Hacked!! London Scam

It was an extremely nerve racking day for me, and I am sure for many of you, my friends. Some of you I have met, Some I have corresponded with, but I am thankful for the responses and concern from all of you. But let me get to the story, so that others can figure out how this unfolded and hopefully take preventive steps for the future. Now remember that even computer proficient people can be negligent, like me, so hopefully this will serve to teach even the clever ones.

8:00 – I park the car in a secure garage; using my entry card, walk through many double glass doors, using entry cards and into my office, a secure building. Security is not lax in any way and everybody is a bit more aware after recent fatal shootings at one of our factories. I believe all is well and secure; another grueling day at office is about top start. Little did I know how it was to unfold.

9:00 - I am at work, logged into the computer and scrolling through my mail this morning, checked it logged out, but I could not log back in. I was a bit mystified, so I tried logging back in again and again, only to note that it would not accept my password. I tried an alternate gmail which worked. I went on to gmails password recovery page, which stated that they had sent instructions to the yahoo address which was listed for the recovery purpose. But that yahoo mail account had no incoming mail in that account. I was mystified, wondering if there was some goof up at the Google mail servers, but then the other mail account was OK!!

9:30. Then came the first phone call from a long lost friend in Dubai, he started asking if we were safe and if we were OK and not injured. I was flabbergasted. He went on to explain about an email he had received from me stating that I was mugged in UK and needed money to fly back in the next three hours. Soon enough, another friend called me from Switzerland asking me if I was Ok and not badly injured. I was shocked, and he explained me about the same mail he got from me.

Now I started getting worried. In a flash I knew that the account was hacked and the scam was on. The scammer was trying his best to get as much as he could in a short time window before the security systems closed all doors. I wanted to get word out to everybody that it was a scam, but how would you do that if your contacts were all in that gmail account? Mistake # 1, lesson learned #1. I remembered then that the recovery mail had been sent. But you are deceived by the Google mail saying it has gone to an @yahoo.com account. You are not told which!! Remember this for now as Lesson#2. And I knew I was no longer in a secure domain, but in a very unsecure cyber warzone, the underworld of the hackers who had taken over my Google accounts.

I was also worried since the account was linked to an AMEX card. I feared that that too was getting hit simultaneously, but I dreaded logging in fearing that the computer itself was probably compromised with key loggers and the such. But then I decided that I could not handle two attacks at the same time, on the mail side and the AMEX side. So I crossed my fingers and left the card and concentrated on recovering the mail account.

I tried frantically to get to gmail recovery services and got to the next step i.e. the Account recovery form ARF which asked me a lot of precise information such as 5 frequent mailers, five folders in the gmail account, details of other linked accounts, which dates they were started, the date on which the gmail account itself was started, a copy of the invitation used to start it and so on. It was a daunting process. Your troubled and racing mind can hardly comprehend the issue at hand and now this kind of detail from memory is not so easy. I filled it up step by step, racking through my the old grey cells to get to some of the details.

Meanwhile what was going on without my permission was going on, the hacker was at work but my attempts were concentrated on regaining control over the account and to stop the nonsense before he tricked somebody.

As this was going on in office, my wife and I were receiving calls from across the globe from caring friends asking if and how they could help. I was so embarrassed; many were people I was talking with after ages.

The first input came when a friend mailed a copy of a mail that I had supposedly sent from UK. It read as follows

My Predicament!!!

I'm writing this with tears in my eyes, my family and I came down here to London, England for a short vacation unfortunately we were mugged at the park of the hotel where we stayed, all cash, credit card and cell were stolen off us but luckily for us we still have our passports with us.

We've been to the embassy and the Police here but they're not helping issues at all and our flight leaves in less than 3hrs from now but we're having problems settling the hotel bills and the hotel manager won't let us leave until we settle the bills.

Am freaked out at the moment.

Some who knew me very well saw through it, for it was not the kind of language I used. Phrases like ‘am freaked out’, and ‘tears in my eyes’, ‘London England’ were dead giveaways. Some knew I lived there, had friends a taxi ride away, so why should I send a mail to somebody in Dubai or Singapore?. Also if you were sending messages to people that close to you, you would not say ‘my family’. You would use their names or you would tell them to call you at a number or meet you. This is Lesson #3

Lesson#4 to all readers – nobody who is mugged has the sense to send out such precise messages with dotted i’s, crossed t’s and comas and full stops. Then again, if the hotel manager and the police knew the problem, you cannot leave in a flight in 3 hours. So disregard urgent action needs coming from emails, People call.

Lesson #5 – What on earth does one have to do with an embassy and you know how helpful they are and how much times it takes.

10:30 I was racing against time. I knew that there was an outside chance that somebody may do something, like wiring money or something. So I was checking my backup mail account for replies from Google. Alas, they are not available on the phone to talk you through a problem. The first reply came saying they could do nothing about restoring my a/c or blocking it with the ARF information provided. My hopes were crushed.

Another friend then called from UK. He had more news. He replied the message stating that he was near London and could help (a very interesting turn of events as this pal and I had never met, so he did not know my voice or face). Where was I? The hacker replied. Mayflower hotel London (I do not remember if that was the name, but suffices for the moment), that I was supposedly in a hurry to catch the flight, he needed the money urgently in a Western union account, details provided in the mail. My friend called the hotel to hear that nobody with my name was registered there. So he found out that it was a scam. Then he hunted down my number in US & called me to explain what was going on across the (pond) continents.

The hacker, was operating out of Nigeria. It was past noon by now in Nigeria. His time window had narrowed, the possibility of success depended on some soul wiring him money into WU and providing the MTCN. I was praying fervently that nobody did, as I worked the keyboard frantically to get my account back, filling the ARF again, going deeper and accessing dormant grey cells in my brain for dates when various accounts had been opened, connecting events and locations and drawing timelines.

A friend in Sweden called to see if he could help. I explained the issue and wished him Godspeed as he was driving out out for his vacation. Checked my alternate Google account again, no good news. Dusk in Dubai - My friend in had sorted out the issue and settled for dinner, Night time in India - my friends there were frantic some calling my mother in law in Calicut to find out what was going on. She has talked to her daughter just yesterday, they were not in UK, but are very much in US, she explained. One of then offered to inform some others he knew in our circle that it was a scam.

I had another issue, for I had a home inspection due in 10 minutes. So got into the car and sped through, fortunately not breaking any rules, reaching home in time. The last time I did that was when I drove fast to close the home doors after realizing it was left open. I got a speeding ticket, but that is another story. The inspector was late. But as I logged into the account, I saw a message from Google with instructions on how I could change the password and reset the account, which I did. I sent out the first message to a few people. But the contacts list was lost, so it was laborious inputting each email ad. But then, In the euphoria I had just logged in and reset my account and changed the password

MISTAKE, for the hacker creep was ready for that and waiting in, Nigeria. Now how did I know he was in Nigeria? That will be clarified later, and well, he knew exactly how to take care of this too.

1130 It was now 2 hours and counting after the hacking.

The front bell rang. The home inspector came and as he saw me, his eyes literally popped out. He said what are you doing here? We just read about your tragedy in UK. My boss & me who got the same mails were wondering and hoping you are physically OK…Wearily I explained that I had been hacked. I knew I was stuck for the next 2 hours with the inspection, but then I was glad I had changed the password. Nevertheless, I was on tenterhooks but trying to focus on the points the builder had to take care of. Pat the inspector was patient, but I was not. My nerves were jangling, my senses keen even though the PW had been changed.

Finally he was done and left. I jumped on to the keyboard and logged back into gmail, but it would not let me do that. Again the message in red – Wrong password. I was furious and like an idiot snapped at my wife who was asking what I wanted for lunch, while trying to figure out how & why this new turn of events had taken place.

It dawned on me, suddenly that as the bell was rung by the inspector, I had forgotten to change my recovery email address which had been hacked to another yahoo address. Google would reply me saying instructions were sent to the yahoo ad and I would think it was mine, but it was cleverly mimicked by the hacker to give you that sense of belief at least for a while. He needed as long a time window as possible. I was furious with myself, I had restart the whole ARF process again of providing all the details to Google, which I did and sped back to office again, hoping that some cop with a radar gun was not waiting behind the shadows.

Meanwhile the Nigerian a&*^&hole was communicating with friends of mine. Some asked him to call their numbers. Some asked him what was going on he replied thus

Glad you replied back, Am not to good at the moment and i have no
access to phone, this is the only way i can get to any body. We have
nothing left on us right now and we're lucky to have our life and
passports with us it would have been worse if they had made away with
our passports.

Well all we need now is just £1,231, to pay for the hotel bills and
also take a cab to the airport, if you can help out, you can have it
wired to my name via Western Union outlet i'll have to show my
passport as ID to pick it up at the western union outlet here in
London and i promise to pay you back as soon as we get back home.

Here's my info below.

First name Last name
London United Kingdom

As soon as it has been done, kindly get back to me with the confirmation number. Let me know if you are heading to the WU outlet now??.

Night in India - Joe was on the train from TVM to Trichur when he saw the first mail, he mailed his friends in UK. One who worked in Radisson started checking if I was booked there. Another mailed me asking me to call him. But I did not of course get those mails. A friend whom I had never met offered to call the hotel and settle the bills with his credit card instead wiring money into the WU account. All these mails surfaced later.

Back in the office, I logged back in, and in a few minutes found the welcome sight – the mail from google about the reactivation. This time I logged in and did what I had to do, step by step.

The inbox, sent items and trash were as it was in the morning, all incriminating evidence removed. But all contacts were lost and saw that the hacker had left behind a forwarding yahoo address for all incoming mail, deleting them from Google’s server as they hit the account. But I went about my tasks.

Set up for secure https.
Found that all mail was being forwarded to an yahoo account.
Trash cleared up, contacts gone, but all the rest in there.
Found a new IP addresses of the person who had hacked –checked it – even though it said United States (NY) to put you on a wrong track, it was listed in Nigeria when I dug deeper. It was a well-known black listed scam spam harvester.
Changed my alternate ad, put a strong alphanumeric PW.
Changed secret question
Removed pop3 and IMAP checks
Downloaded the gmail back up program, but that does not work behind a proxy – so deferred action to evening.
Went to yahoo mail,. Changed PW, checked all settings & strengthened them.

130PM – I had regained control of my account. I had sporadic mail input after that, some who were responding, plus sending out mails to more people for local assistance. But the damage was done; I do not even know the events that transpired in those 3 hrs save the few mails I got copies of. Some corresponded asking if that was me and the hacker sent out replies saying yes, indeed, but help was urgently needed. Because I got it back quickly, I believe that the rest of the mail database was not downloaded or compromised.

The hackers window was 3 hours which he stated as the departure time of my flight. So considering a check in 1 hr before a transatlantic flight, he played the game for 2 hours with each replier and then closed and cleared the tracks.

Questions remain – why did they choose me, how much work had he done to find out my first & last names, their correctness, how he determined after reading mails that I used my last name in certain cases and so on. But he made one mistake, for usually these hackers know if somebody is travelling by tracking their IP address through the hacked gmail account. Based on the location he words the mail as mugged in ...What made him think I was in UK?

The afternoon was spent reading up on the scam on the net and answering mails and phone calls of the debacle.

Things to do with your gmail account – NOW!

Account Security:
Settings -> Accounts and Import -> Google Account Settings -> Change Password [pick a new secure password]
Settings -> Accounts and Import -> Google Account Settings -> Change Password Recovery Options [verify secret question, SMS and recovery e-mail address]

Potential Spam:
Settings -> General -> Signature [make sure nothing as been added]
Settings -> General -> Vacation Responder [make sure it's disabled and empty]

E-mail Theft
Settings -> Accounts and Import -> Send Mail As [make sure it is using your correct e-mail address]
Settings -> Filters [no filters that forward or delete e-mail]
Settings -> Forwarding and POP/IMAP -> Forwarding [disabled or correct address]
Settings -> Forwarding and POP/IMAP -> POP Download [disabled]
Settings -> Forwarding and POP/IMAP -> IMAP Access [disabled]

And finally - If you did get a mail like this - Don’t wire money. If you’re asked for your bank account number or are urged to wire money for any reason, it’s likely a scam. Cons prefer wire transfers because they are fast, and funds can be picked up easily and just about anywhere.

How does it work with WU? Well, it appears that after you wire money and provide the MTCN, they can just go pick the money with or without an ID. Sometimes an ID is asked and they create one for that purpose. This means that it is a complex network.

Later that night I backed up all the mails in the gmail account using gmail backup’s program. Checked my computer for Trojans, keyloggers etc, none found. So it was a random brute force break in. 24 hours later, I started getting the red flag on top of the Google window saying they had reason to believe that my account had been compromised. But that was a full day later!!

See what a Google person had to say about that earlier about this feature. I read than that it was also active on facebook these days.
Another blog that details this attack , Why do they use western Union

It is the end of the working day for me, I feel drained, lots of my stuff is still hanging out to dry as they say here and I feel downright foolish and embarassed. My privacy has been violated by an idiot who used brute force to break my account, though I admit (in spite of my son’s repeated warnings) that I had a weak PW.

I need a stiff brandy to calm the jangling nerves. And I assure you, if I see a Nigerian in trouble, I will not be a Gandhi.

Tail note - Anybody knows what back orifice pinging is? Well, the term is a bit old actually, for these days these hackers sniff and ping ports. They are tired of rear orifices it seems. But more on all that some other day for it is quite technical and it requires time to downscale the terms and make a good article.

One friend even stated this - Anyways, your ramblings blog looks like it’s had a new look. Is it his (hackers) work? TBH it looks nice now :) – Well the answer is no, it was all my doing, thank you, they do not do nice things and as I say this, I have a wry smile …

Read feanors blog on how he set up a chase

Buy one get one free

This is a universal gimmick as we all know. The word ‘free’ is magical to many, including me. Say ‘muft’ and you can get a million in front of you in a jiffy in India. Sometimes I wonder what started it all in apna desh. Was it Guptaji perhaps? And it reminds me of a joke about the man who purchased an elephant chain (many kilos of iron) when he heard that the elephant came free with it, only to realize the immensity of the folly a day later, when he had to care for the elephant.

Many years back, we had the first of the free items, the small ‘charm’ or animal replica with the Binaca paste. Some people like my dad were die hard fans of the Binaca green paste, but never collected the charm. Some others purchased the paste for the sake of the charm and ended up with boxes of charms.

Then came the flood of free items. They would offer somewhat silly stuff in the 80’s, like a comb or a spoon with various new releases and I remember my mother, who meticulously calculated the costs and advantages of any purchase, was the one who always fell for it. She would also enter into all kinds of contests and collect and store the wrappings etc for a future ‘contest’ entry. There were things like jackpot, the maggi contests and to be fair, she did win some small prizes in those events, which went on to keep her hopes and spirits up. But the store room soon started to fill with all kinds of waste paper especially plastic wrappings & bottle caps and we had to take charge and get rid of the trash, only to face hysterics from mom, which would rival the best actress in Malayalam movies. . I was the one who started these cleanings process whenever I went home for vacation. She would bitterly state that we had no value for money and so on and so forth & Dad wisely stayed as far away from these events as possible.

Ooops! As Britney said, I am drifting. We were on the subject of ‘free…free…’ not contests. Where were we? Gupatji. Well, the first entry of these kinds of traders were in the exhibition areas. Once a year, the exhibition came to town and with them a whole load of people hawking peelers, knives, kitchen gadgets, all kinds of alien food items (typically north Indian food items), and side activities to keep kids enthralled like magicians and merry go rounds, giant wheels, shooting arenas, three headed men and so on created the oft visited exhibition. And tucked into a prominent corner would be the large Gupatji kind of stall which had the very interesting Rajasthani bed sheets, the Gujrati saris and cushion covers, plus the many types of blankets.

One could always ask what you did with blankets in Palghat or Calicut, but well, we did find a good use for them on certain days, at least the oldest of the people found a purpose for them. It was a welcome relief to use a decent blanket in place of the scratchy ‘karimbadam’. And there were carpet sellers, who hardly sold anything, but then again one or two society ladies who had a fabulous mansion or two to furnish and who spoke passable Hindi, possibly kept them busy. And to entice all these wandering souls, the big banner would proclaim – Buy one get one free.

At first it was not obvious that the prices actually covered the cost of the free item as well. The only persons who went for these were those who needed two and found this an argument to convince the man who peeled out the moolah. They it dawned on them that the quality was mediocre. And people started to take no notice of these things and started drifting away.

So Guptaji came up with the next idea – Buy one get two free. They started employing kids who would give out color leaflets emphasizing the free aspect over & over again, thereby providing much needed business for the local printer.

Well, some continued to buy these things and it is even today a very popular tactic.

Today you see juice places in Calicut’s manachira where the Zamorins family bathed once upon a time, or the SM street cloth shops located where he had his family quarters possibly, teeming with sales boys who would be screaming at the top of their lungs the list of various fresh juices or the latest Bombay arrivals and the free offers. They are today’s hawkers, but a different type compared to hawkers who were travelling hawkers. Like our Meen karan koya (fish monger moplah) or the Kabuliwalah. Here in the US, we have TV hawkers, who have refined the art to a high degree, like the types who sell car wipes and so on. They call it direct response marketing and the people are not hawkers, but pitchmen.

So, here in USA we have shopping channels & TV programs where the pitchmen introduce new things and deals in a most persuasive fashion. My own experience with them has been interesting, like the time I purchased the miracle liquid which would take away the scratches from my new car. The clincher was the extra free bottle, the free cloth and so on. Well, I did get a good muscle tone in my right hand after a week of polishing, but the scratches remained. I thought I was wiser after the debacle and the constant ridiculing over the purchase by the better half, but the next time I fell again for something that would restore the shine on silverware. All you had to do was drop the plate in with all the metals that needed polish into a sink and put in a good amount of hot water & salt. A number of testaments like how the big hotel chains used only this for their shining activity were provided by the hawker. I do not remember but there was some free gift with it too. What happened was that the salt stock at home was over in no time, the plates remained as dull as they were. The itch never went away, for we got a steamer recently which was a super deal since they offered four free steamer pads with it – a 60$ value by itself. After a day’s use we sent it back, for it dripped water all over the place.

But there was a time when it was all worth it. During the early 2000 period, shops in USA decided that they had to get people in to the store. So they offered things totally free. Like a set of 50 CDR’s or some small gadget like a voice recorder or a set of pens. Many of them were really good. I did my rounds in many of those places during thanksgiving, places like CompUSA, Circuit city, Best Buy and so on, and naturally saw a number of like-minded Desi’s at those locations. The idea I believe was to get you into the store and make you possibly buy a 3000$ music system or get you interested in one, but none of the desi’s I know ever did that. The trick in these free deals was that it cost you zero after mailing in a rebate form and getting the rebate check a few months later. So the secondary intention was to get the cash in and help out with the cash flow using these rebates.

But everything has a history right? An interesting forerunner to these ideas is the man who invented the disposable blade and found few buyers. He tried everything and one of the ideas he tried was Shave and save. What and who could that be? Gillete. He tried hard to sell his disposable razor and finally provided large stocks to banks, who gave away a stack of blades free to whoever opened a new account.

Chris Andersson explains - In its first year, 1903, Gillette sold a total of 51 razors and 168 blades. Over the next two decades, he tried every marketing gimmick he could think of. He put his own face on the package, making him both legendary and, some people believed, fictional. He sold millions of razors to the Army at a steep discount, hoping the habits soldiers developed at war would carry over to peacetime. He sold razors in bulk to banks so they could give them away with new deposits ("shave and save" campaigns). Razors were bundled with everything from Wrigley's gum to packets of coffee, tea, spices, and marshmallows. The freebies helped to sell those products, but the tactic helped Gillette even more. By giving away the razors, which were useless by themselves, he was creating demand for disposable blades. A few billion blades later, this business model is now the foundation of entire industries: Give away the cell phone, sell the monthly plan; make the videogame console cheap and sell expensive games; install fancy coffeemakers in offices at no charge so you can sell managers expensive coffee sachets.

An astute reader would make out that the whole concept had by now taken a radical turn. It was no longer an idea to get rid of excess stock; it was first cross subsidy, using a low cost item to sell a higher priced item. Now the concept was to sell something totally different by tacking on something you need. This is what is today known as ‘Freconomics’. They gave away free PC’s at a time when the PC cost 3000$, but you had to run ad’s on your machine. I think that was stupid, for there is a limit to what you can buy for your home looking at those ad’s.

Today this drives entire online industries. Get people visiting to your website by providing great content. Put in ad’s there and the sponsors gain customers. That is the Google plan. Think of it this way. The movie theatre offers a virtually free movie show. You will go. But your mind believes you should have paid $5 for the event. Weighed with that thought, you decide to spend instead that $5 saving on popcorn and coffee at the interval, something that actually costs only a few cents. All this creates hundreds of new business models, but I will not bore you with economical theories and lessons. These days the art of deals & offers is a science, one that is carefully tweaked to get the right amount of sales.

Sometimes you see small groups of wannabe singers hawking their own CD’s totally free on the street. You listen a bit and say thank you and pick one. Does it make sense? It appears that some of these guys have generated much interest. A group called Calypso which provides free CD’s of their work even owns a private jet paid from the stage shows they conduct. Now how do you like that?

Sometimes you wonder seeing these deals

Buy one vacation get another free (problem is getting leave sanctioned)
Buy one watch get another identical watch free (what for?)
Buy one car get another free (?)
Buy one pizza get another free (one reason for US obesity)
Buy one house get one free (wow!!)

And the strangest – Buy one implant, get the next free!!! (Who would do one or price each?)

But at the end of the day - Every transaction has costs associated with it, and while some consumers may appear to be benefitting at no cost to themselves, someone else is picking up the tab. By the way Chris Andersson’s book ‘Free’ is not free, it costs a bit. Still you can get a used book at Amazon for virtually the cost of shipping. How about that? I think it is a good deal, should order it.

Further reading
Chris Andersson - Free! Why $0.00 Is the Future of Business
Foxnews article
Michaelcrews advertisement
Binaca charms blog