Fraud Spam
My oldest friend from New York -- a guy who has a business that connects him with a lot of writers -- seems to have gotten his address book hijacked. Here's the string of e-mails I woke up to (I got one, too, but I was reading my e-mail backwards, from most recently sent to earlier).
Two other friends forwarded me theirs. Here's one (and I responded to the person who wrote me that David's home in New York with his wife and his baby, which he is -- and I know him well: if he WERE robbed in England or had some problem, he'd call his brother, not contact people he knows somewhat through business). (I've deleted last names and his business name):
Amy -- is this a real email from David??? Sounds so bizarre. Did u get it too? xo, Q--- On Wed, 9/29/10, David DELETED
wrote: From: David DELETED
Subject: Re: Vacation Problem
To: "Quendrith DELETED"
Date: Wednesday, September 29, 2010, 6:51 AMGlad you replied back,I have nothing left on me right now and i'm lucky to have my life and passports with me it would have been worst if they had made away with my passports.
Well all i need now is just £1,600, you can have it wired to my name via Western Union i'll have to show my passport as ID to pick it up here and i promise to pay you back as soon as we get back home. Here's my info below
Receiver's Name: David DELETED
City: London
Zipcode: WC2A 2AE
Country: United KingdomAs soon as it has been done, kindly get back to me with the MTCN. Let me know if you are heading to the Western Union outlet now???
Thanks.
David
On Wed, Sep 29, 2010 at 2:48 PM, Quendrith DELETED
wrote:
David - is this a real email from you -- pls confirm -- Quendrith ps, if it is, will try to assist!!!--- On Wed, 9/29/10, David DELETED
wrote: From: David DELETED
Subject: Vacation Problem
To:
Date: Wednesday, September 29, 2010, 6:01 AMHello,
It is with profound sense of sadness i wrote this email to you. I traveled down to United Kingdom for a short vacation but unfortunately,i was mugged at a knife point last night at the park of the B&B (Bed and Breakfast) where i lodged all my money and all other vital documents including my credit cards and cell phone were all taken away.
I have reported the robbery to the police but they are yet to find the muggers,Things are difficult here and i don't know what to do at the moment that why i email to ask if you can lend me £1,600.00 so i can settle the B&B (Bed and Breakfast) bills and get a returning ticket back home. Please do me this great help and i promise to refund the money as soon as i get back home.
Thanks
David
On something like this, you look at the return path on the e-mail. His address was clearly spoofed. It looks like it came from his e-mail address on the surface, but the return path was:
Received: from [209.107.217.39] by web83004.mail.mud.yahoo.com via HTTP; Wed, 29 Sep 2010 05:46:53 PDT X-RocketYMMF: girliegodess15@sbcglobal.net X-Mailer: YahooMailClassic/11.4.9 YahooMailWebService/0.8.105.279950 Date: Wed, 29 Sep 2010 05:46:53 -0700 (PDT)
Here's another from that address.
Oh, and when I responded to the address that looked like David's, I got an e-mail back:
I want you to know that we currently in London for a short vacation and we are been mugged over here. It not a fraud. I will much appreciate if you guys can help me back home. I promise to refund you as soon as am back home.David.
It can seem very real to anybody who isn't very Web-sophisticated. Spread the word.
UPDATE: It turns out that they got his password to his gmail account. Horrible, horrible. I'm trying to help him with it now. Here's what may help with gmail.
How I think this could've happened: People on WiFi are often very unprotected, especially on public WiFi. There are people out there with packet sniffers who look at information you're sending out. I turn off all sharing on my laptop, and I never, ever get on a thing that says "free public Wifi." It's free giveaway of your information to the person snooping on other people's computers.
My Facebook account was hijacked with the London scam several months ago; evidently, it's fairly common. Of course, it's ludicrous -- how close would a friend have to be before you feel comfortable asking for any amount of money? Certainly closer than 99% of my Facebook "friends."
If that actually happened, by first call would be to the American embassy.
As for Facebook, their only suggestion was that I change my password.
Todd Everett at September 29, 2010 9:57 AM
The advice I've been given, which I think still holds true, is to use a virtual private network (VPN) if one is available to you from your work or school. This encrypts your transmissions, even when the network is open. I don't know what to do if you don't have one.
Josh at September 29, 2010 9:58 AM
Another clue for Quendrith, in case you aren't there to respond to her question: ANY friend who is "connected with writers" is unlikely to send such a grammatically incorrect email, not matter HOW stressed he might be!
This is something you will know by knowing your friends, their writing style, and their ability to punctuate (even on a cell phone, most people can do better than this, if they know better). In fact, if any of MY friends sent such a mess of an email, I believe I'd just leave them in jail :-)
gharkness at September 29, 2010 10:03 AM
I'm one of David's clients and not a very clever one at that. Was Googling the nearest Western Union when it dawned that none of the first person 'I's had been capitalized. David's a journalist. He's going to capitalize, no matter how traumatized he is.
Sanjiv at September 29, 2010 10:06 AM
My friend Daryl had this happen a few months back... I got almost the exact same emails.
Eric at September 29, 2010 10:12 AM
Same scam, slightly different media is the phone call from "your favorite _____" (grandchild, cousin, whatever.)
They're in Canada, and need money urgently to fix the car/get out of jail/other.
What's up with Canada anyway? The Nigerians were funny. This is just sick. All the Canadians I met were nice. The jerks must all be on the phone.
MarkD at September 29, 2010 10:29 AM
Nancy Rommelmann posted the same thing about the grammar. I wasn't awake when the initial e-mail came, so I just got the long string.
If you were a person who believed this might be true, the thing to do would be to say, "So, David, where did we meet?" and "Tell me about the lovely light in your apartment near Columbia."
David didn't go to Columbia, we met in the housing office at NYU, and his first apartment looked out on a wall that was so close that he couldn't tell whether it was day or night, and he once packed up all his laundry to take to the cleaners -- and walked out and discovered it was 3 a.m. Stuff only close friends of his would know.
Nancy or Q could have asked him questions related to their writing.
Amy Alkon at September 29, 2010 10:29 AM
I received one of these last year. I realized right away what it was and hit respond to tell my friend that her e-mail had been hijacked. I didn't realize at the time that they had complete ownership of her e-mail. These guys are so brazen that they e-mailed me again (still pretending to be my friend) and called me heartless for not caring about what happened to her. I was going to reply again, but my husband was uncomfortable with me confronting some cyber nut so I let it go. That said, I can see where someone could be fooled by this.
sheepmommy at September 29, 2010 10:59 AM
Even if you are using public wifi, you can feel reasonably secure logging into any service that uses an encrypted connection (look for https:// instead of http:// in the locator bar) with a valid certificate (Chrome is really good about this, it shows the https in green when the certificate is good). When you connect to a site using https, everything is encoded before it is transmitted. Gmail supports this, but it might need to be enabled.
Christopher at September 29, 2010 11:19 AM
Amy Alkon
http://www.advicegoddess.com/archives/2010/09/29/fraud_spam.html#comment-1760083">comment from sheepmommySomeone could be fooled by this, sheepmommy, especially because they could play on your emotions that way.
Amy Alkon at September 29, 2010 11:36 AM
I had the same experience, just like sheepmommy, about a month ago when I got virtually the same email from a cousin in CT. Her facebook account was also breached and she had to start over. Aside the absurd scenario in the email, you can check the email "properties" to see that it has some weird origins.
MikeHu at September 29, 2010 1:18 PM
Absolutely typical Nigerian scam. I remember this one from the early '90s.
Cousin Dave at September 29, 2010 5:06 PM
Well my normal gmail spam folder is about 25k-3k. I was just offered a LinkedIn invite from a guy that I contacted from my volunteer site account. I have jumped to about 45K spam and about 3/day I have to deal with.
What an f'ing idiot.
Jim P. at September 29, 2010 10:01 PM
Whenever you use a public wifi you need to assume that everything you type is visible, unless the site uses https.
Even then you must ensure that the icon against the public router is a router icon and not a small pc icon.
It is easy to set your laptop up as a bridge between the Internet and wifi and stage what are called "man in the middle attacks" on the messages traveling between the victim and the Internet.
Also it is trivial for someone to embed a key logger within other software and replay the results. These are frequently included in free porn, cracked software and software key generators or as infections maliciously added to web sites.
If you use online email, shopping or banking -Keep your computer patched, antivirus up to date, use a firewall and perform a remote virus scan periodically.
And you wonder why IT professionals seem paranoid or BPD most of the time - it's the world we live in!
Mr H at September 30, 2010 5:02 AM
Intriguingly, the post code/zip code quoted is for The London School of Economics, or LSE.
SEB at September 30, 2010 5:20 AM
This is a very common scam I have seen several times. My favorite scam is when I get emails from someone claiming to be the wife of a Nigerian diplomat, asking for help getting their millions released from the country they've been exiled from.
This scam is so old and so often used it has a name. "The Spanish Prisoner". It always amazes me because the truth is, con men wouldn't still use them if someone somewhere didn't fall for it!
Jennifer Mascola at September 30, 2010 6:43 AM
Josh is right, VPN is the way to go. Google "vpn service" and you'll find many examples if you're not provided that resource thru school or employment.
Personally, I subscribe to COTSE for both email and vpn, and I'm pretty happy with their service, but do look around.
Of course, you should always connect to password protected web sites via an https connection. The other side of the vpn is just as open and unsecured as it would be if you didn't use a VPN at all.
Ideally, it should be in a much deeper data pool, and thus much more difficult to intercept than someone capturing packets at a coffee shop served by the least expensive DSL connection offered and relatively few customers.
As I tell my graduate students, when it comes to online messages, trust no one.
I R A Darth Aggie at September 30, 2010 12:31 PM
Leave a comment