Hacker News new | past | comments | ask | show | jobs | submit login

> Teach them how do respond and how to handle these scammers.

Concretely, the way to respond is this:

If you ever get a call that claims to be from business X, tell them "OK, I'll call you back." Then get off the phone, look up the number for X yourself, and call them. If it was really X calling you, you'll get back to where you need to be. If it was a scam, X will tell you they don't know what you're talking about.

Never trust that a cold call is from who they say they're from.

Many years ago, I had a police detective call me about an active investigation. He wanted to come over to visually verify that I had something in my possession. I was suspicious, and he totally understood. He said, "go look up the phone number for <police station in jurisdiction> and ask to speak with detective so and so, badge number ZZZ".

Here is a scam example of your anecdote that happened to a family member of mine, who was taken in for hours by "Police" in China (she speaks Mandarin).

They even spoofed the number of an actual police station and said, "Google the number on your caller ID to see we are legit". Obviously, call them back yourself.

Awesome. Always ask for a call back number. My dad was in his late 70s and fell for stuff like this. I beat the notion into his head, if in doubt ask for a call back number. If they they refuse to give it, it is a scam....period.

7 years was not enough for ruining peoples lives.

Did you actually look it up and call the number?

Yes I did. And a couple of days later, 2 detectives showed up, verified the item was in my possession and went on to the next person on their list. Incidentally they also marked the item by etching a number on it to make sure that they didn’t see it again, i.e., to rule out my cooperating with the person they were looking for.

what was it?

I would guess a firearm of some sort, as that's the only thing I can think of that would:

1.) be relevant to a police investigation 2.) be registered or associated with individuals 3.) have few enough of an exact thing in an area for the manual checking to be effective

you can also just call 911, tell them it's not an emergency, and ask them to connect you to the police station

I advise not being lazy and consuming emergency services if you can help it.

Scammers are aware of this, and will often use a tactic of gradual escalation. At first, you have no reason to hang up and call them back, because the call seems harmless.

Good example would be someone claiming to be your ISP apologizing for recent slow internet speeds (when doesn't this happen), and wanting to confirm you're now happy and not experiencing slow speeds. Why would you doubt this and go to the trouble of calling back?

The other problem is businesses being so extremely dumb. I've had and heard of man cases of Banks calling people, asking them verification questions on cold calls and offering no way to call them back. Not just stupid in that it limits your strategy, but it actually trains people to be more vulnerable to scammers.

It works in the average situation, but unfortunately there are some huge scams happening(passing unnoticed) in undeveloped countries where somehow the scammers can hijack the number for a certain time frame.

If you call the same number the next day the real institution is going to answer, but nobody knows a thing.

Apparently, in some cases, they can hijack the phone number of an institution, but only for the specific caller that they are applying the scam. If someone from another context call the same number it goes to where it's supposed to be.

It's becoming more normal than ever down here... Happened next to me.

We are entering the age of personalized crime, targeted and framed just for you, considering your personality and necessities.

One time I was having trouble with my PayPal MasterCard and called them from Mexico. I was sort of stranded because I needed the card to work to get an Uber and it was really hot so I didn't want to walk home. I don't remember if it was the 800 number or the local area code in the US. Probably 800 number. But I was in Mexico and dialed it the same way as I would in the US.

Someone from Mexico answered and initially it sounded very similar to what PayPal employees really say. It took like two minutes before I was really suspicious. I was really tired that day and didn't want to walk though so I kept trying to give them the benefit of the doubt. But a few minutes after that they actually asked me to go into 7/11 and buy a Google Play card for $150 or something. At that point it was just really obviously a scam and I decided to walk home. Called the real PayPal from my computer using the US area code.

In other cases, they might be able to take over the Google Maps listing (Google Search will show the listing from maps btw) due to it not being previously claimed/suggesting an update and can change the phone number to one they control: https://news.ycombinator.com/item?id=18527328

Look my comment above, scammers are exploiting basic principles of landline operation. Its the victims landline that gets "hijacked", not some institutions number.

Do you know if they’re doing this to people with mobile cells as well or is it only landlines?

I can check it out, but I think they're doing this to both.

Doesnt work. Scammers already adopted this to their advantage.

Conman calls a landline, starts conversation with "please call the bank back, im putting down the phone now" and ... just plays Dial tone. The trick is call ends only when the person who started it hangs up.

Hmm... "No worries, I'll do that but it'll probably be in a few days as I'm pretty busy now."

If they want to leave their line open "for a few days"... then good luck to them. :)

A good one. Or if it’s something you really should verify right away, call your friend or relative first. If the scammer answers again, you’ll definately know.

Good tactic, that'd work. :)

Except its your 60 year old mum answering the call, and 'calling back' just made her absolutely sure she can trust the nice bank lady on the phone.

or call a friend before calling the number

This was an issue with UK BT POTS lines some years ago. The line would 'hang' for a fair while after the recipient hung up before clearing down (disconnecting both sides).

The idea was, maybe you dropped your phone and didn't mean to hang up and this gave you time to rectify your mistake without having to redial.

Scammers started exploiting this and the timeout was reduced to the order of a few seconds. Count to five after hanging up and you can just about guarantee that's a real dialtone.

If you hang up and pick back up too quickly, yeah. But the call doesn't just stay connected until the cake hangs up. Either party can end it by hanging up, right?

Landline calls, at least when I was younger, were not disconnected until the caller hung up. I assume there’s a technical reason involving channels instead of packets but I never researched it.

Landline calls were disconnected after a timeout. The receiver could hangup and pick up quickly and still be connected. We used this method to move to another phone in the house. Also if you tapped the hook a few times the line would disconnect

Technical reason was mechanical exchanges (Strowger etc) https://www.youtube.com/watch?v=xUOh9fCSgqw

implementing logic/timers with cogs is impractical.

As an important addition to this - use a completely different line for calling the real company. If the suspicious call came from a cell, use another cell phone. If call came from landline, use a cell.

I don't think many people have more than one phone any more. e.g. I haven't had a landline in almost a decade.

Why do you say that? What difference would it make?

I suppose it's theoretically possible that a fraudulent caller had exploited your device or phone line in some way, though that's a rare and extreme case. Still, it doesn't hurt to mitigate it when you verify (of course, it's also theoretically possible the same attacker compromised your other phone, or just that of the business they are impersonating, too.)

Especially with landlines it’s possible for them to stay on the line and pretend that they have hung up, play the dial tone and ring back noises, then continue the con. This is particularly easy with elderly people who have older phones.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact