HACKED! A beachside resident’s mailed plea for money to get home
Long-time Vero Beach psychologist Lynn Williams is known for her relaxation therapy.
So when hundreds of her island friends, clients and associates received a desperate emailed plea for help with multiple exclamation points, it seemed a bit out of line for the otherwise composed mental health professional.
The message line read: “Please – I need your help as soon as possible!!!!” The email went on to describe her plight -- stranded on a surprise trip to London for a program, wallet missing, no phone where she could be reached right now, urgently asking for 950 British pounds (about $1,500) to be wired to a UK address to pay her hotel bills and enable her to return home.
While some of the awkward language suggested this might not be legitimate, a quick check of previous emails from Lynn showed that the message came from the same email address.
The email sparked concern among her friends – not impossible that Lynn would be in London, not impossible she would have been robbed -- and by late morning last Thursday, a deluge of calls to her office phone and her cell phone had both going into voicemail, lending a modicum of credence to the email plea that she could not be reached by phone.
“I started get a ton of telephone calls en masse,” she says, as she tried to get her workday underway at her office off the 17th Street Causeway. “They were coming from all over the country. And I had an 11 o’clock appointment.”
When Williams remembered she hadn’t been able to access her Yahoo email account the previous night, she realized her email had been hacked. “When my daughter texted me, ‘You’ve got a virus,’ I knew I had to stop it.’”
This email scam, as it turns out, is not a virus. It has been around for at least a year, but seems to be currently on the upsurge. It involves scammers gaining control of your email account by acquiring your password, and then using your account to send emails to every email address on your contact list.
While in this particular case the scammers gained control of Williams’ Yahoo email account, others have just as easily gained access to Google’s Gmail, Microsoft’s Hotmail, AOL or email accounts through other internet services.
How do they get the username and password? In some cases, people using public computers – such as those at a cybercafé – to access their account via web-based email (webmail) may in fact be providing their log-on information and password mail on an infected computer, which is recording this information and later sending it to the scammer.
In other cases, the victim has received an email – supposedly from Yahoo, or Google – asking them to confirm email address, password and birthdate with the threat that they would be shut down if they did not provide the information.
“Thinking it was actually from Yahoo, like a fool I responded with the info,” one victim recounted on a scam reporting site. “Early today, I received an email from a close friend saying: ‘I received an email from you saying that you were in London and desperately needed help.”
Williams is hardly the only one whose email account has been seized by the scammers.
Perhaps the best known was British Justice Secretary Jack Straw, whose friends received an urgent email just a year ago claiming he was stranded in the steaming West
African city of Lagos, with no money and nowhere to stay. His urgent demand: please send $3,000 to bring me home.
For Straw, who during his tenure as Britain’s Home Secretary had pioneered a special unit to crack down on internet fraud, it was a particularly painful experience. “The internet is wonderful in many ways, but these gangs put a lot of effort in because they make money from it. In a lot of cases they do get people to cough up.”
Only one friend needs to wire money to make it all worthwhile.
While Williams’ patients waited last Thursday, she called Yahoo, the internet company through which she had her email account. It became apparent that every person on her contacts list had been mailed the hacker’s phony plea. Hundreds of contacts. And now, her contacts list had been wiped clean.
She had no way to quickly let friends and associates that the email they had received was a hoax.
With an appointments page booked through 7:30 pm, she stayed up until midnight trying to sort out the situation. At 3 am, she was up again, heading off to help a patient in Sebastian relax for bariatric surgery – disordered eating is her specialty.
In the earlier session with Yahoo, she had them add her husband’s account to her own, only to find, a few hours later, the hacker had accessed her account again. This time, only a few in her address book were sent a followup plea. But it meant another call to Yahoo, and another round of changed passwords.
“Each time I had to give them a different count and it couldn’t be anything similar to the two I already had,” she says, recounting the tedious details that filled her day.
“How could they get into my account to change the password and the questions?” she asks rhetorically — because the hacker did precisely that. “Yahoo didn’t know. I asked, ‘How do I know that won’t happen again?’ And, he didn’t know that either. Now, I’ve switched to gmail.”
“I had enough sense not to have my Visa and Schwab accounts under the same password,” Williams says. “But shame on me for using the same password any other place. But you can’t have a different password for everything. I’m the world’s biggest E-commerce shopper – I’ve been buying things on line since 1994. The password situation is really problematic, especially when you do as much as I do.”
Williams says she pays American Express a premium to monitor her credit reports. She also regularly runs an anti-viral program on her computer. She also uses Hush Mail, an encoded email system that requires a separate password be phoned in or texted, to communicate with certain colleagues, and intends to use that service with patients as well.
Ultimately, Yahoo was not able to restore her contacts list. She did however find it stored elsewhere on her computer. “I finally cut-and-pasted everyone into the address lines in batches, and got the word out that way” that the whole thing was a hoax.
“I worry about all the emails that went out – are they going to be hacked too?” she says. Williams knows of one other beachside resident whose Yahoo account was hacked recently.
Then there is Kristen Knudson, known to many in local art circles as former owner of the gallery Arts Mojo on U.S. One, whose Yahoo account was hacked two months ago with a very similar plea for money. Unlike Williams, she is extremely cautious about using the internet, does no online banking or shopping, and calls herself “the most paranoid internet user there is.”
“I couldn’t get into my email for three days,” she says. “Then all of a sudden, everybody started calling, neighbors were coming over, asking what was going on.” She used Jason Fletcher, a local computer wizard who also has a prop- email to send my new password, so each time I had to create a new acerty management business, to help her sort things out. Though she reported the case to the Sebastian police department, she has never heard back, she says.
“I was distraught, I was upset. It was embarrassing,” she says. Though Yahoo gave Fletcher steps to restore her contacts, it didn’t work. “I had no way to let 350 people know that that wasn’t me,” she says. “It has affected me tremendously. It’s damaging to my reputation.
I have gone into restaurants where people came over to me thinking I had asked them for money, and they were not happy.”
If you are hacked
Disconnect immediately. Unplug the network cable, phone, or cable line from your machine. This can prevent data from being leaked back to the attacker. Bots may also use your computer as a zombie in a larger, coordinated attack. Disconnecting your network connection is a sure-fire way to put a stop to the immediate damage.
If you are at work, contact your Information Technology department. Scan your computer with an upto- date antivirus program such as Norton AntiVirus or Norton Internet Security (a complete security software suite). A program with antivirus & antispyware capabilities can detect and often remove threats that would otherwise remain hidden on your machine.
Back up your critical information. Sensitive data may be leaked and it also may be inadvertently destroyed or lost during the clean-up effort. If you have back-up software installed, make a copy of your valuable files such as your photos, videos and other personal or work files to a back-up hard drive or removable media, such as a CD or DVD.
Consider going back to groundzero by re-installing the operating system of your computer (e.g. Microsoft Windows) or using back-up software. The worst attacks are sophisticated enough to burrow deep within your system in an attempt to hide from your security software using “rootkit” techniques. Sometimes the best course of action is to return to a pre-infection state using a program such as Norton Ghost
Close affected accounts immediately. In the best-case scenario, you will be able to shut-down or change any credit card, bank or other online service accounts before they can be leveraged by the thief. Err on the side of safety: a little more trouble taken up front to freeze or change accounts can save much more effort later disputing fraudulent purchases by a cybercriminal.
Set up a fraud alert with the 3 national consumer reporting agencies (Equifax, Experian, TransUnion).
Contacting just one of the three companies will set up the alert for all of them. The fraud alert will tell creditors to contact you directly before making any changes to existing accounts to trying to open up new ones. File a police report. Ideally this would be done in the area where the crime took place. While this may or may not provide the police enough information to bring the criminal to justice, you can use a copy of the police report or the report number as evidence with your creditors in case they ask for proof. You may never need it, but it may make all the difference later.
Contact government agencies. If your driver’s license or social security number have been stolen, you will need to contact the Department of Motor Vehicles and the Social Security Association respectively. Additionally, you should report your identity theft to the Federal Trade Commission whom maintains an identity theft database used by law enforcement agencies for investigations.
Watch your credit reports closely. Keeping a sharp eye on your accounts from all three credit reporting agencies is essential as information may not be the same across all three. Some of the credit reporting agencies offer all-in-one reports or just-in-time alerting services for a fee. Depending on the level of potential impact and your concern, it may be worth the quick turnaround time and easy viewing to pay for these additional services. Remember that it may take some time before all of the fraudulent activity to appear on your credit reports.
Look for signs of identity theft. It’s natural to have your guard up after having your identity stolen. During this time, be on the look out for odd things in the mail, including credit cards you did not request and bills that you normally receive which have gone missing. Being contacted by vendors regarding accounts you are unaware of, or even worse, by debt collectors for purchases someone else made, are clear signs of lingering identity theft problems. Source: FBI cybercrimes website, Federal Trade Commission.