|
Post by Russell Letson on Apr 24, 2010 20:35:42 GMT -5
My wife (at her school account) received this e-mail from an old friend's Yahoo account: It was a legit address, and there was nothing in the writing style (or even the situation, given the travel snafus caused by the volcano) that sounded off, so she replied, asking what exactly we needed to do and got a rather generic reply. So she wondered whether there was any way of determining that this really was our old friend. When she Googled using the fifth sentence as the search term, she immediately got a hit identifying this as a scam with the exact wording of the first e-mail she received. We called our friend (who was indeed at home fixing dinner, not in England at a funeral) and told her. She'll be contacting Yahoo about it. Below are links to a couple of descriptions of the scam. I noted one feature mentioned in both in our example: the second, I-got-a-bite e-mail came from an address with a one-character difference from our friend's legit one, so our responses would not show up in our friend's mailbox but in an account set up by the scammer. www.fredericknewspost.com/sections/news/display.htm?storyID=103028windowslivehelp.com/thread.aspx?threadid=131bfaba-bf88-4363-bbff-edceabf34cd2(And I just noticed another red flag: the scammer's reply message included a British spelling that our friend would never use: "spoilt.")
|
|
|
Post by Supertramp78 on Apr 24, 2010 22:31:54 GMT -5
so did you loan her the money or not??
|
|
|
Post by Marshall on Apr 24, 2010 22:43:18 GMT -5
That's what friends are for.
Seriously. Stolen email adresses/passwords. A real pain in the butt. And nasty to follow up on. But not as damaging as credit card and/or bank info, I would suspect.
|
|
|
Post by Ann T on Apr 24, 2010 23:59:07 GMT -5
I got one a couple of weeks ago that sounded like a panicked request for help from a friend who said she was in England on a quick vacation trip but she just got mugged in the park and lost all her cash and credit cards and her plane was taking off in 3 hours...then I remembered that this friend was not supposed to go on vacation for two more days, and realized it was a scam. There was no pidgin English, no mention of Nigerian royalty, none of the usual tipoffs. In fact, here it is! www.lastminutetravel.com/blog/index.php/2010/01/08/travel-scam-alert-your-friend-was-not-mugged/
|
|
|
Post by sidheguitarmichael on Apr 25, 2010 2:42:55 GMT -5
Wow. Good thing I don't have any friends...
|
|
|
Post by Fingerplucked on Apr 25, 2010 7:20:16 GMT -5
My friends know I have no money, so any request to borrow some would be a tipoff in itself.
|
|
|
Post by Marshall on Apr 25, 2010 9:20:54 GMT -5
Hey Jimbo. I'm stuck in Schiller Park. There's freight train blocking Irving Park Road, and I need a couple bucks for a brewski while I wait it out. Can you wire me a couple hundred bucks?
|
|
|
Post by Fingerplucked on Apr 25, 2010 9:24:49 GMT -5
Dear Marshall,
I'm already in the pub. Get your butt in here, quick. I've already run up a substantial tab and the bouncer looks pretty pissed that I can't pay it.
Your friend in debt, Fingerplucked
|
|
|
Post by millring on Apr 25, 2010 9:30:24 GMT -5
I think I mentioned here a couple of months ago that I started getting emails addressing me my name and with certain details that seemed as if they knew who they were addressing. I googled the email address and found they were Romanian. It wasn't like they'd gotten details right, just that it was like another step down the road to a believable scam.
I always wonder about all the typos and such in the typical scam email. I guess if I were to try to perpetrate a scam, that's one of the things I'd watch out for to make sure the scam email is credible. I wonder who ever answers those emails with all the typos. I it's other people who can't spell any better than the scammer, then I guess they've got it coming, eh?
|
|
|
Post by TDR on Apr 25, 2010 11:18:49 GMT -5
They're getting more sophisticated. Somehow the scammer got into your eddress list, or your friend's. And somehow they have a setup where you will send money and they will retrieve it.
What I don't get is where the heck is law enforcement on this? It couldn't be hard to sting these perps. They're sending you replies. They've been at it long enough to leave a trail. They need some relationship with a financial institution to get the transferred funds.
They need a good spanking.
|
|
|
Post by Marshall on Apr 25, 2010 14:20:22 GMT -5
Don't know about this scam. But I got hit with an ebay scam on and item (guitar - who'da guessed?) that I'd bid low just to see where it went. I got an email from a scammer pretending to be the seller saying the high bidder backed out and I could have it for my price. I was supposed to send money to a Western Union location. That means automatic cash and disappear to the perp.
I had already exchanged emails with the seller about questions, so I knew it was a scam. I reported it to him and to ebay. Don't know any further.
But sending to a Western Union location is an easy deal for the scammers.
|
|
|
Post by Russell Letson on Apr 25, 2010 15:03:00 GMT -5
TDR, the perps are way outside of US jurisdiction (for this one, apparently Nigeria and Germany), and in any case discovering the physical location of a hacker/scammer is just about impossible if the guy is even halfway competent. And the standard way of tapping the victim is via Western Union transfer, which avoids the usual kind of bank security and ID and such.
It was our friend's free e-mail account that got hacked (she reports that everything there had been erased). If I were the hacker, I'd look at the message history and focus on those who had gone the longest without a contact--they're the ones who would be least likely to say, "But we just talked yesterday--what're you doing in England?"
|
|
|
Post by TDR on Apr 25, 2010 16:03:39 GMT -5
TDR, the perps are way outside of US jurisdiction (for this one, apparently Nigeria and Germany), and in any case discovering the physical location of a hacker/scammer is just about impossible if the guy is even halfway competent. And the standard way of tapping the victim is via Western Union transfer, which avoids the usual kind of bank security and ID and such. It was our friend's free e-mail account that got hacked (she reports that everything there had been erased). If I were the hacker, I'd look at the message history and focus on those who had gone the longest without a contact--they're the ones who would be least likely to say, "But we just talked yesterday--what're you doing in England?" I understand they're outside the US. But that doesn't, or shouldn't, put them outside reach of the law. Don't we have cooperative agreements with law enforcement in other countries? And don't other countries have an interest in busting these scams? Apparently in this case the money was going to be sent to England. That should be an easy cooperative sting. How would they collect at Western Union on the other end? Pop them then and there, why not. As far as locating the hacker, doesn't it just take an equally tricky hacker to backtrack the ISP and ID? The NSA is supposed to have the whole web mapped and monitored. Various acts of hacking are traced back at times to China or Ukraine or whatever. I suspect it would be quite doable, given sufficient priority, don't you? Whoever hacked your friend's account is likely doing it multiple times. That's a web wide security concern. Seems to me like there needs to be an international effort to get after that sort of thing. It costs everybody when that goes rampant.
|
|
|
Post by dradtke on Apr 25, 2010 16:39:36 GMT -5
I got one of those last year from my step-sister. The first thing I did was contact my mother to see if she'd gotten one (she had) and to tell her it was a scam and not to respond.
|
|