I Was Almost Scammed Twice for the Same Trip & Here’s What It Taught Me About Modern Scams

 

Most people think scams happen when someone clicks a “too‑good‑to‑be‑true” email from a Nigerian Prince or answers a suspicious phone call. The reality today is much more subtle and much more dangerous.

I recently experienced how one legitimate customer service issue can turn into a scam attempt, driven by publicly available data, social media monitoring, and increasingly sophisticated social-engineering tactics. I’m sharing this story to raise awareness, because anyone; especially busy professionals, could fall for it.

The Setup: A Legitimate Upgrade That Wasn’t

I had already booked an overnight red‑eye flight from Las Vegas to Panama City, Panama for an Entrepreneur Organization Forum Retreat. Before departure, I received an offer to upgrade from economy to business class with a lay‑flat seat for $457.

Given that it was an overnight flight and I needed to be rested for activities upon arrival, I accepted.

When I boarded the plane, it immediately became clear that something was wrong.
There were no lay‑flat seats. The so‑called business‑class section was barely better than most airlines’ economy seating.

This wasn’t a misunderstanding! It was a materially misleading upgrade.

Almost Scammed Twice for the Same Trip

The Complaint: Public Frustration Creates a Target

I did what many customers do:

 Contacted the airline directly via the web site which referenced a 15 day turn around on responses

Escalated through an available social media customer service channel to speed the resolution. The channel was X (formerly Twitter).

I returned home 4 days later and planned to continue pursuing a refund. And that’s when the real problem began.

 

The Second Attempt: A Highly Targeted Scam Call

The morning after I arrived at midnight, at 6:00 a.m., I received a call via WhatsApp from someone claiming to be “Copa Airlines Customer Service.”

🚩 Red flags appeared quickly:

  • The caller had a thick Indian accent, inconsistent with the airline’s Panamanian base
  • He asked me to confirm personal details he should already have had if he were legitimate
  • He claimed he needed to “verify my identity” to process the refund plus the $300 in “Compensation”

Then came the critical moment.

He said he was sending me an SMS verification code for security purposes.

A code arrived, but it wasn’t from the airline.

It was from the money transfer service (World remit), and the message clearly stated:

“Do not share this code with anyone including us.”

That’s when it clicked. I asked him how many people he had scammed today and he said “You are going to be the 1st! (along with a racial slur)”

The Scam Vector: Social Media + Data Scraping + Urgency

This was not a random robocall.

This was targeted social engineering/vishing (voice phishing), likely enabled by:

  • Monitoring public complaints on social media
  • Extracting names, destinations, airline details, and timelines
  • Using WhatsApp to appear “modern” and legitimate
  • Leveraging urgency, authority, and fatigue (early morning call)

The scammers didn’t need to hack anything. I gave them the context for free by being public.

Why This Works (And Why It’s Getting Worse)

Modern scams are no longer generic or obvious. They:

  • Mimic real customer service workflows
  • Reference actual, recent events
  • Use messaging platforms people trust
  • Exploit emotional states: frustration, urgency, and tiredness

With AI tools, scammers can now:

  • Generate convincing scripts instantly
  • Imitate corporate tone and phrasing
  • Scale attacks across thousands of targets
  • Adapt in real time based on your responses
  • Even conceal accents (though this guy didn’t do that)

This is why even technically savvy people, even cybersecurity professionals, can be targets.

Key Lessons Everyone Should Know

  1. Public Complaints or even vacation posts Create Visibility; For Everyone

Posting issues publicly can be helpful, but it also creates a roadmap for scammers.

Assume scammers are watching.

  1. Legitimate Companies Don’t Ask for One‑Time Codes

No airline, bank, or service provider will:

  • Ask you to read back a one‑time password after they call you
  • Use a code generated by a third‑party payment service
  • Contact you first via WhatsApp after a complaint
  1. Channel Switching Is a Huge Red Flag

Scammers often move conversations:

  • From social media → WhatsApp
  • From email → phone
  • To platforms with less oversight
  1. Urgency Is a Weapon

Early morning calls, “final steps,” and “immediate verification” exist to short‑circuit logic.

Pause. Verify independently. Call the company directly by going to their official web site, never by calling the number in the email, text or what you are given over the phone!

How to Protect Yourself

Only initiate contact using official website phone numbers

Never share one‑time passcodes, that means Never!

Be skeptical of help that finds you unexpectedly

Assume public posts may be monitored

Trust your gut when details don’t line up

Final Thoughts

I wasn’t careless. I wasn’t uninformed.
I was simply a customer trying to resolve a legitimate issue.

That’s exactly who these scams are designed to target.

Scams today don’t rely on stupidity; they rely on timing, context, and trust.
The goal isn’t to panic people, but to help them recognize how modern social‑engineering attacks actually happen.

Similar scenarios can happen when you or family/friends post on social media while (“We have you son/daughter/mother/etc…”) With photographic proof created with AI! Verify everything, and with those close to you have a safe word or question!

If this story helps even one person pause before sharing information or paying, it’s worth telling.

 

by Leo Bletnitsky, President/CEO, Healthy Technology Solutions (https://www.linkedin.com/in/leobletnitsky)