According to Getman, potential victims report receiving an urgent email from an account known to them. The email includes an urgent plea for money, recounting a false claim that the email sender was traveling abroad and was mugged or robbed of all cash and property. The email also requests that funds to be wired via Western Union to help cover expenses during the interim period, with a promise to repay the loan. The same email is sent to nearly every email address listed in the sender’s address book.
This scam relies on the fact the potential victim will act swiftly because of the urgency of the message coming from a trusted source – often the account of a friend, relative, or colleague. This scam has multiple victims — the people who receive this email as well as the sender, whose email account is compromised and used for the scam. The perpetrators often gain unauthorized access to the email account used for the scam through an earlier “phishing” (identity theft) scam, whereby the email account holder is tricked into revealing his or her password information.
Because the scammers have access to all of the saved emails in the compromised email accounts, they may learn a significant amount of personal information about the email account holders and be able to convince skeptical recipients of these emails that the scammer is, in fact, the actual friend, relative, or colleague associated with the email account.
According to Getman, since the vast majority of these scams originate on other continents, the best way to combat this newest type of e-mail scam is simple: education. Getman suggests some tips to avoid becoming a victim of this and similar email schemes:
• Avoid immediately responding to information provided via email until you have first verified the source. Confirm the information contained in an email by speaking directly with the parties in question.
• Be skeptical of any request for money made via email, particularly if accompanied by claims of urgency or necessity.
• Do not respond to unsolicited email such as “spam,” since these emails may potentially contain software that is harmful to your computer and which may be designed to compromise your passwords and other personal identifying information.
• Be extremely cautious about sending any personal identifying information, banking information, or any other sensitive information in response to email requests. Unless you are expecting such a request, or you have initiated them yourself, in most instances you should not be sending this information to anybody.
• Be cautious about any emails which appear to come from financial institutions. Many scams involve emails that appear to be legitimate bank communications and even provide links to the financial institution’s web site. These links may look exactly like the actual bank’s web site, but in reality, may be capturing the login and password information that you provide.