Robbed in London : New email scam
Recently I came across a new email scam strategy. It's like you will get a mail from your friend's email address that your friend went to some place (London preferably) for vacation and got mugged in the hotel. She lost everything except the passport. Now she needs money to pay the hotel bills and come back to her place. So she requests you to loan her some money (mostly around $1000) which she promises to pay back once she will be back. Also the money has to be transferred through Western Union Money Trasnfer. Following is the exact content:
- Firstly make sure you have a strong password for your account containing upper case and lowercase letters, digits and at least one special symbol like #, $, & etc.
- Better to change your password every 3 months or so.
|Tamaghna has worked on various technologies like java, .net, ruby and various domains including networking and platforms as well. Has done certifications like RHCE, CEH, ECSA, "Diploma in Cyber Law" and "Cyber Crime Investigation". He has also attended "Sec 504: Hacker Techniques, Exploits and Incident Handling" training from SANS institute|
- Try to login to the compromised account. If you are lucky enough to get into the account change the password immediately. You can also try "Forgot Password" option if that is working.
- If you could login to the account, mail all your contact stating that your this account was hacked and do not reply to any mail from this account.
- Also if you have any other accounts (facebook, orkut, linkedin etc), please update your status with the same information so that others will be informed about the same.
- If you have any other email account, log in to that and inform everybody in you contact. (Luckily you might have the same set of contacts that the compromised account has.)
- If you are using the same password in your other accounts change it immediately.
- Also you can try reporting the incident to your email service provide and request them to block or reset the account and give it back to you. This process varies for different email service providers. For gmail try this, for hotmail/msn try this, for yahoo this could be helpful.
- If you want to go further, you can contact the corresponding law and enforcement agency who deals with cyber crime for further investigation.
- Incase of investigation, email headers of the scam mails could be useful as that could gives the ip addresses of the hacker which could lead to her location. So better ask your friends who got the mails to keep the mails/capture the email header and store for further investigation.
- Also using ReadNotify you can trace the hacker and give that information to the law and enforcement agency.
- Last but not the least, it could be possible that the hacker was using some sort of trojan or keylogger in your computer to get the account information. So scan your computer by antivirus/antitrojan software to ensure that your machine is clean.