Beware Email Account Security

[brahmburgers]

Here's the scenario: You get an email from an old friend who you haven't been staying in touch with regularly. He says, 'Help, I was traveling in England, and I got mugged and beat up. The punks took my wallet with all my cash, and plastic cards, and airplane ticket I had in a pocket. All I have is my passport, which was back at the hotel. Please send money a.s.a.p. I'll pay you back plus 10% as soon as I get back to Bangkok (where you know he's based). You write back, "how much do you need?" He emails back to you, "$1,600 to cover my hotel bill and o-w ticket back to Bangkok." He sends a London address.

You send $800 via Western Union, figuring one or more of his other friends will chip in to assist.

He writes back and says the money was rec'd but it's not enough, "please send another $800." You don't. Then suspicion sets in.

So, you write your friend asking for confirmation that you'll get paid back a.s.a.p. after he arrives home to Bangkok.

Nothing for 3 days. Then an email from same friend saying 'How's everything going?" ...and going on with small talk, only mentioning he had been locked out of his Email account for two weeks, but now it had been straightened out.

At that moment, you know you'd been scammed. That's what happened to me last week. I honestly thought it was him writing all the emails, but realized belatedly (and $800 poorer) that it was some scammer who got in to his email, changed the password, and locked him out.

I tried contacting Western Union, but their official web site makes it impossible to send a message via their "response form.' There's a field on the response form which, no matter what you write in there, it comes back as an error (even if you leave it blank). Pretty crafty. Obviously Western Union doesn't want to be bothered by pesty people wanting answers about missing money, so they intentionally make their response form non-functional.

I also contacted Islington police, but haven't heard back. Turns out the address I was given by the thieves is a Pub called Thai Agricultural. Also, the thief must have had some false ID or else charmed the Western Union people in to handing over the money.

One message in this: change your password every so often on your email account(s).

If using a public Internet connection, MAKE SURE YOU LOG OUT of you email (and everything else) before quitting. Also good to turn off the computer you're working at, when you're done, if it's a public place.

[HABITAT]

Sounds like they are becoming more creative - what email hosts are you both using?

Edited October 10, 2009 by HABITAT

[Bearnagh]

....One message in this: change your password every so often on your email account(s).

If using a public Internet connection, MAKE SURE YOU LOG OUT of you email (and everything else) before quitting. Also good to turn off the computer you're working at, when you're done, if it's a public place.

I'm not an IT expert but I'm sure one will turn up soon....

I have a friend who runs a small internet cafe. One of the PCs gave a bit of trouble and she called a guy in to sort it out. Amongst other things, he discovered that 3 of the PCs in her cafe all had keyloggers installed on them. Of course she knew nothing about such things (and until now, neither did I). Turned out after a lot of investigation and surveillance, that a 'customer' had secretly brought in a pen-drive and installed this insidious piece of software into the machines to collect logs of the things that people were typing. That would of course include login names and passwords. So the customer might be returning to the cafe periodically to retrieve these logs back onto his pen-drive to be taken away and examined at a safe distance at his leisure!

My cafe friend has now blocked off all the unused USB ports on the machine with Plastic covers, screwed into the casework of the PC and had the CD drives disabled in the system setup !

Beware... unless you are very sure of a public internet location don't risk doing bank transactions or anything that makes you type a precious password. etc!

[Crushdepth]

I get these messages from work contacts fairly regularly, from my interactions the cause always seems to be pathetically weak passwords. Possibly keyloggers too.

If you have a lame duck password on your email account, change it.

Edited October 10, 2009 by Crushdepth

[brahmburgers]

Sounds like they are becoming more creative - what email hosts are you both using?

we're both using gmail.

I think Bearnagh is on to something. I had heard of those 'stealth' programs which can garner other prior users' info on multi-user computers. Thanks for the reminder. Anyone involved with one or more computers with multiple users (outside of family/friends) should have that checked out. What software can search for that - is it 'spyware?'

I'm still feeling stung (from being ripped off), but can't cry over spilt milk. gotta go onward. at least it's not Bt70,000 from some life-threatening beach scene face to face with someone brandishing a weapon, like Jetski JJ.

BTW, I just changed the password for my email account. It was 'opensesame' (just kidding).

[puyaidon]

Same thing happened to me with a good friend who I had just talked to 3 days prior here in Thailand but I didn't fall for the scam. But another person, a lady from Poland that I knew sent me a message saying that she needed to know where to send the money for my friend. I wrote her back and told her so she saved herself some money. My friend had to send out an email to everyone just to keep the friends from getting scammed. Not sure how it started but in my friend's case, he was not anywhere outside of Thailand and I knew him. It is best to send email to someone rather than money. The scams are getting better from the days of the Nigerian messages. Now they are using our friends.

[BangkokHank]

This scam was tried on a friend of mine here in Bangkok recently - twice. He didn't fall for it, though. I guess all of those Nigerian scams have made us very skeptical.

Nonetheless, it's good that you mention scams like this on forums such as this. If the criminals work together against us, we have to work together to protect ourselves.

[davee58]

I have had exactly the same e-mail on two occasions.

The first was from a friend in the Philippines, it was very convincing but I knew he would never ask to borrow cash from me.

When I next saw him he said that his mail account had been hacked, he did not know how they got the password, but he could no longer access his mail..

The second was from a hotel I have stayed at in Bangkok, it was rather obvious that the XXXX hotel had not been relocated to the UK and become penniless and destitute.

This appeared to be from the Hotel e-mail address, I hope they have not lost the mail account (Hotmail) as that would be commercial disaster.

If anybody has a copy of the e-mail, it might be of interest to post it here, with all identifying info removed of course...

[BangkokHank]

If anybody has a copy of the e-mail, it might be of interest to post it here, with all identifying info removed of course...

Here is one of the messages my friend received:

"Hope you get this on time ? Sorry I didn't inform you about my trip to the UK for a program, am having some difficulties here because i misplaced my wallet on my way to the hotel where my money and other valuable things were. Presently my passport and my things are been held down by the hotel management pending when i make payment.

I will like you to assist me with a loan of £1,450 to pay my hotel bills and to get myself back home. I will appreciate whatever you can afford to assist me with, I'll Refund the money back to you as soon as i return, let me know if you can be of any help? ASAP.

I don't have a phone where i can be reached,please let me know immediately Thanks"

The obvious thing for anyone to do is to try to call a friend in distress first. That is why the scammer has to say that he doesn't have a phone where he can be reached. This should be a tip-off. Offer to call him at his hotel. What hotel doesn't have a phone?

[Beggar]

Did not know that it is so easy to get money. Will have to write some emails to my friends now And where can I get this keylogger?

[Phil Conners]

Unfortunately I think it's rather common that those running internet cafe's don't have much clue. You don't even need to use the USB port to install a keylogger. Just download and install directly from the Internet.

[Beggar]

Some years ago I always fixed the public computers at CAT in Pattaya (for free). Some customers were sitting there moving around in the darkest areas of the internet for many hours every day - mostly sex related. Those computers had almost all diseases such an electronic prostitute can have. And it took just some days to destroy a cleaned computer again.

So I think it is very hard or even impossible for a customer to judge the safety of computers in an internet shop. CAT at this time had no backup solution to restore the systems every day. And I am afraid many internet shops do not care. But even if - the customer before you could have infected the computer. It is like a girl from the bar

[filingaccount]

And the first reaction of anyone receiving a distressed message/email from a friend?

Calling them. Everyone has a mobile phone, and more likely than not your friend will pick up and clear it right up....

Then perhaps calling their significant other, family or perhaps work place?

It boggles the mind that anyone would up and transfer funds based on an email. Healthy skepticism perhaps?