I am typing this posting live as a hacker has taken control of a friends Facebook account. The ploy is the same that has been reported all over the place. Your friend pops up in a chat window on Facebook. They immediately say they are not well and are stranded overseas somewhere. Money and credit cards are lost, stolen or there was a robbery.
They still have their passports and their return flights are good, of course. They just need some funds to pay the hotel bill. Amazingly they cannot call their bank to have funds wired, transferred or have a credit card authorization given. So they reach out to you to transfer them some funds immediately so they can pay the hotel off.
Keep in mind it is late in the day where they are stating the stranding has taken place. And they are at a public library using the Internet instead of the hotel itself, where they would normally be trying to work out the bill. Did I forget to mention that every hotel on check in I have visited in Europe gets your credit card up front and authorizes insane amounts. Seems they don’t have their story right. After I questioned them, they became silent yet were still online…
James hi
9:51am Chris hey
9:52am James how are you?
9:52am Chris good
9:52am James am not too good
am in a huge mess as we speak
9:53am Chris ?
9:53am James we are stranded in wales uk as we speak
9:53am Chris terrible, great place to be stranded
9:54am James got mugged at gun point
all cash credit card and our cell phones was stolen from us\
9:54am Chris but you are online, interesting
9:54am James am in a local library right now
it was a bad experience for us
thank God we still have our lives and passport
we need your help
9:56am Chris sure glad to
9:58am James
wondering if you can loan us some cash to that
our return flight leaves in few hours but we are having problem sorting out our hotel bills
we will def refund it once we get back
9:59am Chris oh sure, that is easy
isnt it past hotel check out time? didnt they have your credit card on file already as all those hotel make you do on check in9:59am James I had been hacked. Thanks for offering to help me.
I reached out to the person via email to let them know about their account and to reset and protect it immediately as you see in the end message.
The Lesson: Make sure your own account has a complex password. Never believe that a friend is stranded and you are the only person that could help or that the story even makes sense. There were more holes than Swiss Cheese in this one.
Secondly, if you are a geek with a few minutes of free time, definitely play along and really reach the person that got hacked. Who knows, maybe one day it will be the game of catch a thief.
Mark