PreScript: while we’re on the subject of staying safe: – there’s a weather warning out again for tonight, and it’s often during rubbish weather that the ratbags come out and cause problems, so be vigilant and aware tonight, make sure you’ve locked your sheds and out-houses up.


Hi, there are a number of email scams going round right now. Notably people overseas have managed to access a number of people’s XTRA / Yahoo accounts, and are sending mail to people contained within the contact lists within their Webmail.

Once they have brute-forced their way into your account and obtained your contact list, they create a generic type of email which they send out individually to each member of the Contact List, something generic like:

Hello,
Can I ask you to do me a favour?
Tom

When you reply to the email it gets sent off to a different email address, one which the scammers have setup deliberately to catch the responses of people who might be concerned for their friend who appears to be asking for help.

… Do not fall for this, instead of replying by email pick up the phone and check if your friend sent the message, and if they need help. – Chances are they they will have no idea initially that someone is abusing their email address and contact list.

The next steps of this scam are for the person overseas to claim that they are currently on holiday and need some money for something, they’ll then attempt to get some funds from you or some credit card details etc; something which you might give, if you honestly believed that it was your friend in need… – DO NOT DO THIS. 🙂


What can you do if this has happened to your account?

  • Make sure your virus software is up to date (use a paid solution, don’t be cheap and insist on using free software, you often get what you pay for!).
  • Change your email password – often you’ll need to use your webmail interface from your ISP to do this. – Call them for help to learn how to do this if needed. – Make it a complex and hard to guess password, DO NOT use common or dictionary words. If you have zero imagination and cannot think of anything then use a simple password generation service like http://www.dinopass.com/ to make something up for you.
  • Use dedicated, one off passwords for services like this which can fall under regular attack, if you use common passwords over multiple services, then if one of them gets brute forced, the chances are that your Facebook account, your Amazon account, your eBay account and others which are commonly used, will get opened up and abused too!
  • If you’re using XTRA / Yahoo (which seems to be regularly targeted and cracked), then consider shifting to another service provider. – But importantly make sure your passwords are not easy to break!… There are computerised routines being run against accounts looking for easy ones to break into…
  • You’ll get a feel for how widespread the abuse of your account has been by the number of concerned phone calls you get from your friends. – For every one which takes the time to call you, it might be safe to assume there’s 10 more people on your contact list who also go the email, but who just dismissed it and ignored it… When you’re dealing with your friends and contacts calling you to let you know about this, be patient and apologetic, most likely the reason why they received this email in the first place if because you most likely used a simple to crack password…

Good luck, and stay safe online. – Pass this message on to your children who operate their own email accounts too, you need to help them to understand that they too need to keep their own accounts safe – Make sure that they don’t reply to emails like this, they may well get drawn into email conversations with nasty people overseas!..

Chris – Grapevine Admin.