So I was sitting at my desk working away at the Turbo home office here in Austin today when I get this desperate email with the following subject line:
"EMERGENCY I NEED YOUR HELP"
Holy smokes, what's that all about, I think.
I open the email and it says the following:
"I am sorry I didn't inform you about my traveling to Europe for a program called Empowering Youth to Fight Racism, HIV/AIDS, and Lack of Education, the program is taking place in three major countries in Europe which are Dublin, Scotland, and England,I am persently in England."
Okay, it got my attention because I saw it was from a former IBM associate with whom I had just been in contact a week ago in NYC:
It went on:
"I misplaced my wallet on my way to the hotel where my money,and other valuable things were kept.I will like you to assist me with a soft loan urgently with the sum of $2,400 US Dollars to sort-out my hotel bills and get myself back home.
"I will appreciate whatever you can afford,I'll pay you back as soon as i return,Let me know if you can assist?so that i can send you the details to use when sending the money through WESTERN UNION or MONEY GRAM. Please do send the payment information as for me to get the money in minutes."
Name of Turbo's Friend Here
Her Correct Email Address Here
So, of course, the first thing I did was look to see if the email header information was correct.
Then I started thinking about the "cause" that my friend was traveling on behalf of, and concluded that that certainly could be the case, and good for her, but oh no!
Then I wondered about why she didn't have access to an American Express card or some other credit card that she surely could get a draw from (and better yet, draw it in Euros!)
And then I started more closely examining the grammar of the email.
Min you, this communication was from a consummate marketing communications professional with whom I had worked in the past and who was also now a digital marketing consultant.
Even under the most dire of circumstances, she would not have made the kind of grammatical mistakes represented in the text above.
That's when I concluded she, and I, had been the near victims of a successful phishing attack.
And that's about the time I immediately went over to Twitter to see if she had posted anything there about the frightening circumstance that she supposedly suddenly found herself in in Dublin/Scotland/England.
Very phishy, indeed.
A short while later, a Tweet appeared from her Twitter ID (which I guess I just presumed she was still in control of, particularly after I saw the dispatch):
"Someones hack'd my LIVE PW n' sent an email to my contacts askin 4 $$! Tryin to fix-why doesn't MSN respond fastr to identity theft issues."
Apparently, no response emerged from the Evil Empire, because several hours later (7 according to her) this dispatch appeared:
"Ok, 7 hours and nothing from Microsoft. Don't emails to the topic "unauthorized person using Windows Live ID" get handled as a priority?"
I checked again a few minutes ago, no more Tweets.
Then I sat back and thought about all that had gone down in this chain of events, and realized what a long way we had come from Nigerian email scams.
Though I had hesitated, I certainly did consider sending her money.
There was just enough personal information included that, combined with her story and the fact that it appeared to be from her email address, I certainly had to seriously consider it.
But thank heavens, I was also skeptical enough to give a wait and see attitude. However, but with a few more details I could easily have been had for at least part of that $2,400.
And then I realized that that ancient but classic 1993 New Yorker cartoon was true:
On the Internet, nobody knows you're a dog.
And apparently, nobody has to.
Technorati Tags: microsoft, phishing, internet security, windows live