Nigeria continues to develop and export the world’s most innovative Internet scams. In one bizarre variation that seems to have ramped up in recent months, the scammers are taking a page from Facebook and leveraging the power of social connections.
Here’s how it works: The scammer somehow breaks into a victim’s Web-based e-mail account. He then impersonates the victim and sends an emergency plea for help to everyone in the account’s address book, asking them to wire money to Nigeria. The e-mail includes some variation on a story about getting mugged or losing a wallet while on a trip to Nigeria.
This happened recently to Drew Biondo of Port Jefferson, N.Y. He said he was at home early one morning when his wife alerted him to an e-mail she had received from his Yahoo address about his Nigerian money troubles. He scrambled to try to regain control over his account, but trying to find a phone number for an actual human at Yahoo was “ridiculously difficult,” he said.
Mr. Biondo, a public relations executive, used the Yahoo account for work e-mail and had about 600 people in his contact list, many of them journalists. He said he soon experienced “an influx of phone calls from every reporter I’ve ever spoken to,” including some he had not heard from in years. “I credit this Nigerian scammer with one thing: he made me feel good inside because these people cared enough to drop me a phone call.”
Yahoo asked Mr. Biondo for various proofs of his identity, including the long-forgotten answer to a security question he had set up ten years earlier. Two and a half days after it all began; he successfully logged into his account and sent out a mass mailing: “The long Nigerian nightmare is over.”
Other people who have been victims of this scam admit that they gave up their e-mail password in response to one of those bogus phishing messages that ask recipients to “verify your information.” But Mr. Biondo said he didn’t fall for one of those ploys, and he still has no idea how his account was compromised. No viruses turned up on his computer.
The brilliance of the scheme is that while the story in the e-mail might strain credulity, people are obviously far more willing to trust a friend than the supposed widow of a former dictator. While none of Mr. Biondo’s contacts fell for the ruse, some people somewhere must be sending money, because the scam is spreading.
A Web search indicates that plenty of people have had their accounts hijacked, including:
A monsignor in the Falkland Islands (“…the person who would benefit from this scam needs to be stopped before Monsignor loses his good reputation.”) A journalist in Saudi Arabia ( “Telephone calls to the Nigerian Consulate in Jeddah to report the crime were met with disinterest…”) The former editor in chief of the Malaysian National News Agency ( “I fear my name will be tarnished as though I’m seeking assistance and so on whereas I had never done so and it is a lie.”) A Connecticut woman who actually does work in Africa (“I hope nobody did send her money. I was close.”) A doctor in India whose contacts need some cyber savvy (“My friend tells me of a mail like that he received and many of them even sent in money that has been pocketed by the fraudster.”)
A woman in Milwaukee who doesn’t know where Nigeria is (“Szymborski said she e-mailed Yahoo about a dozen times but didn’t hear back.”) And even a fellow Nigerian ( “Na wao. Since it’s becoming increasingly difficult daily to achieve international scams from Nigeria, these bad boys now target their own brothers.”)
Mr. Biondo’s experience in particular demonstrates one of the problems with moving more computing tasks from the desktop to the Web, as Google and others would like us to do. In many cases, just one little password is keeping bad people away from your precious data. And if you are relying on free services from a company like Google or Yahoo, your chances of getting prompt and personalized customer service in a time of crisis are low.
Mr. Biondo’s new solution to this problem is to spread the risk: “I have a Gmail account which forwards to my Yahoo account, so if one goes I have a backup.”
Here’s how it works: The scammer somehow breaks into a victim’s Web-based e-mail account. He then impersonates the victim and sends an emergency plea for help to everyone in the account’s address book, asking them to wire money to Nigeria. The e-mail includes some variation on a story about getting mugged or losing a wallet while on a trip to Nigeria.
This happened recently to Drew Biondo of Port Jefferson, N.Y. He said he was at home early one morning when his wife alerted him to an e-mail she had received from his Yahoo address about his Nigerian money troubles. He scrambled to try to regain control over his account, but trying to find a phone number for an actual human at Yahoo was “ridiculously difficult,” he said.
Mr. Biondo, a public relations executive, used the Yahoo account for work e-mail and had about 600 people in his contact list, many of them journalists. He said he soon experienced “an influx of phone calls from every reporter I’ve ever spoken to,” including some he had not heard from in years. “I credit this Nigerian scammer with one thing: he made me feel good inside because these people cared enough to drop me a phone call.”
Yahoo asked Mr. Biondo for various proofs of his identity, including the long-forgotten answer to a security question he had set up ten years earlier. Two and a half days after it all began; he successfully logged into his account and sent out a mass mailing: “The long Nigerian nightmare is over.”
Other people who have been victims of this scam admit that they gave up their e-mail password in response to one of those bogus phishing messages that ask recipients to “verify your information.” But Mr. Biondo said he didn’t fall for one of those ploys, and he still has no idea how his account was compromised. No viruses turned up on his computer.
The brilliance of the scheme is that while the story in the e-mail might strain credulity, people are obviously far more willing to trust a friend than the supposed widow of a former dictator. While none of Mr. Biondo’s contacts fell for the ruse, some people somewhere must be sending money, because the scam is spreading.
A Web search indicates that plenty of people have had their accounts hijacked, including:
A monsignor in the Falkland Islands (“…the person who would benefit from this scam needs to be stopped before Monsignor loses his good reputation.”) A journalist in Saudi Arabia ( “Telephone calls to the Nigerian Consulate in Jeddah to report the crime were met with disinterest…”) The former editor in chief of the Malaysian National News Agency ( “I fear my name will be tarnished as though I’m seeking assistance and so on whereas I had never done so and it is a lie.”) A Connecticut woman who actually does work in Africa (“I hope nobody did send her money. I was close.”) A doctor in India whose contacts need some cyber savvy (“My friend tells me of a mail like that he received and many of them even sent in money that has been pocketed by the fraudster.”)
A woman in Milwaukee who doesn’t know where Nigeria is (“Szymborski said she e-mailed Yahoo about a dozen times but didn’t hear back.”) And even a fellow Nigerian ( “Na wao. Since it’s becoming increasingly difficult daily to achieve international scams from Nigeria, these bad boys now target their own brothers.”)
Mr. Biondo’s experience in particular demonstrates one of the problems with moving more computing tasks from the desktop to the Web, as Google and others would like us to do. In many cases, just one little password is keeping bad people away from your precious data. And if you are relying on free services from a company like Google or Yahoo, your chances of getting prompt and personalized customer service in a time of crisis are low.
Mr. Biondo’s new solution to this problem is to spread the risk: “I have a Gmail account which forwards to my Yahoo account, so if one goes I have a backup.”
Comments
________________
[url=http://unlockiphone22.com]unlock iphone[/url]