Online Scams - rather too close to home

Dec 15
18:45

2011

Roger J Webb

Roger J Webb

  • Share this article on Facebook
  • Share this article on Twitter
  • Share this article on Linkedin

The internet makes several sorts of large-scale fraud possible but it is normally only the scale of the fraud that it makes possible - the fraud itself is probably eons old. This one, however, relies on the internet to provide a cloak of anonymity.

mediaimage
My wife received an email. It ran like this:
Dear Jenny I am travelling in Italy and have just been mugged. My wallet,Online Scams - rather too close to home Articles my laptop, my mobile phone and my passport were all stolen. My credit cards were in my wallet so I can't even pay my hotel bill. I need some cash to see me home where I can sort out the mess.
Normally I wouldn't ask but I urgently need £200 to help me out of this jam.
The local police tell me that if you email your bank details they can help me to draw out enough money to see me home when I can settle up with you. 
George.
 Well, before we go any further, my wife's name is not Jenny, nor does she have a friend called George, but the name given, and the way she was addressed were both characteristic of their correspondence.
The only odd things were:
  1. 'George' was not particularly close and certainly would have had friends and family much closer to him than my 'Jenny';
  2. 'George' is a sophisticated street-wise sort of a guy who knows his way around and doesn't need this sort of help.

So 'Jenny' simply copied the email to George's address.
So let's look at the scam.
  1. It was a pretty good impersonation of 'George': good enough to trigger a friendly response.
  2. It suggested a degree of urgency and alarm that might trigger an ill-conceived knee-jerk response.
  3. It introduced an 'authority figure' and asked for a relatively small sum.
  4. It suggested cash and 'failing that' bank details whilst making it easy to send the bank details and giving insufficient data to do the other

Looking at the technology
  1. The scammer has already penetrated the mail box of either Jenny, George or possibly someone who has both names in his address book. He may have placed a "Trojan" inside one or more of their computers so that he can use it to send out emails in the name of his initial victim.
  2. He (or she) is using this to "Phish" for bank details and even a little cash bonus
So before you part with your money check-out the story.
  1. Call 'George's' home line or mobile,
  2. Reply with questions - the scammer's impersonation skills are unlikely to be up to the task if you ask the right questions.
  3. Call mutual friends or relations.

And never, never, never send your bank details to an "Insecure Site" (look for https rather than http) over an "Unencripted" link.(Look for the little golden padlock at the top or bottom of your screen)
Two months later she got a very similar email from another friend so it looks like her computer is the one hosting a trojan.

Article "tagged" as:

Categories: