“I am 76 years old. I know very well the danger of online fraud, but I was still deceived”

Ángel was looking on the internet for a license to renew Windows that would not cost him much.

His computer had recently been repaired and the one they had put in the store had expired.

He looked at Amazon and other portals, he was looking for something cheap.

The next day they called him on the phone.

It was a certain Martina Wilson, with a Windows employee number, which Ángel duly wrote down.

Two hours later, Ángel had given the phone and, as far as he remembers, the keys to his three banks, photos of his ID, remote access to his computer and a photo of his face taken with Skype.

While Ángel tells his story to EL PAÍS, he still does not explain how he was able to give all that information without question.

"I've wondered many times how it was possible, how I was so naive, that I didn't realize the situation long before," he says now.

Ángel agreed to share his story, more common than it seems, to help other people.

But he repeatedly asked this newspaper to withhold his identity, largely out of embarrassment for having stung so easily.

"Maybe I'm from another generation," he says.

EL PAÍS does not reveal, therefore, his occupation before retiring nor the population of his residence, in the Community of Madrid.

"It's that I still don't understand how he fell into that trap because he brought me fries that I didn't get on any page," says Angel's wife, who attends the conversation.

“I have always lectured everyone on that subject,” Ángel insists.

His lack of prevention that day may be linked to some pills he was taking for a heart problem that he had had months before, but nothing is clear.

“They are artists,” says Ángel.

Ángel does not remember exactly how the whole process went.

For example, if the call went to his home landline or his mobile.

But he is clear on some basic facts.

He remembers that the program they made him start had a circular logo.

It is likely that it was TeamViewer, a

for remote control of computers.

“She started showing me a curtain of files coming down the dark screen and the girl kept telling me that she had tons of infected files,” he says.

There it was already in his hands.

The great question

The big question is what precisely Angel was called in the days when he was precisely looking for a Windows license.

The main hypothesis is that Ángel filled out a suspicious web page with his own data, although he does not remember any of that: “It is quite likely that, during the search for licenses (surely of dubious origin), he found the page he was after the attacker, and that he was able to obtain the data that the victim had filled in”, says Francisco Fernández, cybersecurity technician in reactive services of the Institute of Cybersecurity (INCIBE).

“It might not even be necessary to enter his phone number: this data could be located using other data provided by the user, resulting in profiles on social networks, forums and even

", Add.

For Fernández, there is a second “more remote” option, which is access through the infection of the victim's computer with a Trojan.

What is not viable is detecting Angel's activity remotely just by navigating him.

The call and the whole process took more than an hour.

“I did not let you think, when you raised an objection it was not for security.

It was always the word safety in everything.

His whole effort is that I did not turn off the computer and not hang up the phone for security, ”she says.

The speed and accuracy of the presumed Windows agent is something that Angel remembers.

From INCIBE, Fernández warns that there are very well organized groups: "They seem to work like a

in which case the operators, in general, know a relatively small range of scams, but in depth and with a well-planned script," he says. .

Luckily for Ángel that day he had to go to the doctor.

As the hour approached, he became more agitated.

For some reason, he ended up reacting, although the damage had already been done.

“Before I left I already realized, because taking so long and being so demanding was not normal, just like the amount of data that he had asked me for and given him.

I had a lucid moment to realize that this was a huge scam,” he says.

'What are you doing to my husband?'

He got up to leave and turned off the computer.

The girl called again.

One of Angel's wife picked up the phone: "What are you doing to my husband, are you scamming him?" She yelled at him before hanging up.

The criminals had the keys to Angel's banks, but they did not use them immediately.

Angel's wife called the principal right away and they changed them.

When Ángel returned from the doctor, he modified the other two.

Nothing had been stolen from them with transfers.

Ángel went to the police to report him.

They told him that there had been no crime and that he was going to have to wait.

After a few weeks the calls started.

Never more than 4 or 5 a day, always on different days and numbers.

Angel kept writing down all the numbers.

Some contrasted online and were from a recovery company.

Angel had no debt.

Had they used his name to make online payments or request loans and now the debts came to him?

He had seen an article in EL PAÍS where such a case of identity theft was explained.

It was and is his main concern: that with his name they have done something for which he must answer in court.

As a member of the OCU, they recommended that he see if he appeared on the main lists of defaulters.

He made the consultation requests one by one and at the moment no.

But it is still early.

The list of possible crime options given by Incibe includes other examples: "From contacting acquaintances or friends asking for money and providing a context made from the information collected, to contracting supplies, insurance, credit, falsifying documentation," he says. Fernandez.

One of the measures to take is to change account numbers and cards.

Ángel forgot one, from which the worst scare in this case emerged, at least for now.

It was December 28.

The request for payment of 950 euros at Ikea suddenly arrived on his daughter's mobile.

The daughter immediately declined the payment and soon canceled the card.

In that account, her father, Ángel, was authorized.

You can follow