I received this email last night. It's from a friend who works as a tour guide for us.
———-
From: Mary S. (********@gmail.com )
Date: October 13, 2010 6:16:30 PM PDT
Subject: My Plight
I’m writing this message to you with sadness. I traveled to London for a short vacation and unfortunately for me. I was mugged at a knife point last night at the park of the hotel where i lodged and all cash, credit cards and cell phone were all stolen from me, I have reported the robbery to the police but they are yet to find the muggers. My flight leaves in less than 18hrs from now and i am having problems paying my hotel bills. The hotel manager won’t let me leave until i settle the bills. Please, I need a loan from you to return back home and i want you to get back to me if you can help.
———-
At first I was caught up in emotion and eager to help her. I could only imagine the nightmare she was going through. I replied with an email and received instructions on where to wire the money ($1,500). Then I realized I was falling into a crude, if clever, scam. (Re-reading the email text, I noticed that her name, my name ‘ anything that could have made the message truly personal ‘ was conveniently missing.)
Then I thought I should at least let the real Mary know that her email and contact list had been hijacked, so I sent her a message through Facebook, instead of her gmail address. An hour later I got a reply…stating that the email was true, she really was stranded in London, and she desperately needed my help. But again, the wording was generic, with no mention of anything familiar that she or I would know.
Apparently, Mary’s Facebook information was the actual scene of the crime, giving hackers everything they needed to pull off their scam. I un-friended her.
One of the best ways travelers can help one another is by being armed with good information…like which scams to be on the alert for. Our Travelers Helpline at ricksteves.com has a long thread dedicated to a scam like this one, called: Scam “I’m in Tears!!!” Our emails were hacked into!!!.
Have you received any travel-related scams like this? Any advice for protecting one’s self?
Unfortunately, a family acquaintance had this happen and sent the money. I can`t imagine many people actually do but even if say 1 person out of a 1000 sends the money, bam $1500 and these people have way more than 1000 e-mail addresses hacked. My brother got a similar e-mail and reacted like Rick, at first eager to help but then suspicious. Beware
If “Mary” is a native speaker of English, her slightly off kilter syntax would be a warning.
I received such a scam mail from a friend`s email a few weeks ago. I knew it was a scam as it said the American Embassy would not help – which is not true. Also it was signed by her husband who was the one allegedly in London. He works for a large company that – had he been abroad – and mugged – would have come to his aid. this is a fairly common scam.
I had the exact thing happen 3 weeks ago and sent an email back to the scammers saying my friend Mary (true name) would be smart enough to go the american embassy to seek help and help her sort this out. I did not hear back after that. Later that week I got ahold of Mary and she said she of course it was not her and tried to send out emails to nullify the first ones but they got hijacked.
I had a similar email from someone I would call an acquaintance. Not a close friend. So that was a red flag for me, as I know she had relatives and other friends she would seek out first. Also I had not heard of any plans for a trip to London! I chose to ignore the email. Sure enough, a few days later came a message to block the address as it had been stolen, and she had a new one. Lesson learned, and I told as many people as I could about this scam!
Rick, luckily I have never received e-mails from “friends” stating that they are in dire need of money due to robbery, unexpected illness, etc. A good rule of thumb that EVERY traveler should use is that pickpockets, scammers, and thieves will ALWAYS approach you FIRST. It is known throughout the world that Americans are generally friendly, open, and eager to assist someone in need, so people with bad intentions exploit this fact for their own personal gain. The leather jacket scam, the petition scam, and other scams begin with the perp initiating the conversation. I have tried to keep as open a mind as possible when I have traveled (eight vacations in three years to Europe and Latin America) so that I can interact with the locals. But ALWAYS, in the front of mind, is the possibility that someone will initiate a scam. This mentality doesn`t keep me scared, just prepared. And if I get even a whiff that someone is trying to pull a fast one on me, I revert from being Timmy the Friendly Tourist to Arnold the Agitated A-hole VERY quickly. Just because I`m nice doesn`t mean I`ll let you walk on me because you have an “authentic” Versace leather jacket that you want to sell me!
Another form of this scam is happening on Facebook through the chat feature. The scammer is able to pose as one of your “friends” and uses the same mugging story in real-time to try and get your money. Not sure if links are ok here but go to “http://www.businessinsider.com/2009/1/nigerian-scammers-still-roosting-on-facebook” for a good example and a response from Facebook.
My Stepmother contacted me after receiving this email from the personal email account of a peripheral friend. We advised her not to respond. We also had an incident with my mother recently where she was selling something on Craigslist and the buyer sent her a fake check for 10X the amount (by “mistake”) and asked her to deposit it and send her back the difference. Seems like the scams are getting more personal which unfortunately probably means more effective.
This just happened to us about 3 weeks ago. I got so many calls from friends and family we hadn`t heard from in years. But I knew something was wrong when I went to open my emails and there were none. And my whole contact list was gone! I lost everything on my sbcglobal account. So I had to open a new acct. My kids suggested gmail, they felt it was safer. But ultimately it was my own fault for having the same simple password for years. The best advice is to change your email password every so often and make sure you have letters and numbers combined. I went in and changed every password on any account I use on line.
This makes me not want to check my email or any accounts on a public computer while traveling. A small, lightweight laptop or iphone would be ideal for checking personal accounts, of course this doesn`t prevent us from receiving such mail. Thanks for the alert on this scam.
The content in the message should have been enough of a warning that further checking must be done before helping.
My grandmother received a call from an unknown person saying that her grandson was hurt while abroad and needed money for hospital bills. She said that the man was convincing and she was close to wiring money, when she called my father, who told her it was a scam and I was with my family at home.
I`ve had this happen a few times. One was supposedly from my son who was supposedly in London. I read it while he and I were sitting in the den, watching a ball game. I asked him if he was in London. He said no, he was here with me watching a ball game. He changed his email address right after that.
Rick, This type of scam (or variations of it) have been quite common in the area I live as of late, and a number of seniors have been victimized and have lost several thousand dollars each (and sometimes more than that). The scam typically begins with a call or E-mail request from a nephew, cousin, grandson or other relative who has supposedly been arrested / robbed / stranded and needs money quickly to return home. The perpetrators usually have just enough personal information to sound plausible, but as you found there are often very subtle grammatical or factual errors. They usually request that the funds are transmitted via Western Union, as once the funds have been sent there`s little recourse and it`s difficult to trace once pick-up has occurred. There`s also the well-known Nigerian E-mail scam offering to pay a “reward” for helping to claim a multi-million dollar estate (I receive those on a fairly regular basis, and they`re deleted immediately). These scams can originate in a variety of places and target just about anyone. This is one reason I haven`t signed up with Facebook yet (and probably won`t). I haven`t yet had to deal with the type of situation you`ve described, but I`d also try contacting the affected party (or other relatives) via several different methods as you did, in order to confirm the situation before I`d send any money. The method I`d probably try first is a phone call, as I know what my relatives sound like, and I could ask questions that only they could answer.
The U.S. State Department can give U.S. travelers various kinds of emergency assistance, including financial assistance. http://www.travel.state.gov/travel/tips/emergencies/emergencies_1212.html Here is U.S. State Department information on international financial scams: http://www.travel.state.gov/travel/cis_pa_tw/financial_scams/financial_scams_3155.html It would be good to have these links posted prominently on the Rick Steves website.
I`ve received a variation of this e-mail three times in the last year. The first one was supposedly from a dear friend who lives like a hermit in the mountains of Montana. My first thought was, “Wow, he actually left Montana?” I reread it and realized that a poet with an advanced degree in English did not write that message.
This is why you should always use complex passwords that don`t consist of words from a dictionary. Or words from your Facebook profile. A complex password is something like rSPhq7N0O!7fmz. If you use simple passwords then the “bad guys” can hijack your email and Facebook accounts and send out emails like the one Rick received.
It`s good to practice good password security, but be advised that this is not enough to stop the bad guys. If they hack a mail server, they do not need your password. Let`s just say, without naming names, that some major e-mail providers are more serious about security than others. Let`s also hope that the bad guys never master English grammar and usage, so that their messages will continue to sound “off” to English speakers. I was recently a victim of this scam. It was heartwarming to receive messages of concern from so many dear friends. Fortunately the experience was not marred by having any of them lose money. Thanks, Rick, for raising the collective consciousness on this issue.
Wouldn`t a Rick Steves` tour guide be wearing a money belt?
This same thing happened to a friend of mine this past summer. Although her facebook was also tampered with, we suspect the hacking initiated with her gmail account, which her facebook profile is linked to. It`s quite possible her e-mail account and password were obtained through one of those “you`ve entered a wrong password, please try again” or “your login has timed out; please enter your password to continue” messages. When either of these happens, it`s always a good idea to make sure the web address is still correct and not some other page that a hacker has designed to look like the login screen (which really will instead record your keystrokes/password).
Wow! It shows that when an experience traveler like Rick almost goes to the brink of sending someone some money, we all have to be a LOT more careful!
This email ,almost to the word was received by me and others here in Virginia. Ours was “from” the curator of the d”Art Center, one of our art centers. The knifepoint encounter was missing, but her plea was the same. I immediately let the Director know and she said they`d been hacked and had changed their address. As far as I know no one fell for it because it was very obvious the curator wouldn`t have notified us (impecunious artists!) saludos, ellis hw
I just got the scam email. After my initial urge to help also, I asked my friend two security questions that only they would know. Still waiting for reply, but i think i saved myself $1500.