Friday, December 21, 2012

If you feel someone is impersonating you online

After my latest episode of getting scammed, I contacted Microsoft abuse(at)hotmail.com about the email used to impersonate me.

This was their reply.


Hello,
 
If you feel that someone is impersonating you, we suggest that you make a formal report of the incident. In order to violate the TOS the impersonator must be using one or more of the following:

- Your legal name
- Your telephone number
- Your address
- Any other personal identification of yours, such as a photograph
 
Take note that duplication of your nickname is not considered a violation of the COC.   
If you would like us to further investigate the case, please contact our Abuse Department with the following information and evidence documents:

• Your contact information, including an address, telephone number, and preferably, your e-mail address.
• Electronic copies of the user’s Photo ID, Driver’s License, passport, work ID badge that would validate your identity.   
• Electronic copies of the e-mail messages sent from the account         
• Notes about when this happened and the actions of the perpetrator
• A police report, if available.         
         
 You can be able to contact us by replying to this mail. Also, please send the documents needed via email attachment.
 
 
 Online Safety


I followed up with the information that they requested and they said:

Hello,

We have taken appropriate action on the account that you reported in compliance with the Hotmail Code of Conduct (COC). To view our Terms of Use, visit the following Web site:


Not sure what action they took but it made me feel better.

Wednesday, December 19, 2012

I got scammed - I hope it never happens to you.


A cautionary tale and hopefully a learning example for us all.  Unfortunately, I was an unsuspecting part in a scam.  I reviewed the events and wanted to give you guys a warning.

I had a customer, John, whom I met face to face with a couple years ago.  We corresponded only occasionally by email.  So this is what I think happened:

- John's email account got hacked.
- the perpetrator read our correspondence.
- set up a dummy email account for me using a free service like yahoo, gmail, live, in this case they picked  something close to my real email address.
- they used this dummy account & emailed John.  Using emails I truly wrote to John; they cut & pasted together.  This made John think that he was talking to me. They chose something close to the real email address so I wouldn't notice the switch.
- the perpetrator also set up a dummy account for John.  They used this account to trick me into thinking I was talking to John.  John's original email was hotmail.co.hk not uk.
- Eventually when John placed an order & we shipped it.  All the arrangements went through with the bad guy emailing for both of us & filtering everything.
- when it came time to pay the bad guys tricked John into sending money to them via Western Union.
- meanwhile I never got paid.

So there you have the tale of the scam.  I looked more closely because I wondered how they got me to switch correspondence to the dummy account.  This is what the did:


John XXXX <XXXXX@hotmail.co.uk>
Mar 26
to me
Hi 
     How was your weekend? Please get back to me about the previous mail.
Thank you

They followed up with more short emails like "please reply to my email".  I thought John was being impatient but what they were doing was getting me to used his dummy account instead of the real email & increasing the chance of my address book picking up the email as a contact.

So what to watch for guys:

a) unexplained switches in email account - if you have a repeat customer watch for a unexplained change.

b) be cautious when someone uncharacteristically pesters you to respond immediately.

c) look through the body of the emails.  When they cut & paste they left my "dummy" account visible in the header of forwarded emails; had I been looking I woud have noticed.  If you see an email address that is similar to yours but not you then watch out!

d) Collect payment before you ship.   (I didn't & now I got burned).

e) Email is cheap however a secondary method of contact should be used occasionally. It goes to show a telephone call or visit can be worth it.  Skype or SMS are good alternatives.  Confirm that you have both been in communication.

So hopefully you guys will learn from my mistake.  I hope none of you ever get scammed not only at work but personally too.

Sunday, December 2, 2012

CAF 2013 Africa Cup is giving ME Three Million pounds

Three Million Pounds! Yipee! :p


Dear User,


Your email has won £3000.000.00 Three Million Pounds from Orange CAF 2013 Africa Cup of Nations kick off on 19th January 2013. Your email address was Selected During the Award Draw Program held in Johannesburg South Africa This program is to Create Awareness. The 2013 Africa Cup of Nations will be the 29th Africa Cup of Nations, the football championship of Africa organized by the Confederation of African Football (CAF)

Your winning details Below
Reference Number CAF/002958/2013
Amount Won: £3000.000.00


To file for your claim, Please Contact our Paying Agent (Payment Processing Center) for your Payment immediately.

Contact Mrs Helen Eastwood for your claim with the below info to enable us process your Payment.


Contact Person:Mrs.Helen Eastwood
Phone: +27-78-759-1062
E-mail:heleneastwood@accountant.com



Full Names:
City:
Country:
Cell no:
Age:
Occupation:
Email:
Ref:

Regards,
CHAIRMAN AFRICA CUP OF NATIONS Organizing Committee
Supported by FIFA