Yet all of this can be easily defeated with soft language. The basic check "what's the password/verification word" will defeat this every time. This is basically opsec that we taught my grandparents, who were in their 90s. Its doable.
Yet all of this can be easily defeated with soft language. The basic check "what's the password/verification word" will defeat this every time. This is basically opsec that we taught my grandparents, who were in their 90s. Its doable.
Yes but that's more of a mitigation than prevention. It's an additional step, you have to remember to do it, and under the pressure of the situation you might easily forget to do it.
Code words break down emotionally. Many seniors do not reliably trust their own memory during a frightening call
So they trick the kid out of the password first by calling them and pretending to be the parent.
How is that possible?
The procedure is:
1. Kid tells password to parent in person. 2. From then on: when kid calls parent, if kid requests anything sensitive, parent ask for the password, and kid must provide it. 3. Password is never mentioned over the phone in any other situation.
How would anyone be able to extract the password from the kid?
"Kid/Grandma, someone is trying that scam where they pretend to be you on a call!"
"Oh my gosh Dad/Son! You know we have a password for that!"
"Yes -- actually, use it now so WE BOTH KNOW YOU'RE NOT A SCAM!"
"Sure, Dad/Son! It's DOUBLE CHEESEBURGER!"
"Thanks!"
Hilarious. “Hey, someone who says they’re you is calling me. Remind me again what the password is that they’re supposed to say?”
“Grandma the password is ‘Integra’ but I can just tell you now, it’s not me calling you, it must be a sca—“
“Thanks got it byeeeeee” <scammer calls grandma>
But kid knows not to give password to a caller.