Early this morning, I see an email from my realtor in my inbox:
Right away, I noticed something; something aside the fact she wouldn’t ask me for “urgent help”. I noticed her signature was missing her phone number and realtor info.
I correctly surmised her e-mail had been hacked, and this was someone running a scam. So, I answered.
Anyway, it went on . . .
- The return email changed from the actual email to a fake email.
- Notice the two different fonts. The first one is (likely) the canned “help” message. The last line is the “personal touch” of the scammer.
Now, I thought the request was pretty ballsy. That’s $800; most people would be hard-pressed to drop that kind of money for an “urgent” request for help involving iTune gift cards.
The good thing about this instance is we easily recognize the request as a scam but know that some messages are more convincing. Here’s my reply:
. . . but I figured I’d see how long I could string this person along. Saying I could only do three gift cards lent — I thought — a measure of realism to the reply.
Also, I knew they don’t have the phone since I’d texted my realtor to let her know about the hack.
Engaging these scammers in conversation makes it clear English is not their native language.
So, here’s where I mix a bit of truth in my responses:
This should raise flags as sending from someone else’s device is not exactly trivial as you’d have to log into your own e-mail on their device. Easy, but most people would be reluctant doing so. Again, note the poor language composition for longer sentences (just like me!).
Also, if you can’t use your phone, how is it you can use an iPad?
I enjoy throwing in actual events into my fiction to lend a measure of realism. I’m also now doing what most people who are friends (good enough friends to ask $800 from) do; share other interests and refer to prior conversations.
I’m hoping this lends more weight to the idea I bought this scam hook, line, and sinker, to use a hunting term.
Unfortunately, I have bad news for them . . .
They show remarkably low concern for my plight:
When I do these kinds of things, Melisa worries there might be retribution. I suppose, but I doubt it. It takes time and effort and there’s no gain to it. It’s just as easy moving on to a more gullible fish.
I mean, I suppose they could try hacking me email . . . but, they would have to install a keylogger on my machine so they can steal the login credentials. But, even if they manage that, they would also have to get my phone since almost at all of the places where I have accounts of any kind, I’ve turned on two-factor authorization.
Some might consider it a pain, having to enter a random code whenever logging on to places, or receive a text with a code, or use other methods to verify one’s identity.
I mean, I suppose it’s possible for someone to break into my house and install a keylogging program on my machine, but since they would be in the house, they could just bop me over the head with a baseball bat.
Otherwise, they would need to rely on my clicking on a malicious link at a malicious site. Also, rely on the various safeguards I have installed to fail and allow me to get to a malicious site and then allow said malicious code to load on my PC.
I suppose it could happen. The odds, though, are small.
Anyway, next time someone tries to scam you, have some fun; waste some of their time.
I should do a picture, just for kicks . . . how about two?
That’s it. This post has ended . . . except for the stuff below.
Note: if you are not reading this blog post at DisperserTracks.com, know that it’s copied without permission, and likely is being used by someone with nefarious intentions, like attracting you to a malware-infested website. Could be they also torture small mammals.