Read on Twitter
Yesterday, a day after my article on #cyberscams posted on @modrnhealthcr, I got hit by one myself... (1/7) https://modernhealthcare.com/cybersecurity/4-cyberscams-hospitals-watch-out
Sunday evening, a scammer called from a "spoofed" caller ID and phone number, appearing as if they were calling from where I graduated college. (Blocking out the phone # because it feels like the right thing to do, even if it is a scam.) (2/7)
The scammer was tricky—acknowledged he was calling from a different number than the university usually uses because of work-from-home (trying to exploit uncertainty from the COVID-19 pandemic) and tried to sound knowledgeable about my background. (3/7)
There were a few red flags. In an example of social engineering gone wrong, he asked how I enjoyed my time at a specific student organization—I'm sure to try to legitimize himself, but it was a group I had joined for just a few months my freshman year. (4/7)
I was pretty confident it was a scam at this point, so I asked him some follow-up questions to try to get a sense of what he wanted. He said he was calling to update my alumni file. (5/7)
Then, he jumped into the details he said he needed to update—when I graduated, my major, etc. I hung up, but I assume he would have eventually requested more personal or financial data. (6/7)
Anyway, stay vigilant, folks! If you think someone's scamming you but you're not sure, hang up and call the organization directly. 
(7/7)
(7/7)
