Hack Attack!

This morning when I checked my inbox I found an email from the parent of one of The Pea's friends, entitled "I Need Your Help". Babysitter cancel on her? Does she need me to pick up her daughter? No problem.

The body of the email read:
How are you doing ? I hope you are doing fine, I'm sorry that I didn't inform you about my traveling to England for a Seminar. I need a favor from you as soon as you receive this e-mail because I misplaced my wallet on my way to the hotel where my money,and other valuable things were kept, I will like you to assist me with a soft loan urgently. I will be needing the sum of $2,500 to sort-out my hotel bills and get myself back home.

I will appreciate whatever you can afford to help me with, I will pay you back as soon as I return,I'm counting on you on this, Kindly let me know if you can be of help so I can send you my details to use when sending the money through western union.I look forward to read from you later today.

Your reply will be greatly appreciated.

It was signed with her name.

Now, I'm no fool. I wasn't about to head to the nearest Western Union. For one thing, they live in a big, beautiful house in Palo Alto, so I doubt if she'd need to turn to me for a couple of thousand bucks. For another, any friend would call instead of email. If anyone doesn't know that email is a blatant scam, I've got a nice bridge I'd like to sell you.

So I emailed her back, --typing in her email address directly into the "To" field, not replying to the scam email -- and let her know that some phisher was masking their "from" address and using hers instead.

Imagine my surprise when I received her response:
Thanks a lot for your response and concern,I really need the money and I will appreciate if you can send it today. You can send the money to my details below through western union transfer or money gram, all you have to do is go to the closest western union location or money gram with the money in cash and instruct the agent to wire it to my personal details below.

Name : My friend's first, middle and last name
Address: 327 Great Peter Street.
London. SW1P 3NQ

Please As soon as you send the Money I will like you to email me the 10 digits (Mtcn) Numbers and all the details used in sending the money to me, I am counting on you okay.
I look forward to read from you later today.

Again, it was signed with her name. The email really was sent from her email account!

So I tried to call her home and mobile number, but couldn't reach it. I called her husband's mobile and he told me that someone had indeed gotten hold of her email account (she can't access it now) and was spamming everyone on her address list. The hacker stole her credit card information as well, and charged $4000 to her card.

Ick! Ick! Ick! Needless to say, she's a bit internet-shy at the moment, and they'll be running some serious anti-virus and firewall software on their home computer before she attempts to log on again. And it's a sober reminder that these things do happen. The only things I can think of to minimize the impact would be:

1) Periodically backup your contacts and email list to your computer so that if you get hacked like this, you can always create a new email account and let your friends know that they should treat your old account like spam.

2) Don't include sensitive information like credit card numbers or passwords in your email account (like Yahoo! Notepad, etc..).

3) Make sure you have a firewall and virus protection software.

Even if you do take precautions, I think we all still have to pray that something like this doesn't happen to us. And Thank God (or big banks) for credit card fraud protection.


Diane said...

I remember reading about something very similar to this a few months ago. Same type of scam basically except it was over facebook and the guy sent his friend the money since he couldnt get a hold of him via cell phone.

You can never be too careful!

Shangrila said...

Icky! Last year my email address book was hacked into and an email was sent out promoting some internet store. It was a b**** to contact everyone to apologize (as my contacts were wiped).Sucky. Hope that your (real) friend recovers both emotionally and financially. :( Your advice is spot-on! I also changed my browser to Firefox, as Windows had too many security issues. Of course, Firefox just announced that they've had a security breach as well...feh!

Anonymous said...

Which email provider does she use? Hotmail, Yahoo, gmail,...?

Unknown said...

I, too, would love to know what provider she was using, since I got the same msg from a friend with a gmail acct this AM. She is understandbly upset, and I am trying to figure out if I can give her any help in recovering her addresses and "plugging holes". So far your blog entry is the only instance I've been able to find in the web of this particular scam text, but I bet I'll see more in the next 48 hrs!

modmom said...

that's a nightmare!

can you please send me $2500 dollars :)

Anonymous said...

Dear Customer,

What's Western Union Bug? And How does It Work?
WU Bug is a software that cracks Western Union databases and gives the DATA of WU information for payments made to any country in the world.

The new feature in WU Bug now is that you are able to change the receiver's name to any name you choose in same country and you are also able to make new Transfers Using Our Hacked Virtual Credit and Debit Card which has Unlimited Financial Capabilities.

The cost of the Western Union Bug is $10,000 and with it you can be able to make $200,000 weekly if you are smart.

Contact me for payment methods on:-
Yahoo chat ID:- activewubug
Email:- wubug2009@hotmail.com
Website:- www.wubug.tk
Phone:- +234-807-425-4709

You won't regret it getting one for yourself