[APG Public List] Understanding Targeted Scams
Ray Beere Johnson II
raybeere at yahoo.com
Thu Jun 24 12:54:42 MDT 2010
--- On Thu, 6/24/10, Jeanette Daniels <jeanettedaniels8667 at yahoo.com> wrote:
> I've received this email before from someone else and it is a scam.
> That's why I'm sending the reply to both the APG public and private
> lists. This is NOT from Kelly Summers. Do not try to help!
You are right, this type of e-mail is a scam. However, there _is_ one way to help Kelly Summers...
That e-mail account has been cracked. _All_ information: contacts, any passwords contained in e-mails, bank information (even without passwords, there may be enough info to crack the account) has been compromised. Other accounts may have been compromised as well. This type of scam usually occurs to those who take few security precautions, and suggests there probably _are_ other problems.
Without knowing just how this was accomplished, it is impossible to say for certain, but there is a possibility Kelly's computer has _hidden_ monitoring software installed. _NO_ security software is one hundred percent effective. The Apple OS is _not_ immune to malware. There is _NO_ "magic bullet". After an incident like this, every computer used in the past six months or so - unless since discarded - needs to be _thoroughly_ scanned by at least three reputable scanners. _Then_, run HijackThis (despite the name, it is a security tool) and have someone knowledgeable review the log.
Monitor all accounts, financial, online, etc. for evidence of trouble. Even "unimportant" accounts can expose data useful to crackers. Just think about what we do - we take scraps of information and assemble quite a bit of knowledge from those scraps. The _intent_ is very different, but the idea is the same: crackers can get more out of just knowing the name of your bank - and your name - than you think...
And, with enough information from your inbox, the most skilled criminals can put together a much more convincing, dangerous scam than this one. Be on your guard, even when dealing with people you know, especially if their accounts have been compromised in the past.
Kelly - and anyone else who "sends" such a message - needs to be advised of the problem. _Don't_ rely on e-mail: the crackers may delete your warning before it is read.
Ray Beere Johnson II
More information about the APGPublicList