I received a pretty convincing email today from a longtime friend who almost never emails me, which said he was in Manila, Philippines – was mugged and needed money sent over. FAKE!
It looked completely real from my iPhone and I freaked out. THANKS FOR NOTHING APPLE.
A friend with me convinced me that it was not a good time to randomly send money to the Philippines given the recent typhoon disaster.
I later rechecked the email from my computer, and THANK THE LORD FOR GMAIL and it’s ACE A++++ spam / phishing detection filter.
It looks much less real given how Google formats emails.
Google’s warning read:
“Be careful with this message. It contains content that’s typically used to steal users personal information.
Learn more / Report this suspicious message / Ignore, I trust this message”
The email subject reads: “Sad News…… ____INSERT SENDER NAME____” <- at first i was startled because it sounded like a funeral
The email body reads:
This message may be coming to you as a surprise but I need your help.Few days back we made an unannounced vacation trip to Manila Philippines.Everything was going fine until last night when we were mugged on our way back to the hotel.They Stole all our cash,credit cards and cellphone but thank God we still have our lives and passport.Another shocking is that the hotel manager has been unhelpful to us for reasons i don’t know. I’m writing you from a local library cybercafe..I’ve reported to the police and after writing down some statements that’s the last i had from them.i contacted the consulate and all i keep hearing is they will get back to me. i need your help ..I need you to help me out with a loan to settle my bills here so we can get back home, our return flight leaves soon. I’ll refund the money as soon as i get back. All i need is $1,950 ..Let me know if you can get me the money then I tell you how to get it to me.
I’m freaked out at the moment
___INSERT SENDER’S NAME____
The reply to address has a carefully constructed address that looks like the owner’s original address. In this case, they added on 2 more numbers but kept the rest basically the same.
According to this blog, first they hack the user’s email, then their facebook to gather their locational data to use – so they sound convincing and factual to their friends. Gross!