Lean Out Podcast

Solocast: Scammed! What To Do and How to Prevent Internet Crime

Dawn Baker Season 4 Episode 5

Share episode

Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.

0:00 | 17:34

Send us Fan Mail

This solo episode is a departure from the regular content of the Lean Out Podcast, but it's an important topic that applies to everyone. Dawn Bakers shares about her experience getting scammed. She provides details about how she dealt with it and gives tips for what to do to prevent becoming the victim of internet scams.

How to leave a review for the show:

  • Apple Podcasts - Scroll down to Ratings and Reviews --> Leave a Review
  • Spotify - Under the About section, click on the 5 Star icon

** Don't forget to check out the Revitalize: Physician Renewal Retreat!  Come hike and retreat with me in Utah's red rock wilderness this April 9-11. We'll also be doing yoga in the red rocks of Snow Canyon State Park 😍. Register through my link, and I will gift you a free post-retreat debrief coaching session! Use the code INVITE200 for $200 off through March 1 **

Relevant/mentioned links:

Mel Robbins Podcast - Cybersecurity Expert Reveals: 5 Ways to Protect Yourself Online (Starting Tonight)

Internet Crime Complaint Center (IC3)

Get in touch with Dawn:


Welcome to the lean out podcast. I'm your host, Dr. Don baker. Are you looking for a new approach to finding authentic and sustainable work-life balance? You've come to the right. Place. For inspiration. information. and a community. community. of like-minded. Professionals. Let's get to the show. Hello. Hello. Thanks for being here. How are you doing this winter in Utah? We finally got some big snow after a very dry early winter, and this is much needed, but of course, it makes for messy roads and conditions in the mountains. Now that it's here, I'm hoping it keeps coming so that we can build up our water table up in the mountains and avoid any summer forest fires. I have some great guests lined up for the next few episodes. I know you're going to love them, but before those, I just had to interject with this timely solocast. A reminder that if you find this podcast useful, entertaining, inspiring, or perhaps infuriating, please leave a review. Your feedback is necessary to have other people find the podcast in their organic searches. The best place to leave reviews on Apple Podcasts, but if you use Spotify you can also leave one on there as well, and I will leave links for you to do it in the show notes. One more thing. I'm still putting in a plug for the upcoming revitalized physician renewal retreat held in the Zion color country of Southern Utah. It's going to be taking place April 9th through 11th, and it is for physicians and also advanced medical practitioners. I'd love it if you could come and meet me in person. There are 12 CMEs available through the Utah Medical Association. So if you have some CME funds to spend, spend it on this amazing small group retreat. You can find the registration links and details in the show notes as well. So today I want to go a little bit off topic and share with you an experience I recently had where I got scammed. This is a topic that applies to literally everyone, unless you live under a rock and use no email, no phone, do no internet shopping, et cetera. Are there any people like that left in the USA? I don't know. I'm sure somewhere in the world, but even then, I have traveled to far off places myself, and I've seen people with phones astonishingly. Anyway, so here is what happened. I was at the hospital waking a patient up, and I saw a call come in on my phone from Google. I ignored it, but they called me two more times. And I picked up, it was this automated message that said, we noticed a change to your phone number on your Google account. If you made this change, press one. If you did not make this change, press two. So I pressed two and hung up. Then while I was dropping off the patient in the pacu, someone from a Northern California number called me and I thought it was probably related, so I answered. He identified himself as a Google employee and told me they needed to reset my Google passwords associated with two different emails because there had been a security breach and they knew the email addresses. He also knew the name of my husband and asked me if my husband had possibly made the changes to the account. He didn't ask me for any sensitive information, like any kind of account numbers or passwords or anything like that, which definitely would've made me more suspicious, so I continued. On the phone with this guy while in PACU trying to drop off a patient to reset my passwords by him sending me two factor codes through my YouTube app. At that point, the call started to get a little weird, but I still went along with it. I was trying to write down vital signs for my patient and hurry this guy along. But he did in retrospect, say a couple things that should have raised a bigger red flag at one point. In the conversation, he said, yes, sir. Which is kind of odd and unprofessional. And then he changed it to, yes, ma'am. And then the other thing was, he basically in a roundabout way asked me if I had any crypto. Okay. Finally that call ended, and while I was closing out the case chart, I went and called my husband and I was like, oh, you will not believe what just happened. And I thought I was just kind of giving him a PSA about it. And partway through my explanation, he starts interjecting. Well, what did you tell them? What did you give them? No, no, no, no, no. You got scammed. And I was like, no, I didn't. I was totally in denial. Oh, it was real. It was fine. You know, he's like, no, no, no, this is a scam. He was like, you've gotta go call all of your financial institution, blah, blah, blah. And I was like, well, I have another case going on. So then there was also this anesthesiologist in the group standing right there when this was happening, and he happens to be a super nerdy computer type who's very anal about security. And I get off the phone with my husband. And I look up at him and he's like, yes, you got scammed. So then I type the whole thing that happened. This is in between cases into my AI app, and it said, yes, this is most certainly a scam. So after this happened, I still had one more case to do. I had to put a patient to sleep and take care of this patient while stressing out about what happened. Talk about being distracted. It's really hard to give your best when you're in an emotional state, let me tell you. But I did get through it. I'm not proud about it, but I did and I left for the day and I ended up being on the computer or the phone for hours after that, trying to place security flags on all my accounts, change all my passwords, et cetera. Now I really got lucky with the situation. Nothing so far really serious has happened. I believe the people who were scamming me were probably after crypto. Someone called me later that night and tried to pretend that they were from one of the crypto wallet apps that I have used in the past, and they were telling me that my account had been. Logged in into Germany and they needed to reset the passwords online. So at that point, I'm of course a little bit more savvy and I asked the person to prove legitimacy of who they were, and they just hung up on me. I do have some crypto, but it didn't happen to be in that particular place Anyway, that account happens to have like$12 in it, so it's not like they're gonna get anything. But this was just a really scary situation, and in light of all this, after describing my scam in detail to AI and studying the responses, I believe that they were possibly trying to access my email accounts and Google photos, looking for crypto ledger keys or other long and important passwords. Apparently people take photos of these long strings of letters and numbers and characters, and then they're stored on their Google photos. But thankfully I do not do that. I have to admit that sharing all this with you and with other people is really kind of embarrassing, but I've never been the kind of person to keep things to myself. I've shared my vulnerabilities like an open book since I had a health scare in residency and had to go under anesthesia in front of my colleagues and co-residents. And yes, I'm an intelligent, highly educated doctor, but I'm also a human being and I'm not perfect, and neither is anyone else. During my work week, I shared what happened to me with multiple different nurses and staff members that I was working with, and multiple people had stories of their own where either they or their spouse had gotten scammed, and most of them were not as lucky as I was. They had money stolen from them, thousands of dollars. Even the lady on the phone at Vanguard that helped me reset all my security, shared that she had been a victim of a scam. It's just so common and it's so shame inducing. Imagine how many people have been scammed and have never reported it or talked about it because they're embarrassed or think that there's just no point. Incidentally, you can report what happened on the website, IC three.gov, which stands for Internet Crime Complaints Center, and I will link to it in the show notes. I want to share this experience because I hope it helps you to not be fooled by something similar to this and to also just in general reevaluate your internet security measures. So here is what I did. The first thing was to ignore the scammer's comment, to leave the temporary password they gave me in place for 24 hours. This is what they told me to do, and it was also kind of a lame password. It had like normal words in it and 1, 2, 3 or something like that, and that was another red flag. But at that point, it was too late. I went to Google account recovery and reset everything. Within about 20 or 30 minutes, I changed the passwords for my two different email Google accounts, and then I also changed the recovery email to a non-Google email that I have through my web hosting. I added pass keys to everything that I could. I called my financial institutions and alerted them to what happened, and I changed those passwords. And then I started working on other basic accounts like social media, and I realized I was using the same password, albeit a complex password for multiple logins, which is a bad idea. And I'll get to that in just a moment. It's been about a week as of the time that I'm recording this and I'm still realizing passwords I should, I should change, and two factor authentication that needs to be beefed up on things. There are some common scams circulating these days that specifically target physicians and other professionals, and they usually regard licenses, deas, and other professional credentials. The people call and they threaten to revoke the credential if fees are not paid or certain information is not given, and I'm sure everyone listening has received a phishing scam. In an email where they try to get you to click on a link saying something about how you paid$400 through PayPal and click on this link if it wasn't you. Um, and then the link might. Install some, some sort of problematic software on your device, so you should never click on links and emails. Um, there are also some more sophisticated emails these days though that impersonate your work IT services where they want to install questionable software for remote access on your computer or other device. And I remember once receiving an email supposedly from the head of my anesthesia department years ago, asking me to purchase some gift cards for him. The thing is, while some of this stuff is obviously a scam, the scammers are getting more and more savvy, and so it's harder to tell when something is a scam or not. Um. A recent Mel Robbins podcast on this very subject with cybersecurity expert, Kaitlin Sian just came out, but I listened to it after all this happened. Maybe it could have helped if I had heard it beforehand, but honestly, I think part of my problem falling victim to this was something else, which I will talk about later. Oh, and by the way, on this podcast, they shared about a recent scam where people email you posing as employees of the Mel Robbins Podcast wanting to interview you for the podcast, saying that you're chosen as a guest, but then you have to pay to get interviewed. And ironically, I have actually gotten this email, and I knew it was fake because they were asking for payment. But if you weren't really reading very hard, you may not catch that because it wasn't a very. Overt message. It was kind of veiled in the language. I will link to the episode of the Mel Robbins podcast I'm talking about in the show notes because I thought it was informative and also really easy to approach as opposed to when you hear people talk about this subject and they just lose me in the tech, or they're totally over the top making everything like Fort Knox. But here is a summary of the points that I took from her interview. Number one, don't answer calls from unknown numbers. I should have never answered that call that day. I should have let it go. If it's important, they will leave a message. Big companies like Google or Amazon, by the way, will never call you. They just send you emails, and I should have known this because anytime you have a problem, they make it super hard to get ahold of them anyway. Number two, don't post on your social media while you're traveling. I have to admit that I've done this before, as many of you probably have too, but I can see all sorts of problems with it. Now, not only will people know that you're not at home if you're posting vacation pics, but also people might know where you are or figure out where you are, even like a specific hotel and they could try to scam you while you're on vacation. Save your vacation photo dump for after you get back from your trip. Number three, don't use the same password for everything, even if you think it's a good password that has characters and letters and numbers and capitals and non-capital. I assume everyone knows that you need to have these complex passwords, even for shopping sites where your credit card might be stored. But my problem was that I had a lot of things using that same complex password. On the subject of passwords, I highly recommend using some sort of an app that's like a password vault. We use LastPass, but there are others. You can buy a family membership, and then if something were to happen to you or you were to get locked out of things, your family actually has access to your passwords as well, which is really important. Number four. This is the scariest to me, but there are these AI voice dubbed scams where they use your voice or the voice of a loved one to try to scam you. I mean, I'm talking right now. And my voice is recorded all over the internet. Someone could take my voice and make it sound like I've been kidnapped and try to extort money from my family. So the expert on the Mel Robbins podcast recommended having a safe word or a password that is only known within your family that you can ask if this situation were to ever come up. And hopefully it does not ever come up for you. Number five, consider freezing your credit. We did this back when there was an Equifax breach a number of years ago, and we have never unfrozen, so I felt very happy about that when I got scammed last week. Yes, it's kind of a pain when you have to apply for a credit card, but all the agencies now have these apps where you can just go on the app and you just have to put some credentials in and you can temporarily place a thaw. This way no one can open up a credit card in your name without you knowing. And number six, this is my addition to the tips today. Do not multitask. Focus on what you're doing and don't get distracted. I believe this was my biggest pitfall in this scam that I fell victim to. I was doing work and I should have just ignored the call, but I decided to multitask and as I was resetting my passwords. I was working as well. I could have paid better attention and maybe caught on to what was happening if I was not multitasking. I. As I mentioned, I feel lucky that this wasn't, or so far has not been a worse outcome for me with any kind of catastrophic financial consequences, but it's been an eye-opening lesson about beefing up security and also paying better attention in life. There are literally so many ways for our information to get compromised on the internet, and you could go crazy thinking about it all. So I say just do your best and cover the big rocks, like some of the things that I mentioned today. I hope this episode was helpful to you. Have you ever had something like this happen to you or maybe someone you know, what was the outcome? How did it change what you do online? Share your thoughts by sending a text to me through your podcast listening app, leaving a comment on the blog posts associated with this episode@practicebalance.com, or sending me a DM on Instagram I'm practice balance. Thanks for listening to the lean out podcast. If you find these conversations inspiring and useful, please forward them to a friend and also leave a review on iTunes or Spotify so that other people can find them easier. If you want to get in touch with me, you can find me at my website, practice balanced.com, where you can subscribe to my newsletter and get updates regularly about new podcast episodes, blog posts, speaking, engagements, and coaching services. You can also support my work by buying my book, lean out a professional woman's guide to finding authentic work-life balance for yourself, a friend, family member, or coworker. Have a great day and we'll see you next time