Friday, 14 May 2010

The Voice - Consumer's Voice

Hacked emails

In the last couple of weeks I’ve heard from three people who have had their online email account hacked. Like many of us they’ve been using either Gmail or Yahoo email accounts for years. These online email accounts are remarkably useful, even for those of us who have conventional email accounts at home or work. We can’t always rely on our normal email and they can be incredibly useful particularly if you’re travelling. They also help out on those occasions where our local Internet Service Providers let us down.

However, things can go horribly wrong with these free services unless you are very careful.

Each of the people we heard from had the same experience. Suddenly they would get phone calls from their friends, workmates and relatives in a panic asking if they were OK. Their friends had all received an alarming email, apparently from the victim, saying that they were stranded abroad without any money or a place to stay and desperately seeking their help. I actually received one of these supposedly from a friend myself. The message in one case said:
“How are you doing? Hope all is well with you and family, i am sorry i didn't inform you about my traveling to England for a Seminar.

I need a favor from you as I've misplaced my wallet on my way to the hotel where my money and other valuable things were kept and I will like you to assist me with an urgent loan of $3,000 to sort-out my hotel bills and get myself back home.

I will appreciate whatever you can afford to help me with and I'll Refund the money back to you as soon as i return.Please kindly help me to send the money through Western union with my details below.”
All the usual scam clues are there. The person I know would never have made any of the simple mistakes in the email. If she was really stranded in the UK why would she want money in US dollars and not Pounds? Why would she have spelt “favor” the American way when I know she spent some of her childhood in the UK?

And why, in such a situation, had she not approached the Botswana High Commission in London for emergency help, that’s what they’re there for.

Of course this is all a scam that’s exploiting our natural instinct to support our friends in a crisis. We’re all nice people, if this situation was true, we would all do our best to help out a friend in need if we could.

The final part of the clue is the way this scammer wanted to be paid. It said:
“Please kindly help me to send the money through Western union… kindly help me to make the transfer as soon as you receive this email and once you have it sent, send me the money transfer control number with details used in sending it.”
I’m sure that Western Union sometimes do money transfers that are legitimate, but it’s bizarre that every single scam we’ve ever seen has used them as the mechanism for transferring money from a decent person to the wallet of a crook.

If you get an email anything like this, please do NOT send any money to anyone. Pick up the phone and call your friend or relative who seems to have sent the email and ask them yourself. Surely anyone who has travelled “to England for a seminar” also has a cellphone, don’t you think?

How does this happen?

So how does a scammer get into a free email account like this?

Very easily. It’s probably most likely that the victim has been deceived by a “phishing” email asking them to confirm their email details or perhaps pretending to prevent their email account being compromised. They are directed to a web site that looks exactly like the free email account site and they then enter their username and password into a convincing-looking form. The victim doesn’t notice that it isn’t actually the Yahoo or Gmail site they’ve visited, but it’s actually something completely different. The scammers now have all they need to sign on as the victim and get up to mischief.

Alternatively the victim might have been infected with a computer virus that installs a “keylogger”, a program that records everything they type, including usernames and passwords.

These days it’s incredibly important that you protect yourself on the internet. Be skeptical about any emails you receive and don’t believe a thing you read until you’ve done a bit of research. Talk to your techie people at work, talk to your friend the computer expert and you can always call us if you’re worried.

An appeal

Which company in Botswana gives you really dreadful service on the telephone? Let us know who you think sucks on the phone and we’ll phone them, record their abysmal service and then send a recording to their CEO or MD. Let’s demonstrate how bad things are to those who have the power to do something about it!

No comments: