Cybercrime is getting bigger, stronger and faster as we talk. Diana Solomon is one of the victims of cybercrime. The hackers got acces to her e-mail account. And claimed that she needed money.
Diane Solomon was on her way from her Santa Clarita home to a run/walk at the Los Angeles Memorial Coliseum earlier this month when her smartphone alerted her to an e-mail received on her work account - sent from her own personal e-mail address.
According to the e-mail, titled "MY PLIGHT!!!" Solomon was currently stranded in Europe after being robbed at gunpoint. She didn't have any money, her cell phone wasn't working, and she needed 1,500 pounds to be wired to the U.K. to get back to the States.
Within minutes, she began receiving concerned texts and e-mails from some of the 400 contacts in her Yahoo! e-mail account.
"I'm talking to you on Facebook right now," one neighbor wrote in a text.
Solomon didn't have a Facebook account. Whoever had hacked into her e-mail had used pictures in the account to make a Facebook page for her and was pleading for her friends to send money.
Solomon's ordeal typifies a scam that has been growing in frequency over the last several years as the overall rate of Internet crime has jumped dramatically.
Elizabeth Garcia almost became a victim herself when she read the e-mail claiming to be from Solomon. She asked if she could pay for Solomon's hotel bill by providing the hotel with a credit card number, to which the hacker responded that the credit card machine was broken. Garcia even contacted her own father, who lives in Italy, to see if he would be able to send Solomon some help.
Garcia, a San Francisco resident, had never met Solomon in person, but the two connected over the phone and through e-mail because Solomon was a support volunteer for the Kawasaki Disease Foundation and Garcia's nephew had the disease.
"So the minute I saw her e-mail, I almost felt excited, like, `Yeah, I can finally help her."' Garcia said. "So perhaps that's part of where my good judgment went out."
While she thought that some of Solomon's responses were strange, she never questioned them, Garcia said.
"They didn't write particularly well, and I remember thinking, "Maybe she was so upset'," Garcia said. "Everything that was being written back was not very practical, and I thought she had started drinking or something."
Still, Garcia was on the verge of wiring the money when her family members warned her that it was a scam.
One close friend was more cheeky, asking the names of Solomon's boss and dog. The hacker appears to have been researching Solomon, knowing that she was married with three kids and going so far as to dig up her workplace and find out who the CEO was, then responding with the name. It was the wrong name, and the friend wrote back, "Have fun in the UK!"
Ultimately, most of her contacts were skeptical of the e-mail and none ended up sending money to the scammer, Solomon said.
It was unclear how the hacker accessed Solomon's e-mail. One method could have been the use of a password cracker program, which tries all possible passwords, or a keystroke logging program that secretly installs itself on the victim's computer. Another could have been her password was just too easy to guess, Meister said.
In an e-mail to Solomon after she reported the incident, Yahoo! said that the e-mails did not originate from the mail system.
"It appears that the sender of this message forged the header information to give the impression that it derived from the Yahoo! Mail system," a customer service representative wrote to Solomon, which she immediately dismissed as wrong.
So what did the hackers use
- Her e-mail
- Her pictures
- Her friends
- A story about being stranded at a hotel
- Forged e-mail header
- Researched her background
This is a typical way to use social engineering online. Again internet users be aware of these kind of scams. Hackers that try these attacks are most of the time well prepared. The best way to know if someone is who they say they are is asking a questions what they CAN'T answer.
Did you like the movie we watched yesterday? ( You didn't watch a movie with the person )
Can i have my playstation 3 back? ( You don't have an playstation 3 )
These kind of questions are easy to create and they will give you a view if you don't trust the situation you are in.
The number of reported Internet crimes nationwide increased by 22 percent last year, from 275,264 in 2008 to 336,655 in 2009, according to a recent report from a federal cyber-crime agency