In 2015, a 50-year-old Michigan woman named Julie Leach won $3.1 million in the lottery. That much is true.
The e-mail message was signed "Julie Leach & Family." It had slithered past my spam filter and into my inbox. The sender claimed to be the Powerball winner, writing to announce that after much prayer and family discussion, she had decided to share her jackpot.
"My family and I have decided to donate $2,000,000.00USD to Two(2) lucky individuals world wide," the e-mail said.
One of the lucky individuals was me. Great! I could use the cash.
But wait — why, out of all the world's 7.6 billion people, had "Julie Leach & Family" chosen to bestow this fortune upon me, a random stranger? And why was I being asked to provide my name, address, occupation, country, sex and age? Wouldn't they know those details from the vetting process?
"I'm a newspaper reporter working on a story about fraud," I wrote back. "Would you be interested in talking to me about it?"
The reply from "Julie Leach & Family" ignored my interview request. I was instructed to open an account with a particular bank so the money could be transferred. Also to keep quiet.
"I Advice [sic] you to Kindly keep this confidential and secretive, you do not need to start talking to anybody." Word leaking out, the sender warned, could attract thieves and impostors.
"People cannot be predicted nor trusted," the sender said.
Yeah, I guess "Julie Leach & Family" would know.
E-mails claiming to be from Julie Leach the lottery winner have been circulating for years, since just after her win was announced. Last year, a CBS affiliate in Washington, D.C., acting on a tip from a viewer, aired a report.
"If it looks too good to be true," the reporter concluded, "don't be an idiot. Don't fall for it."
"How about just, 'don't fall for it,' " the TV anchor corrected.
Good call, TV anchor. Embarrassment often keeps people from reporting scams. Who wants to admit they're "an idiot"?
Yet the e-mail itself, with its warning not to talk, confirms what experts say. Openly discussing potential fraud — weird e-mails or phone calls, strangers requesting money — is the best weapon against it.
With that in mind, here goes. I once fell for a scam.
I got taken by what has since become one of the most ridiculously notorious scams out there: the fictional "Windows Repair Department." Googling "windows repair scam" produces 12 million results. According to my rigorous scientific research (i.e., casual conversations and Facebook comments), almost everybody has gotten a call from them.
But on that afternoon a couple of years ago, I had never heard of the Windows Repair Department. And the guy on the phone sounded urgent.
An insidious computer virus is sweeping the country, the caller said. He gave me the URL to a webpage full of headlines about it. (Or actually not — later, I discovered the headlines were years old and referred to many different viruses.) The caller told me he needed to access my computer to destroy the invader.
Here's where I should have hung up and called my trusty neighborhood computer repair shop. But that would take five minutes, and this was a dire emergency requiring immediate action! So I typed the command he said to enter, letting him access my computer remotely. The routine was familiar; I'd done it many times for tech-support people helping with computer problems in the office.
For maybe half an hour, I watched indecipherable blocks of code flash across the screen, presumably tracking down the virus. Gradually, it dawned on me that this might be a scam. The guy could be installing malware or scooping up my private data. But what could I do about it now? If I hung up the phone or shut down my computer, would it be left in pieces, like a half-fixed clock? I felt I had no choice but to ride it out. Finally, the guy announced he'd cleared the virus and demanded $149.
With him still inhabiting my computer, I obediently typed in credit card information. When we hung up, the computer worked fine. But I knew I'd been had.
The $149 wasn't a lot of money — the median amount lost in impostor scams last year was $500, according to the Federal Trade Commission. Still, I felt like an idiot.
So I told nobody.
A few weeks afterward, my credit card's fraud department called to say they'd spotted suspicious activity on my card (a $1 charge, suggesting a thief had tried the card out). I changed cards and figured that was that.
It wasn't. Some months later, the "Windows Repair" guy called again. He apologized for charging me before and wanted to refund my money. All I had to do was give him my bank account information. I told him he could mail me a check. No, it had to be a bank transfer. You're a scammer, I said. He insisted he wasn't. This went on until one of us hung up.
Since then, "John" from the Windows Repair Department — always the same guy — has called me every few months. I always tell him I know he's a scammer; he always claims he isn't. A sensible person, I know, would just hang up. But I find it oddly amusing. Why would he get into lengthy debates with someone who, OK, sure, fell for it once but clearly wouldn't be fooled again? Shouldn't scammers use their time more efficiently?
"John" called just last week, still determined to refund that money. This time he wanted to do it by gaining remote access to my computer.
"Hey, John, perfect timing!" I said. "I'm a newspaper reporter and I'm working on a story about scammers. Can I ask you some questions?"
Ignoring that, he kept telling me to let him into my computer.
"Nope, because you're a scammer," I said. "So anyway, how many calls like this do you make in a typical day?"
As usual, this went on for a while. I asked questions. "John" ignored them. For the thousandth time he insisted he was not a scammer. Finally, he got angry.
"YOU'RE the scammer!" he shouted, and hung up.
Coming from him, it felt like a compliment.