I finally got one of those “I’m stuck in London” emails. My friend Kate’s Gmail account was hacked, and everyone on her contact list received an email from a hacker posing as Kate:
“Hi, Apologies, but I made a quick trip, to London,United Kingdom and got mugged, my bag, stolen from me with my passport and credit cards in it. The embassy is willing to help by authorizing me to fly without on a temporary identification, instead of a passport, I just have to pay for a ticket and settle Hotel bills. Unfortunately,I can’t have access to funds without my credit card, I’ve made contact with my bank but they need more time to come up with a new one. I was thinking of asking you to lend me some quick funds that Ican give back as soon as I get in. I really need to be on the next available flight back home. Get back to me so I can send you details on how to get money to me. You canreach me via email or hotel’s desk phone, +44208359**** waiting for your response. Kate”
The hacker also created a replica of her Gmail address using Yahoo’s webmail service, and set Kate’s Gmail account to automatically forward all messages to the Yahoo address.
As soon as I received this email, I called Kate and left her a message letting her know she’d been hacked, and asked her to call me with an alternative email address.
Then I responded to the hacker:
“Kate I will help you. Where do I send money? Robert”
The hacker wrote back:
“Robert, Thanks for responding, I need about $2000, can you make a western union transfer to me? I will pay back once am home, let me know what you can do ASAP thanks.
See details needed for western union
Receiver: Kate [redacted]
What you need to do, is take cash or a debit card to a western union agent location and request to make transfer to me in United Kingdom. You can get the address of a nearby WU agent from this website
You will email me the mtcn number for the transfer so I can receive the money here, I have an embassy issued identification, which I will use to get the money from WU Thanks Kate”
“Send me a picture. I want to see your pretty face! What did you see in your travels? Did you talk to Mum this week?”
The hacker responded:
“Did you send the money yet?”
“You didnt answer me.”
At this point, the hacker figured out what I was doing, and blew me off:
“Don’t bother, I no longer need your help”
It’s hard to scambait these guys because they’re much more aware of how scambaiting works. Plus, I’m not that good at it.
The hacker and I then got into an unproductive series of email exchanges calling each other nasty words.
When the real Kate called me back, I sent her this Google Help link explaining how to reset your password if you’ve been hacked. Google also offers help accessing a Gmail or Google Apps account that has been taken over by a hacker.
If you haven’t already created a secondary email address that can be used to recover an inaccessible Gmail account, do that now. (This feature isn’t currently available for Google Apps.)
Once Kate went through this process, she regained control of her account within minutes. But the criminal had deleted every single email, leaving her with nothing. He’s probably going through those messages now, searching for any useful personal information.
Kate then sent me an email, thanking me, and I noticed that the Yahoo email address was still being copied, meaning that the hacker was still seeing every email sent to Kate’s Gmail account. If you’ve been hacked, check your Gmail settings to make sure your messages aren’t being forwarded automatically.
With more than 11 million victims just last year identity theft is a serious concern. McAfee Identity Protection offers proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on your financial accounts. Educate and protect yourself – please visit http://www.counteridentitytheft.com.
Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss identity theft on YouTube.