Jeff Duntemann's Contrapositive Diary Rotating Header Image

A Venerable Old Con

I got the email below this morning. It’s similar to messages of this sort that I receive regularly, with the single difference that I know the supposed sender. I say “supposed” because I know damned well it didn’t come from her. Here’s the text, minus identifying characteristics:

Good morning,
I Hope you get this on time, I made a trip to UKRAINE and had my bag stolen from me with my passport and personal effects therein. The embassy has just issued me a temporary passport but I have to pay for a ticket and settle my hotel bills with the Manager.

I have made contact with my bank but it would take me 3-5 working days to access funds in my account, the bad news is my flight will be leaving very soon but i am having problems settling the hotel bills and the hotel manager won’t let me leave until i settle the bills, I need your help/LOAN financially and I promise to make the refund once i get back home, you are my last resort and hope, Please let me know if i can count on you and i need you to keep checking your email because it’s the only way i can reach you.

Looking forward to hearing from you,


Ms. Real Person

REAL_HOME_PAGE_URL.com
FAKE@aol.com
REAL_BLOG_URL.com
Follow us on Facebook and Twitter

This con has been around forever and most people have heard of it, but in case you haven’t, beware. Everything in the contact info is real except for the email address, which will not put you in touch with Ms. Real Person, but the scammer. I checked with Ms. Real Person and she had not yet heard that she was being used in the scam. It’s possible that the mass mailing used many scraped contact blocks to avoid popping up immediately on scam reporting sites.

Scams appealing to greed (i.e, 419/Spanish Prisoner) are way down here, and scams like this appealing to goodheartedness are on the upswing. I’d be curious to see if the same is true for all of you.

3 Comments

  1. Alex Dillard says:

    Ah yes, I remember back when the old 419 scam would come in with the physical mail 2 or 3 times a year. A physical 419 scam letter is not something I have seen for a long time. I was getting them in my e-mail’s spam folder a couple times a year for a while, but that seems to have basically stopped as well.

    The ‘goodheartedness’ travel scam you describe above is something that has happened to a number of people I know. One significant difference: for all the cases I know of the scammer was sending messages from the victim’s actual e-mail account. The way that people I know seem to typically end up getting their e-mail account stolen is by logging in to a spoofed login page. Some of these spoofed login pages can be very convincing. I think what often happens is that the victim misspells a URL slightly and ends up at a spoofed login page which then steals their username/password. They don’t notice because what they see looks exactly like the page they expected to see. Yahoo uses something they call a ‘Sign-In Seal’ to prevent this. Refer to: https://protect.login.yahoo.com/
    Leo Notenboom has provided quite a bit of quality info on e-mail account theft: http://ask-leo.com/someone_has_stolen_my_email_account_what_can_i_do_to_get_it_back.html

    Something else that was an issue for some time was that many popular sites with e-mail systems (Facebook for example) didn’t use https by default. Be on the lookout for that, especially those of you out there who like to use public internet hotspots in places like hotels, restaurants and airports. At this point most major sites have switched to using https by default for user accounts, so this isn’t much of an issue anymore.

    Incidentally, starting about two weeks ago I have been getting significantly less e-mail spam in general. Right now I get less than one spam message per day. For the last several years I have consistently gotten 15 or more messages per day in the spam folder of my primary Gmail account. I have noticed temporary small drops in spam frequency previously, but never where the drop in frequency was as sharp as this or lasted for several weeks.

  2. RH in CT says:

    I’ve had two in the last couple of months, both claiming to be stranded in Manila. One used the person’s actual email address, the other was a different address.

    Almost all the spam I was receiving with the dangerous links to click on was coming from Yahoo email users, including users whose ISPs use Yahoo for email. This has trailed off dramatically as Yahoo has been moving users to a new and (I assume) less vulnerable web-based email interface. Anyone using Yahoo for email should look to get the upgraded version of their web email.

  3. Bob Halloran says:

    My 80-some mother got a call on her cell claiming to be my teen nephew, arrested out-of-country and needing her to wire $$ for bail. Thankfully the guy at the Western Union counter put her right.

    I’ve received multiple mails supposedly from friends/co-workers working the stranded-offshore scam, though as others have said, these seem to have tapered off of late. Either it’s become harder for them to spoof the emails, or they’re realizing in these days of ubiquitous mobile access it’s too easy to verify and they’ve abandoned the tactic.

Leave a Reply

Your email address will not be published. Required fields are marked *