Saturday, July 25, 2009

Beware an Email Scam

Over the last few months, I've received the exact same message from folks who have my email address. The message was roughly "I'm stuck in England without my wallet, please send cash." Since I had a long career in information technology (IT) I knew a scam when I saw one.

While the spam scams look like legitimate email accounts of people you know, these are actually spoofed addresses. I know how to look at the full message header of an email to see the real addresses. These emails did not come from the person or the email address that you recognize!

In other words, if you reply to that scam message, you are not replying to the real owner of the email! You are replying to a hidden email address. Then... they have YOUR verification that your email address is real. To email the REAL person about the email, you need to create a separate email message and tell them.

DO NOT REPLY to the spoofed email! Delete the message. Write a new and separate email message to the owner of the account to tell them what you received. They can change the password to their account and inform their email provider.

Since the address looks like a legitimate email address, if you mark it as spam, then you won't receive the emails from the real owners of the addresses.

How does a scammer/spammer get your email address? Typically what happens is that someone opens an email that contains an attachment or image that unleashes a malicious program. That program "reads" the entire contact list stored in the address book... first names, last names and email addresses. The program collects the data and sends it back to the spammer/scammer who is then able to then "write" emails to every address collected.

If you get a scam email, it doesn't necessarily really mean that the owner's email account was hacked. It could be that their email address was picked up in someone else's contact list. What could also be happening is that one of the social media websites (forums, chat rooms, etc.) could have been hacked to obtain all of the email addresses.

What does the scam text inside the email message say?

†††
Hello,

How are you doing? Hope all is well with you and your family, I am sorry I didn't inform you about my traveling to England for a Seminar/conference.

I need a favor from you as soon as you receive this email, I misplaced my wallet on my way to the hotel where my money, and other valuable things were kept. Can you urgently assist me with a soft loan of $2,600 US Dollars to sort-out my hotel bills and get myself back home. You are the only one I can trust with this, please can this be between us? You have my word; I will refund you as soon as I return.

I will appreciate whatever you can afford, I'll pay you back as soon as I return I promise, Let me know if you can assist, to enable me send you the details to use in sending the money through western union.

With gusto,

†††


Whenever an email sounds suspicious, it probably is.

When I first starting seeing this scam, I removed my email address from my blog. That's why my "Drop me a note" widget is missing from my blog. It is also a possibility that a "bot" crawled the blogs looking for standard email addresses and the email tag within the html source code of the web pages.

I don't know if anyone has received one of these from my email address, but just in case... I'm not in England either. I'm home!

Freda Cameron

No comments:

Post a Comment