know contacts you over the phone, 99.999% of the time it is a scam or they're selling something. Once you internalize that, you're well on your way towards avoiding being a victim.

> The key thing people (not just the elderly) need to understand is that NOBODY LEGITIMATE will make initial contact with you over the phone

My experience has been very different from yours. I've absolutely had financial institutions make unexpected phone calls to me and asking me security questions. In just the last year:

- Someone claiming to be Mastercard phoned me and asked to first verify my name and address. I was 99% sure it was a scam, but I had just enough doubt and curiosity that I called Mastercard back at a known number and it turns out that they were indeed trying to decide whether or not to block a large purchase I had made.

- Someone from the bowels of the check-clearing department of my business bank account called to verify whether or not to pay a large check I'd written to an individual.

- My regular bank called me out of the blue to check on an incoming wire transfer that had my middle initial although my bank account was set up without a middle initial, and they wanted to verify this before accepting the transfer.

In each case above, the call was from a phone number that I didn't recognize (and were un-googleable because they were internal numbers), from a person I didn't know, and the conversation started by them asking me personal or security-related questions! But they were all legitimate calls, and in fact would have caused me grief had I ignored or refused the call.

Financial institutions contribute to the mess by having poor telephone security practices themselves. They also send emails with links they want you to click on to sign in and they invent all sorts of domain names for various services/surveys/emails that bear no relation to their main domain name.

My in-laws got hit by an absolutely ridiculous phone scam. Basically some guy called and said "Hey this is Apple, this is an emergency, your iCloud got hacked, you need to install this remote desktop software and give me your credit card info so I can fix it for you". They are smart people but they still fell for it. So, the advice we gave them was that no organization is going to use a phone call to deliver important or urgent information. So if a call like that comes in, just ignore it or ask for a call-back number and then try to verify it by asking us. If a company or government agency truly wants to convey important info to you, they'll send mail.

> ask for a call-back number

Better to just call their main support line. Most likely they’ll never have heard of ‘some guy’ and they’ll tell you your iCloud is just fine.

They often have call back numbers from what I have heard.

Yeah, you have to verify the number through an independent system.

> They are smart people but they still fell for it.

If they fell for that then they're not very smart.

Would a smart person fall for it if a random hobo turned up at their door and claimed to be Jesus, but BTW he really needs you card and pin for 20 minutes, oh and $500 in cash as well!


Everybody has blind spots or moments of weakness. Scammers get a lot of practice and everyone could fall for a specific scam.

Assuming people aren't smart because they fall for a scam doesn't do them justice and it shows a lack of empathy on your part.

This is so true. My father is getting closed to getting conned now.

I tell him that no matter who contacts him and how (could be the government, IRS, bank, and could be phone, or email or a door knock) he should politely end the contact immediately.

Don't listen to what they have to say, don't give them a single shred of information - not even his name or address or anything.

If he is really convinced it's something legit, HE should initiate contact with whoever they said they were - find THEIR phone number or website and contact them and ask.

That way at least he can be sure he knows who is on the other end.

The IRS scam has been particularly interesting. A wave of them came through our area code, so I convinced a friend to let me talk to the scammers when it came to his phone. They had ${friend}'s name and address associated with the number, and got mad when I said (truthfully) "that's not me". I'm still curious what datasource they're using to match those three bits of information together...

> I'm still curious what datasource they're using to match those three bits of information together...

A phone book?

Some of the scams have the caller actually pretending to be YOU. So if they have the agreement to consult with you before sending any money, what are they going to do?

I would hope that my parents could tell me from another caller :-)

I believe the standard strategy here is to say you've been in an accident, you're in the hospital while traveling, your jaw was broken, and that's why you sound different. Or you're having the nurse call them. Something to explain why your voice isn't what they expect.

This happened to my grandmother a few years ago, with somebody claiming to be me. Purportedly, I had broken my arm in Spain, and needed money for surgery. Fortunately, she had the good sense to call my parents and find out if I was actually in Spain.

Its a friend of you, who is in hospital too. And they need money and even more consent for emergency operations.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact