How can you keep this from happening to you? Hackers steal your identity by intercepting your email password, go into your email account, steal your entire address book as well as your signature, and send a bogus email to your list. They program it so that any replies come to them and not to you. The bogus email is requesting money. It seems so real because they have signed it with your very name. Your friends get worried about you and some even do send money, sometimes thousands of dollars, to the hackers.
Here is a case study, along with possible ways to protect your friends and yourself.
First, here is the bogus email I received from the email address of a trusted friend. I knew it was bogus because I was in close contact with her and knew that she had not left the U.S. To protect my friend's privacy, I will call her "Jane Doe." The email was addressed to me and cc'd to "undisclosed-recipients." The subject line read, "Trouble."
"Hi,
Apologies for having to reach out to you like this, but I made a quick trip two days ago, to London, United Kingdom and had my bag stolen from me with my passport and credit cards in it. The embassy is willing to help by authorizing me to fly without my passport, I just have to pay for a ticket and settle Hotel bills. Unfortunately, I can't have access to funds without my credit card, I've made contact with my bank but they need more time to come up with a new one. I was thinking of asking you to lend me some quick funds that I can give back as soon as I get in. I really need to be on the next available flight.
I can forward you details on how you can get money to me. You can reach me via email janedoe@gmail.com or hotel's desk phone, +447045749898
waiting for response.
Thanks
Jane Doe"
A similar email came from the slightly altered email address of another trusted friend. It read:
"Subject: OMG.....HELP!!!
To:
Date: Tuesday, February 22, 2011, 8:58 AM
This message may be coming to you as a surprise but I need your help. Few days back we made an unannounced vacation trip to London,UK. Everything was going fine until last night when we got mugged on our way back to the hotel, all cash and credit card were stolen off us but luckily for us we still have our passports with us.
Article comments
1 - Jon Sobel
Amazing that so many of her friends didn't see through the scam and offered to help! For more in-depth advice on secure passwords, I recommend the book I wrote about.
2 - Lynette Yetter, author of the novel, Lucy Plays Panpipes for Peace
Thank you, Jon, for passing along this helpful information.
3 - Brian aka Guppusmaximus
Nice Article.
A good example of word manipulation for passwords is to replace letters with numbers or characters that look similar (Ex. th3m or 5e@t)
I would, also, suggest for those people who have a hard time remembering long passwords to use this free program called KeePass. KeePass is a free open source password manager, which helps you to manage your passwords in a secure way.
4 - John
Thanks for sharing. It is interesting to see wether Facebook Identity theft will be even a bigger problem. Millions of Cityville Players clicking on every colorful icon that appears. As Obama said, IT Security is going to be a serious topic for the next years.
5 - Lynette Yetter, author of the novel, Lucy Plays Panpipes for Peace
Thank you Brian and John for your helpful comments.
Here's some info I just got from a friend about improving security on Facebook -
"DON'T GET HACKED: While on Facebook look at your URL address (the very top box on your screen) If you see "http:" instead of "https:" then you DO NOT have a secure session & can be hacked. Go to: Account - Account Settings - Account Security - click Change. Check box (secure browsing), click Save. Facebook has automatically set it on the non-secure setting"