We've been getting quite a few scam e-mails, which reflect the names of people we know who are purportedly in dire straights or desparate need. Be on the lookout for these (and other) phony messages. Got this one, a few minutes ago:
This message is coming to you with great depression due to my state of discomfort. I came down here to Quezon City, Philippines with my family for a short vacation but unfortunately, we were mugged and robbed at the park of the hotel where we stayed. All cash, credit cards and cell phones were stolen away including some valuable items, but luckily for us we still have our lives and passports. It was a terrible experience but the good thing is that they didn't hurt anyone.
We've been to the embassy and the Police here but they're not helping issues at all and our flight leaves in less than 12hrs from now but we are having problems settling the hotel bills and the hotel manager won't let us leave until we settle the bills. Please I need your financial assistance so we can pay off the hotel bills and also get a return tickets back home. I'll refund the money as soon as we get back home. Please get back to me immediately to let you know the easiest way to get some funds to us.
We are depressed at the moment.
* * *
Got this one late last week:
Am so sorry to bother you, I am in Limassol, Cyprus for a week and I just misplaced my bag containing all my vital items, phone and money.I am stranded at the moment and may need a little help from you.
In a Facebook post, this is how the second victim (name withheld) described the problem:
MY CYPRUS ADVENTURE
It begins this way. You receive an email saying that someone you know is stuck in a foreign country, lost all her identification and money, and requests you to wire $1,000.00 to a mailbox where she is waiting to pick up the funds. Sound familiar? These scams go out on a daily basis; and by now, who hasn’t received at least a couple of these in past months or even years!
This time, however, it was me. Seems I was stuck in Cyprus. My phones, both personal and at work, have been ringing off the hook since so many of you woke up to my distress call on Thursday morning. Let me tell you what happens to the “stuckee,” regardless of where she is stuck…could be Cyprus, or Madrid, or Greenland. (Seems that my friend, [name deleted], was also stuck in Cyprus at the same time…It’s quite amazing that we didn’t cross paths.)
You woke up to my distress call, while I woke up to find that I had no emails. No new Gmails. No old Gmails. My Gmail folders were all empty. I am conscious enough to realize that this is a serious condition, but there was no hospital or emergency room where I can get help immediately. The first thing I do is go to Google where I seem to find myself locked in an endless circle of instructions that keep taking me back to where I started. Or worse, I wind up in one of those chat rooms where people who are suffering the same symptoms try to advise each other. But, I don’t want to speak with a patient. No, I want to speak to the doctor. The doctor, however, is never in.
After about an hour, I manage to change my Gmail password (which, by the way, prompts me to change my facebook password also…that was a surprise.) With that accomplished, emails start to roll in; but to my dismay, they are only today’s emails. The emails are from family, friends, colleagues, constituents and acquaintances…some unknown to me….saying “you’ve been hacked.” The remainder of, what must be thousands of emails, are still missing
After being led around in circles by Google’s help instructions and chat rooms, I decide to work with an on-line tech doctor who, for $36, promises to provide me with one-on-one help. We began this process at 6:30 a.m., and by 9:00 a.m. I had to check myself out. I was still in my pajamas and needed to get ready to get to work. The “doc” told me I could check myself back in at any time later in the day, and he would be there for me.
My day is already a mess before I get started. I cancel one afternoon meeting and go straight to a scheduled lunch meeting that begins at noon. I am really quite anxious throughout the meeting because I want to get to my office where everyone is 30 and can, hopefully, help me cure my tech condition, a condition that is becoming more overwhelming by the minute. As a social worker, I decide that “tech stress” should be a recognized diagnosis in the DSM manual for mental health disorders.
My friend [name deleted] sends me a great lead towards tracking down my missing emails when she tells me that my distress messages are not coming from my Gmail account but rather from a Yahoo mail address. I check my Gmail settings and, sure enough, find that bogus forwarding instructions have been dropped into my settings to automatically forward my incoming emails to a Yahoo address almost identical to my Gmail address.
Team work is the trademark of our staff, and everyone in the office is committed to helping me retrieve my sabotaged correspondence. (I have to mention here that my coworkers spent the morning responding to the many phone calls and emails that came into the office.) With a number of the [deleted] staff working on this dilemma, we finally locate the correct portal for requesting recovery of my Gmail. Someone also reports the scam to the District Attorney’s office. In the meantime, I also contact Yahoo to shut down the bogus Yahoo mailbox.
Within an hour or so, some of my old emails begin to appear. I think this is going great when I realize that there is still much to do. Not only were bogus forwarding instructions tagged on to my account, there is also a code added to every one of my contacts. After the name in each email address the letters “no” show up. It works like this. I want to email someone in the “To” box. Unknown to me, however, instead of the mail being addressed to the intended receipient, it is addressed to a slightly modified address. Some of the emails bounce back, while others, I believe, are diverted to the scammers. Today, four days later, I am still correcting each individual contact in my address book. This is NOT the way I planned to clean up my address book…or spend my weekend.
I now have double security on my Gmail account. If anyone, including myself, tries to log into my account from any devices other than mine, they are asked to supply a code. The code is texted to my I-phone (or smart phone). Without that code, nobody can log into my account. The code is different each time. Nothing to memorize.
My advice after going through all of this is (1) everyone should change their passwords often. Some say every three months or 6 months. For me, even once a year would be an improvement. (2) Having double protection is also a good idea. I know I feel more secure now.
And, finally, I am sorry that you were caught up in this web of deception. I thank all of you who attempted to alert me. And to those of you who I had not been in touch with for a long time, it was good to reconnect. But, there has to be a better way.
Warmest regards to all,