The email from “Norton Protection” said I owed $999.99, which was “charged successfully and it will appear on your bank statement in 24 to 48 hours.” Although I have an account with a leading cybersecurity company, I’ve never paid that much for its products. To “cancel” the charge, I was instructed to call a number, conveniently highlighted in yellow.
All it took to bird-dog my fake debt email was a simple search-engine query of the invoice’s telephone number. It was based in Hawaii. Unfortunately, perhaps, for the real employees of Norton’s help desk, they are likely not stationed in the Aloha State.
In a nation swimming in real debt–with the average American owing an estimated $90,000–it’s not surprising that “phantom debts” are one of the hottest scams.
Millions get ensnared in these ruses and unwittingly give up credit and banking information–especially as the hardships of the pandemic continue–which opens the door to mass fleecing. Phony debt cons top the list of most prevalent consumer scams, according to consumerfraudreporting.org. Some four out 10 of all consumer complaints are linked to these swindles, according to the Consumer Financial Protection Bureau.
Given the wide variety of debts Americans accrue, phony debt grifters can work a variety of angles, according to the Federal Trade Commission, which tracks and attempts to police the worst swindles.
Some cyberthieves hound victims for overdue student loans, even though federal college loan borrowers were given a reprieve due to the pandemic. Others focus on unpaid mortgages, car payments, or credit card debts. Bogus impersonations are rampant: Some scammers pretend to be from the IRS, law firms, and major retailers. Some heartless phantom debt merchants even call people who have recently lost a family member to “collect” a nonexistent bill.
Although 2021 figures aren’t available yet, in 2020 the FTC received more than 53,000 complaints on abusive debt collection, an 8 percent increase over the previous year. (This figure includes both con artists and especially aggressive efforts to collect actual debts.) The situation could get worse. As AARP notes: “a federal rule change that took effect in November 2021 allows collectors to contact debtors by email, text or social media direct message as well as by phone (previously the only sanctioned method), opening new routes for fake-debt scammers to reach their targets.”
When they get potential victims on the phone, they play hardball by threatening criminal charges and fake fees, but the goal is always the same: To get money and personal financial information. Those who use credit cards to pay their phantom debts can count on their numbers being used for other transactions and their personal information used or sold to other crooks by the scammers. As a rule, they never provide specific details about the debt–after all, it is bogus–and they try to fleece victims in a single call. If you try to call them back, you’ll get a “dummy” call-back number that’s illegitimate.
People over 60 are prime targets because they are more likely to answer their phone and respond to emails that may not look like spam. The FBI’s Internet Crime Complaint Center (IC3) lists as prevalent lines of attack against older Americans “extortion, identity theft and related techniques such as phishing [email initiated fraud], vishing [telephone initiated fraud], smishing [text initiated fraud] and pharming [redirecting people from a legitimate to an illegitimate website].”
In the IC3’s 2020 “Elder Fraud” report, the agency reported that it “received a total of 791,790 complaints with reported losses exceeding $4.1 billion. Based on the information provided in the complaints, approximately 28 percent of the total fraud losses were sustained by victims over the age of 60–who comprise less than 20 percent of the population–resulting in approximately $1 billion in losses to seniors. This represents an increase of approximately $300 million in losses reported in 2020 versus what was reported by victims over 60 in 2019.”
Increasingly, younger victims are being targeted too. “Scammers got good at tailoring audiences they’re trying to reach–on TikTok, Instagram, and other social media,” observes John Breyault, vice president of public policy for the National Consumers League. He said their means of getting “paid” have shifted as well, to gift cards and cryptocurrencies. “In the past, it was fraudulent money wire transfers.”
The FTC also reports: “Credit repair scams also frequently target financially distressed consumers who are having credit problems. These operations lure consumers to purchase their services by falsely claiming that they will remove negative information from consumers’ credit reports even if that information is accurate.”
The agency, along with state attorneys general, have filed dozens of lawsuits in recent years shutting down these operations, although the scams keep morphing. Debt scams are becoming increasingly sophisticated as hackers from around the world sub-specialize in stealing financial information and channeling ill-gotten gains into hard-to-trace cryptocurrencies.
James Lee, chief operating officer of the nonprofit Identity Theft Resource Center in San Diego, says finding victims is often as simple as stealing passwords or monitoring social media, where people often publicize what they are buying and selling.
One indirect debt scam targets Google or Facebook Marketplace account holders, notes Lee. Cyberthieves will steal the identity of the legit sellers through username/password theft, then start billing others for goods they will never receive. Often teams of hackers divide up the duties of these kinds of frauds.
“The level of sophistication for these frauds is much higher than in the past,” notes Lee. “Teams divide duties into finding people to exploit, getting access to their accounts, then stealing and distributing the stolen funds. They even have their own help desks.”
Although the number of cyberthieves involved in these scams is unknown, Lee says their ranks are growing since they rarely get caught and their ability to steal ever-higher sums of money is increasing. Fraud operations are also increasingly using alternative payments systems such as Venmo and Cash App, which are not regulated or policed as rigorously as the conventional banking system.
Regulators have known about phantom debt collection scams for several years and have taken numerous enforcement actions. In September 2020, the FTC, along with other state and federal agencies, took several steps to shut down large operations across the country. “Operation Corrupt Collector” performed 50 enforcement actions.
But like so many other instances in the consumer fraud arena, today’s robocallers often move into texting or “phishing” emails or outright identity theft, which is how they steal user names and passwords. There are more channels now to reach more potential victims, so these scams will not likely abate.
“They [thieves] have one-eighth of one-thousandth of a chance of getting arrested,” Lee adds. “Only 20 people have actually been convicted in the last 18 months. Bad guys have more access to information than they’ve ever had before.”
Major consumer protection agencies like the FTC are also hobbled by a Supreme Court ruling last year that restricted their ability to shut down and collect money from scammers. “That ruling took away a tool from the FTC toolbox,” Breyault added. “Fraud is a continuous whack-a-mole problem.”
Fortunately, fake debt collectors are relatively easy to suss out. If they are calling on the phone, they are usually threatening and blatantly refuse to provide detailed information. Online, they have sketchy URLs, identifying information, and links when they email you. The more aggressive they are, the more suspicious. The Federal Trade Commission has a set of rules they are supposed to follow under the Fair Debt Collection Act, but the more obnoxious operators consistently use fear to get results. If they are harassing you, they are breaking the law.
Unfortunately, the scammers are also relentless. The same week I received the “Norton Protection” email, I also received an email from “Costco Wholesale” stating I had received a “special reward.” All I had to do was click on a link, which I didn’t do, because I haven’t shopped at Costco in a while and noticed a sketchy URL based in the United Kingdom. Definitely not cricket.
This article was written by By John F. Wasik for RealClearInvestigations