'Dyre' malware goes after Salesforce users

Email Hijack Leads to “I was robbed, send me money” Scam

Oh dear, one of your relatives has had a bit of an accident and now they need help.

Or maybe their bag was stolen and you’ve had a desperate message pleading for some funds to get them home safely.

Perhaps they locked themselves out and the locksmith won’t leave until you fix their cash shortage.

All of the above are entirely possible scenarios, but they’re also great ways for scammers to relieve you of some money. Here’s an email forwarded to me by an individual who woke to find a rather alarming email from their Landlord:

I’m writing this with tears in my eyes, I and my family presently on a short trip to Istanbul, Turkey. Unfortunately, I was robbed in the hotel I booked, all my valuables which includes cash, mobile phones were stolen during the attack but luckily I still have my passport with me.

I’ve been to the Embassy and the Police here but they are not taking the matter seriously. Please, I really need your financial assistance now because things are really getting tough on me here. Our flight leaves in few hours from now but we’re having problems settling the hotel bills and the hotel manager won’t let us leave until we settle the bills. Please, let me know if you can help us out?

I’ll really appreciate your prompt response.

Regards,

Fake mail

The Landlord’s email address had been compromised, and used to send these messages out to all contacts in the hope of scamming some money from good Samaritans.

This tactic has been around for years, and is often found on social networks where close connections add a sense of trust and “oh no, my poor friend” to the proceedings.

These scams are particularly nasty, because there are many situations where a friend in need may actually send a digital communication asking for help instead of a phone call. Before you know it, everything has gone a bit boy who cried wolf and your friend is left stranded in a lay-by somewhere (and in the above narrowly avoided scam attempt, a tenant could have been left without a rent payment which would have been a bit awkward).

The good news is that most (not all) of these scams are cut and pasted from older attempts – a quick Google will usually turn up most of the email you’re presented with.

Failing that, you could agree with your closest friends and relatives on an emergency word whose presence in an email would denote that this is indeed a genuine cry for help when phoning isn’t an option.

Checking with mutual contacts to see if they received the same message is often suggested as evidence of fake messages, but keep in mind that someone desperate for help with no phone access could well decide to send a message to as many of their contacts as possible.

A complicated problem, but thankfully the Landlord recovered their email and the tenant hung onto their money. If only this could be the outcome every time…

Christopher Boyd

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.