Monday, September 12, 2011

Fisher Capital Management News: Scams artists go digital with latest attack

By Emma Johnson for the Midland Daily News

Recently Dave Hunt of Midland was sent an email asking that money be sent to help a friend who suffered a setback while traveling in London. The email was convincing; but then he found out that the friend, Sharron Such, of Edenville Township, had never left town.
Hunt says what made it so convincing was that he compared the message’s email address to Sharron’s email in his address book and they matched up. The email was also signed Sharron with two ‘R’s instead of one, an uncommon spelling.
What tipped him off?
Hunt says the first thing that put up a red flag for him was that the email started out with “Hi,” and he thought it odd that Sharron didn’t use his name in the greeting.
“I sent her a reply – which she never got,” said Hunt. “I asked three personal questions only she would know.” From his obscure questions Hunt, predictably, never got a response.
Hunt called the police, but they said they only deal with cases where people have been scammed and money has been exchanged.
Hunt called other people on a church committee Sharron and he are both on and the other committee members had also received the email.
Since this happened, Hunt said he’s heard many stories from other people about scam emails.
Hunt says it’s frustrating, though. In real life, another person he’s friends with was in Paris and her wallet was stolen. Luckily her husband had charge cards to get them back home. “So, it happens,” Hunt said. “You want to help – if it’s legitimate.”
Sharron Such found out her email had been hacked when she was contacted by an organization she’s involved with that knew she wasn’t gone.
“I felt violated,” said Such.
Such contacted Yahoo within 36 or 48 hours and they recovered her account. According to Such, if Yahoo is notified more than 24 hours after the fact it makes it harder for them to recover the account, but they can still do it.
When Such was able to access her email again she changed her password.
She received emails and voice messages from people – including a friend from London – who said they believed she’d been scammed, and people who were skeptical but wanted to investigate in case she really did need help. In some emails her name was spelled with one ‘R’ instead of two, which clued people in. However, a quote in the signature of her emails “made some people think twice,” said Such.
Sharron’s husband, George Such, recorded a message on their answering machine to let people know Sharron was not stranded in London. “My wife is safe and sound,” the message went, “but if you want you’re welcome to send us money!” he joked.
Such contacted the FBI, but they said it’s just people sitting in a room trying different passwords until they get one and there wasn’t much they could do.
“It made for an interesting day,” said Such. “Anything I was planning on getting done that day didn’t get done.”
Such said no one sent money to her knowledge.
Henry Dufour, a technician at Compucom in Midland, says he hears about email scams from people every day.
Many emails are marked as spam, but then thieves make up new scams to try to bypass the filters. Besides the London scam, Dufour says a new one is making an email that looks like a Facebook notification.
Dufour says if something in the address doesn’t seem right or a graphic looks outdated, or it just doesn’t look right then he recommends visiting the site directly instead of clicking the link.
“Always confirm,” Dufour stressed.
Don’t open emails if your intuition tells you not to. Durfour say some scammers have technology that can generate a “message read” notice so they know if they’re reaching a real email address.
Dufour also warns about looking at private information using public Wi-Fi. He says if you check web-based email or Facebook you sign in on a secured site (https), but after it’s authenticated with your correct username and password, you go to an unsecured site (http). Hackers can use sniffing software to find you. “Once you’re in it’s all open,” he said. Especially not recommended is online banking using a hotspot.
Also make sure if you’re using wireless internet at home that it’s encrypted because stumbling software can pick up what’s available. “You’d be amazed at what’s open,” he said.
On websites that you log into, don’t tell your browser to remember passwords and make sure to sign out. Also, use different passwords. If someone breaks into one thing, they will use that password to try to break into other things. When selecting a password, don’t use a word followed by the number one. Dufour says that’s easy to figure out. Make complicated passwords by using unique numbers, symbols, and upper and lowercase letters.
Staying current with good anti-virus software and updating to the latest browsers that have closed up security issues is also a good idea, according to Dufour.

No comments:

Post a Comment