A hacker at work

What do you do when you get e-mail from a friend in distress and seeking your help? I got such mail earlier today, purported to be from Durai Swami Krishnan, pleading for financial help to bail him out of trouble in distant Nigeria. Those who are familiar with the NGO scene in Mysore ought to know Dr Durai Krishnan and his work in teaching socially disadvantaged school children. 

As the story went, Dr Krishnan, traveling in aid of a youth- empowerment programme in Africa, got stranded in Lagos after having lost his money, passport and other valuables that he had left behind in a taxi. He needed $2,000 to settle his hotel bill, and another $1,000 to pay for his passage back to Mysore. 

A plausible story, tailored to move friends and also those who know of Dr.Krishnan in Mysore and also his former colleagues in the scientists circle elsewhere. I can’t say I know him well enough to spare the kind of money he sought. But I couldn’t help wondering how he thought of acquaintences like me,instead of those close to him, to address a request so personal. And $3,000 isn’t such a large amount for which one would send out an open mail, indiscriminately, to anyone on your e-mail address book.

However, within a couple of hours, I got another mail, this time from a well-wisher, stating that Dr Krishnan was well and very much in Mysore; and that he wanted this message to be conveyed all round. Dr Krishnan, it appears, had his Yahoo and Gmail accounts hacked by someone who sent out the con message.

Evidently, e-mail conmen known in their trade as 419-scammers have got a lot more inventive since I last wrote about them over three years back (see story: Haven’t you heard from Kabila yet? ). The scam, associated with Nigeria since mid-eighties) is named after Section 419 of the Nigerian Penal Code that pertains to fraudulent schemes.

The 419 Scam, said to have thrived in Nigeria as a cottage industry, has apparently spread to other parts of the world. Anyone anywhere with hacker’s skill and a kinky mind can operate the racket. What’s more, this con trick is getting fine tuned,  to prey on vulnerable niche groups. Not so long ago account holders of banks such as ICICI and HDFC were targeted by scammers seeking access to their online transactions.

Advertisements

4 Responses

  1. GVK, you are high on the hit list for hackers and scammers:-) First ICICI and now this appeal for help. It seems so smart.
    But thanks for letting us know about it. So we could be prewarned if something similar happens.

  2. Of late, The Tamil Tigers are into a number of types of scams to fund their’war effort’. They use blackmail and threats, usually directed at Srilankan Tamil diaspora whose details they have acquired over the years. Their cells have acquired enough software expertise; servers are pinged and browsers are probed and their data base is continually updated adding potential victims’ dossiers. The Tigers are comfortable with Tamil sounding names and surnames. In association with Nigerian brothers they have improved Nigerian scam technique so that it is personalised and customised to the extent that many IT professionals have been duped. The hacking done sounds like them, but it is surprising they acted so quickly and so crudely in asking the receiver to send money. Their ‘modus operandi’ is build dossiers of victims and hit the victims when they think that their operation has a fair chance of success.
    This attempt seems like a dry run or an attempt from a break away cell. The selection of Tamil sounding surname points to their involvement.

    Hundreds of on-line banking customers in Europe, particularly the customers of UK banks have been continuosly ripped off, through phishing and usage of bogus credit and charge cards, and the Tamil Tigers have a large involvement in this venture. They need not hack into any system as some UK banks, building societies and insurance companies have outsourced their customer services to Indian call centres and IT operations to Indian call software houses. Investigations revealed that a few personnel in the call centres and software houses were bought off, details of clients were copied. The milking of victims then became so easy. Some banks and building societies pulled out of the call centres and accounts of customers were changed to minimise the loss. The victims were quietly reimbursed. call centre and IT operations were also quietly discontinued.

    The best expertise in technologies involving the Internet and Computer Systems is found in the well educated cyber criminal gangs in Russia, and it is from here it appears major ID thefts are perpetrated.

    Last year a young man in England used his laptop and with the help of software downloaded from the Internet, hacked into the US Department of Defense computer systems and left a finger print message.

    The old saying ‘protect your money by stuffing it in socks and leave them under the bed’ seems sensible in this Internet age.

  3. This post is very relevant for the times. Guru’s comment is extremely illuminating. It is very important to keep an eagle eye on one’s credit cards and bank accounts.

    Thanks for the illumination, GVK and Guru.

  4. Yes, this is on the rise and will grow exponentially..
    look out for a couple of things though

    1. payment via paypal….this provides a level of anonymity and a process where you cant recall the money sent..

    2. Any link that comes through a mail with dramatic messages like your account is overdue or out of balance etc – check it by hovering your mouse over it. it might say in text citibank.com on the mail. But as you hover your mouse, you will see the real hyperlinked site address which might be something in russia or romania lile dreamwater.ru or something…. dont even touch that link – delete the mail

    3. if your friend lost money in nigeria and has the time , energy and resources to send out a well written email giving his bank details etc where he needs the money, then he can fend for himself, locally…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: