Dangerous Email Scam – Would you give money to a friend?

Hi All,

Due to a new scam  going around and worryingly working quite well, this article is designed to highlight what it is, how to avoid it and also how to recover from it.

Inspiring this post is an email I received from a friend based in the US at around 3am local San Francisco time (conveniently!) It’s a new type of scam/threat that was recently reported on in the London Evening Standard. The scam involves getting into an email account and emailing all contacts a sympathetic request for money due to being mugged while travelling (click images below to see larger version):

Email Scam - Real Example
Email Scam – Real Example


What’s dangerous about this scam is the following:

1) The email is personalised, signed from the first name of the person that owns the email account

2) The “reply” email address is an email account setup for this specific scam which uses the same email suffix as your account! For example, if your address is joebloggs729@googlemail.com, it will automatically create an account called joebloggs729@live.com and send all replies to that account. This means the scammer can co-ordinate receiving money from a different email account which looks like the real owners!!!

3) In extreme cases, the reply email address will be the persons original email address but they would have been locked out of their account. This is even more dangerous as the person sending money verifies whether it’s real by emailing to ask!

4) Friends vulnerable asking for help is a great way of getting some quick bucks

The world we live in is actually more friendly and trusting than you may think. According to the Standard post, someone within security in the Armed Forces coughed up over €500 for his friend in need without spotting it was all a bit hoax.

In the case where the hacker gets in and simply emails your contact list, you can see this has happened by looking in your sent mail which will show all the outbound emails. The easy remedy is to email all your contact list explaining whats happened (and of course change your password to something complex! See post on security of passwords..!)

If you’re locked out your account, it’s a little worse. You will need to get in contact with your email provider with legal identification in order to get your account reset as the hackers change the security and recovery options on the account as well.

For more advice please feel free to email me (joshuasugarman@[removethis]gmail.com)




Tweet me @thejsug !

2 thoughts on “Dangerous Email Scam – Would you give money to a friend?”

  1. These things are usually prefabricated letters and are often not well written and will not sound like your friend -- there are a number of things in that letter that say ‘scam’ to me. It doesn’t mention the recipients name, the fact it appears to have been mass mailed to multiple friends, extra spaces where there shouldn’t be, missing spaces where they should be, incorrect grammar/punctuation, incorrect capitalization. Feels to me that its been written by someone who doesn’t have English as their first language.
    If your still unsure you can reply and confirm if its real or not -- reply asking about some personal event only you and your friend would know about. When the crim doesn’t reply or can’t give you the details you know its not really your friend. Scam over.

  2. The interesting and unfortunate thing is not many people do have the knowledge to see the examples you mentioned as a reason to be suspicious. I would say it’s fairly obvious, but then again, reading the article in the London Standard about an Armed Forces security expert falling for it is quite worrying!I’d always expect to see some further contact with the person vocally before making any type of financial exchange but it’s still a dangerous scam compared to most due to the way it imitates the user.

Leave a Reply