Thursday, July 22, 2010

An Email Scam

My wife encountered an email scam that I had never seen before. She got an email from a friend's email address:
I'm caught up in a real mess and i need your help. I'm sorry I didn't inform you about my trip,I had a trip to the Wales United Kingdom and a bizarre thing happened to me.I was mugged at gun point last night, it happened at the park of the Hotel were i lodged but thank God i wasn't hurt, the muggers carted away with all my belongings excluded my passport. Cell,credit card,cash and some important documents are all gone. I was able to make contact with the UK Police and i was directed to the Embassy, but they seems to be taking things too slow.I need your help so urgently.. My flight leaves pretty soon but i am having problems sorting out the hotel bills also getting my ticket straightened out. Ineed your help. I need a quick loan of ($1,800) to get things fixed out here,I promise to refund as soon as i get back home.. please reply asap. so i can tell you what to do and how to get the money to me..Hope to read from you soon..
It smelled fishy, but the email headers were legit. My wife decided to call her friend. By chance, she didn't pick up and we had to leave voice mail, which had us worrying that it my be real.

My wife responded to the email saying:
I didn't know you were out of the country! Just to make sure no one hijacked your e-mail account, can you tell me how you know me?
Within a minute, she got a response:
My email was not hacked,l know this sounds weird and you wouldn't believe me,i'm really stuck out here in the UK and it's so devastating at the moment.l wish i could call but i don't have access to phone at the moment ,I have nothing left on me and i'm glad that i still have my life and my passport cos it would have been worst if they made away with my passport.I am full of panic now and the police only asked me to write a statement about the incident and directed me to the embassy,i have spoken to the Consulate here but they are not responding to the matter effectively,I really need your help to get myself out of this place.
I realized that the result came too quickly, but more importantly, we were involved in an actual Turing test ;) Since the email didn't answer the question we asked, we assumed it was fake.

A few minutes later, my wife's friend finally called back. She wasn't in the UK. We told her about the scam and told her to change her password, and we would see if the robot would continue responding. It turns out, she was locked out of her account--it had been hijacked. Gmail has a process to recover a hijacked account, and the last we heard, she was going through that process.

Crazy. I wonder if we're going to see more scams like this.

4 comments:

jbrendel said...

Hi JJ,

I've heard of these scams before, some time ago, actually. Maybe 6 months or a year ago? Something like that.

They can look very real, it's scary. And recently a friend of mine had their email hacked, resulting in spam mail coming from a genuine account (Yahoo in that case).

Just goes to show how important it is to have good email passwords.

Juergen

Bob Van Zant said...

This happened to me in a similar way, except that it was facebook chat. A friend with a poor facebook password had their account jacked and the malicious person did the same sort of thing, except over facebook chat. The person wasn't a close friend so I almost immediately knew it was a scam.

FWIW I really like lastpass and the random passwords it generates.

Brandon L. Golm said...

happened to a very close friend ... they got gmail and facebook cracked, and same scam. 1Password FTW.

Basu said...

This exact same thing happened to my mother on her Hotmail account. That account is now lost.