You are here:

Posts Tagged ‘Rotary scam’

This is a scam

26 Feb

by

Rotarians Beware: The Sympathy Scam

In the hacking world, it’s called social engineering. The hacker uses behavioral tactics to trick you into divulging confidential info and manipulating you into doing something you wouldn’t ordinarily do.

For example, if I called your company and said, “Hi, this is Joe in IT. We’re finally getting around to solving that printer issue. Sorry it took so long! You know how it is around here…We just need to test your login and then we’re done. What’s the password again? Oh, and be sure to change it when we’re done testing…”

More than 50% of your employees will fall into this kind of trap.

Well, Rotarians are the latest target of such scams. Please take a look at this email circulating last week:

Am in a great sorrow writing you this note,Just wanted to inform you about  something very  important,i could  bearly think straight at this point,i hope you come to my aid. Because something very terrible is happening to  me now,i need a favor from you now,I had a trip here in London.

Unfortunately for me all my money got stolen on my way to the hotel where i lodged along with my bag were my  passport was ,And since then i have been without any money i am even owing the hotel here.

So i have limited access to emails for now, please i need you to lend me about 1400 Pound so i can make  arrangements and return back I am full of panic now,the police only asked me to write a statement about the  incident and directed me to the embassy,i have spoken to the embassy here but they are not responding to the  matter effectively.

I will return the money back to you as soon as i get home, I am so confused right now.i wasn’t injured because  complied immediately.I will be waiting to hear from you since i can’t access the internet always.

I await to hear from you.

Kind Regards.

Granted, the above email has a few red flags. For example, it’s full of errors. Also, it wasn’t well-customized for the recipient. However, you can imagine how effective it could be with a bit of fine-tuning.

Bottom: Never trust anything arriving via email. Always bring an abundance of caution to anything relating to the internet. When in doubt, pick up the phone and call (but don’t call the phone number in the suspicious email. The bad guys will anticipate that, too!)

Worthy reading:

http://en.wikipedia.org/wiki/Social_engineering_(security)

http://www.pcworld.com/article/159708/scammers_dirty_tricks.html?tk=rs s_news

http://www.microsoft.com/protect/yourself/phishing/engineering.mspx

James Kerr is Chief Geek at SuperGeeks. He can be reached at 531-GEEK and www.supergeeks.net

You can now follow James on Twitter. Receive helpful tips, virus alerts, and market trends: http://twitter.com/supergeeks

0 Comment , , Computer Security, Market Trends Subscribe to our feed