I finally got one of those “I’m stuck in London” emails. My friend Kate’s Gmail account was hacked, and everyone on her contact list received an email from a hacker posing as Kate:
“Hi, Apologies, but I made a quick trip, to London,United Kingdom and got mugged, my bag, stolen from me with my passport and credit cards in it. The embassy is willing to help by authorizing me to fly without on a temporary identification, instead of a passport, I just have to pay for a ticket and settle Hotel bills. Unfortunately,I can’t have access to funds without my credit card, I’ve made contact with my bank but they need more time to come up with a new one. I was thinking of asking you to lend me some quick funds that Ican give back as soon as I get in. I really need to be on the next available flight back home. Get back to me so I can send you details on how to get money to me. You canreach me via email or hotel’s desk phone, +44208359**** waiting for your response. Kate”
The hacker also created a replica of her Gmail address using Yahoo’s webmail service, and set Kate’s Gmail account to automatically forward all messages to the Yahoo address.
As soon as I received this email, I called Kate and left her a message letting her know she’d been hacked, and asked her to call me with an alternative email address.
Then I responded to the hacker:
“Kate I will help you. Where do I send money? Robert”
The hacker wrote back:
“Robert, Thanks for responding, I need about $2000, can you make a western union transfer to me? I will pay back once am home, let me know what you can do ASAP thanks.
See details needed for western union
Receiver: Kate [redacted]
What you need to do, is take cash or a debit card to a western union agent location and request to make transfer to me in United Kingdom. You can get the address of a nearby WU agent from this website
You will email me the mtcn number for the transfer so I can receive the money here, I have an embassy issued identification, which I will use to get the money from WU Thanks Kate”
“Send me a picture. I want to see your pretty face! What did you see in your travels? Did you talk to Mum this week?”
The hacker responded:
“Did you send the money yet?”
“You didnt answer me.”
At this point, the hacker figured out what I was doing, and blew me off:
“Don’t bother, I no longer need your help”
It’s hard to scambait these guys because they’re much more aware of how scambaiting works. Plus, I’m not that good at it.
The hacker and I then got into an unproductive series of email exchanges calling each other nasty words.
When the real Kate called me back, I sent her this Google Help link explaining how to reset your password if you’ve been hacked. Google also offers help accessing a Gmail or Google Apps account that has been taken over by a hacker.
If you haven’t already created a secondary email address that can be used to recover an inaccessible Gmail account, do that now. (This feature isn’t currently available for Google Apps.)
Once Kate went through this process, she regained control of her account within minutes. But the criminal had deleted every single email, leaving her with nothing. He’s probably going through those messages now, searching for any useful personal information.
Kate then sent me an email, thanking me, and I noticed that the Yahoo email address was still being copied, meaning that the hacker was still seeing every email sent to Kate’s Gmail account. If you’ve been hacked, check your Gmail settings to make sure your messages aren’t being forwarded automatically.
With more than 11 million victims just last year identity theft is a serious concern. McAfee Identity Protection offers proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on your financial accounts. Educate and protect yourself – please visit http://www.counteridentitytheft.com.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- 10 Ways to protect your Gmail Account
Protecting your Gmail account means you must activate some tools that Google offers, and you must increase your scam savvy intelligence in order to spot phishing scams. If you do both, you can have a very well-protected Gmail account. #1. Google 2 Step Verification. This is the Holy Grail of account security. Not really, but it’s
- Maximizing the Use and Efficiency of Your Mobile Device
Time isn’t just money. Time is what you spend with your family, on a vacation or watching a kid’s dance recital. Time can be gained or lost based on how efficiently or inefficiently you use and implement mobile technology. First and foremost, your mobile phone is a communication tool. It should be set up to access
- Facebook CEO Password dadada hacked
If you’ve heard this once, you need to hear it again—and again: Never use the same password and username for more than one account! If this got Mark Zuckerberg’s (Facebook’s chief executive). Twitter account hacked, it can get just about anybody hacked. A report at nytimes.com says that the OurMine hacking group takes credit for busting into
- Web Based emails Insecurity Leads to Identity Theft
Robert Siciliano identity theft expert I recently appeared on Fox and Friends to discuss email hacking. Dave Briggs, a FOX & Friends Weekend co-host, lost access to his Hotmail email account when hackers were able to guess either his password or his qualifying question. (He admitted that his password was not as strong as it should
- How I Wasted 4 Hours with a Criminal Hacker
Robert Siciliano Identity Theft Expert Lately I’ve been coming across “advertisements” on forums, posted by criminal hackers looking to sell our stolen information. They are “carders,” selling “dumps” and “fullz.” Well, I decided to make contact with one of them to see what the deal is. It turns out the one I connected with was less
Leave a Comment
You must be logged in to post a comment.