If you feel someone is impersonating you online

After my latest episode of getting scammed, I contacted Microsoft abuse(at)hotmail.com about the email used to impersonate me.

This was their reply.

Hello,

 

If you feel that someone is impersonating you, we suggest that you make a formal report of the incident. In order to violate the TOS the impersonator must be using one or more of the following:

- Your legal name
- Your telephone number
- Your address
- Any other personal identification of yours, such as a photograph

 

Take note that duplication of your nickname is not considered a violation of the COC.   

If you would like us to further investigate the case, please contact our Abuse Department with the following information and evidence documents:

• Your contact information, including an address, telephone number, and preferably, your e-mail address.
• Electronic copies of the user’s Photo ID, Driver’s License, passport, work ID badge that would validate your identity.   
• Electronic copies of the e-mail messages sent from the account         
• Notes about when this happened and the actions of the perpetrator
• A police report, if available.         

         
 You can be able to contact us by replying to this mail. Also, please send the documents needed via email attachment.

 

 

 Online Safety

I followed up with the information that they requested and they said:

Hello,

We have taken appropriate action on the account that you reported in compliance with the Hotmail Code of Conduct (COC). To view our Terms of Use, visit the following Web site:

http://windows.microsoft.com/en-US/windows-live/code-of-conduct

Not sure what action they took but it made me feel better.

I got scammed - I hope it never happens to you.

A cautionary tale and hopefully a learning example for us all.  Unfortunately, I was an unsuspecting part in a scam.  I reviewed the events and wanted to give you guys a warning.

I had a customer, John, whom I met face to face with a couple years ago.  We corresponded only occasionally by email.  So this is what I think happened:

- John's email account got hacked.

- the perpetrator read our correspondence.

- set up a dummy email account for me using a free service like yahoo, gmail, live, in this case they picked  something close to my real email address.

- they used this dummy account & emailed John.  Using emails I truly wrote to John; they cut & pasted together.  This made John think that he was talking to me. They chose something close to the real email address so I wouldn't notice the switch.

- the perpetrator also set up a dummy account for John.  They used this account to trick me into thinking I was talking to John.  John's original email was hotmail.co.hk not uk.

- Eventually when John placed an order & we shipped it.  All the arrangements went through with the bad guy emailing for both of us & filtering everything.

- when it came time to pay the bad guys tricked John into sending money to them via Western Union.

- meanwhile I never got paid.

So there you have the tale of the scam.  I looked more closely because I wondered how they got me to switch correspondence to the dummy account.  This is what the did:

John XXXX <XXXXX@hotmail.co.uk>	Mar 26
to me

Hi 

     How was your weekend? Please get back to me about the previous mail.

Thank you

They followed up with more short emails like "please reply to my email".  I thought John was being impatient but what they were doing was getting me to used his dummy account instead of the real email & increasing the chance of my address book picking up the email as a contact.

So what to watch for guys:

a) unexplained switches in email account - if you have a repeat customer watch for a unexplained change.

b) be cautious when someone uncharacteristically pesters you to respond immediately.

c) look through the body of the emails.  When they cut & paste they left my "dummy" account visible in the header of forwarded emails; had I been looking I woud have noticed.  If you see an email address that is similar to yours but not you then watch out!

d) Collect payment before you ship.   (I didn't & now I got burned).

e) Email is cheap however a secondary method of contact should be used occasionally. It goes to show a telephone call or visit can be worth it.  Skype or SMS are good alternatives.  Confirm that you have both been in communication.

So hopefully you guys will learn from my mistake.  I hope none of you ever get scammed not only at work but personally too.

CAF 2013 Africa Cup is giving ME Three Million pounds

Three Million Pounds! Yipee! :p


Dear User,


Your email has won £3000.000.00 Three Million Pounds from Orange CAF 2013 Africa Cup of Nations kick off on 19th January 2013. Your email address was Selected During the Award Draw Program held in Johannesburg South Africa This program is to Create Awareness. The 2013 Africa Cup of Nations will be the 29th Africa Cup of Nations, the football championship of Africa organized by the Confederation of African Football (CAF)

Your winning details Below
Reference Number CAF/002958/2013
Amount Won: £3000.000.00


To file for your claim, Please Contact our Paying Agent (Payment Processing Center) for your Payment immediately.

Contact Mrs Helen Eastwood for your claim with the below info to enable us process your Payment.


Contact Person:Mrs.Helen Eastwood
Phone: +27-78-759-1062
E-mail:heleneastwood@accountant.com



Full Names:
City:
Country:
Cell no:
Age:
Occupation:
Email:
Ref:

Regards,
CHAIRMAN AFRICA CUP OF NATIONS Organizing Committee
Supported by FIFA

account-security-noreply@microsoft.com

Have you been instructed to verify your email address by Microsoft?  I am usually a bit skeptical because the links built in could lead you to phishing sites.

I usually choose to ignore them.  My logic is that if I do not verify the account the person trying to get an email won't succeed anyways.

Microsoft account

Verify your email address

To finish setting up this Microsoft account, we just need to make sure this email address is yours.

Verify itnxw@xxxx.com

If you didn't make this request, click here to cancel.

Thanks,

The Microsoft account team

Fax from Michael J. Simpson South Africa

I received a fax today from Michael J. Simpson, private consultant for eminent persons in Asian and South African region.   But I am just a poor boy and not a well established businessman abroad so I can't help him.  Haha.

Watch out for michealsim147@gmail.com & micheal147@trustkonsult.com +27783840827
Interesting how Michael spells his name with the 'a' & 'e' reversed in his email.  Most people like their names spelled correctly.

Beware of the user of this email

I would caution any business accepting orders from abednegobotchway@gmail.com.  The reason is it is alleged that the person using the email address abednegobotchway@gmail.com may use stolen cards.

Mastercard Canada Enpowers Merchants

Hooray for MasterCard Canada!  I will gladly assist in reporting suspected fraudulent use.  In the past I went as far as to Google the names & telephone numbers of people I thought had their cards stolen and call them myself.  Now I can simply mark the card to the credit cards companies can let each other know.

MasterCard Canada recently launched an update to their operating regulations specifically relating to ensuring card issuers are made aware of suspected fraudulent transactions. The new E-commerce Fraud Alerts for Issuers service requires that when merchants identify any previously authorized transactions suspected as fraudulent and will not be fulfilling the order, to reverse or cancel the transaction and advise the card issuer. This new service will allow merchants to support the card issuers to block or monitor suspected accounts to stop future fraudulent transactions.