On April 13, I received an email from someone close to me, a relative and the contents of the email shocked me at first and then got me thinking, here is the contents of the email.
Subject : My Predicament
How are you today? I am writing to ask a favor from you. I traveled to United Kingdom for a Conference which i got myself stuck. I was robbed at a gun point yesterday and the robber’s took all my money and some document. I’m confused and worried over here, Please can you loan me some money, i promise to refund it back when i get home. I need $1,800 (One Thousand Eight Hundred Dollars) to settle my bills and buy a flight ticket to go back home.I will appreciate any amount you can quickly arrange and send to me via Western Union Money Transfer, please let me know if you can help me out of my predicament, I will check my e-mail again to read from you.
Thanks and Regards,
Interestingly, this person actually traveled around the world and this email made it even more convincing. However, the first thing that I did was to call him and check. I knew that I would know if this person had left the country. Anyway, when I called him, he mentioned that he had been receiving calls all morning and this is something that he was puzzled about. As soon as he received the email, he turned around to check his email and could not find any email and actually got logged off a bit later. Secondly he was stuck with trying to log back in.
I tried replying to the email and here is the transcript of the conversation with the hackers:
“……. … this would be a problem I think someone has hacked your email.”
” This is true and i need your help.”
“Ok I will help, please forward the details “
“Thanks for your mail, I will be very glad with your help on my situation. Please kindly transfer the money via Western Union MoneyTransfer to my details below.
ADDRESS: 147, CROMWELL ROAD,
LONDON, SW5 0TH
Let me know once you send the money and get back to me with the necessary details that will be given to you at the western union outlet.”
Unfortunately he used this email for his personal as well as professional use. It was a Yahoo ID. The infiltrators had gained entry to his email and managed to send emails out to certain people within the address book. This incident is something of a life changer for the person. He had all his contacts previous emails and a lot of personal information being under this ID for over 5 years were in that Id store.
We tried writing to Yahoo about the same as well as trying to provide evidence that the ID is ours. and by this hoped that yahoo would restore the account to us. But all in vain. Yahoo said that they can block off the email so that no one accesses it, but cannot restore the email.
Just after the incident I read in the news that M K Shankarlinge Gowda, Secretary, State Transport department of Karnataka also had a similar instance and has filed a complaint with the cyber police in Bangalore. Now after the Official of the State transport department, it is the turn of the Chief Minister of Karnataka; NDTV reports
Identifying himself as Dr Srinivas Reddy, a senior government officer from Andhra Pradesh, a mysterious e-mailer sought information from a top IAS officer and even despatched e-mails to the Karnataka Chief Minister P S Yeddyurappa.
Now, senior Indian personnel seem to be getting the target of such attacks of phishing. This got me thinking that its not an issue of Hotmail / Yahoo or Gmail, but someone getting hold of your email seems like a possibility to anyone. The greatest issue with something like that happening is, since all of these web based email use cloud storage, getting access back to the emails is not only an issue but also something of an impossibility with the rules around these issues. After this incident I think the main thing you will loose is not the fact that your email id is now gone; but years of email and data that is accrued in the original email address. For most people the first email Id is the one that they are still using. I guess this is why it might be a better way to get your email and contacts backed up on your local machine.
Is it better to get a desktop based email using POP or is cloud computing still relevant ? what do you guys think ? In the mean time I am writing a post on how to avoid email phishing alerts.