Uhland D. Roberts was just fine.
He was in his office at Brentwood Publishing in Columbus, reconnecting with some old friends.
“You’re the fourth,” he said, explaining he’d got inquiries about his well being from three others that day, one of them a local judge.
So he was not in Manilla, in the Philippines. And he had not been beaten and robbed. And he didn’t need money immediately to pay a hotel that was holding his luggage until his paid his bill, and his flight was not about to depart.
He just had one problem:
Someone had hacked his email account, and sent this out to his contacts:
“I am stranded here in Manila, Philippines since last night. I was beaten and robbed on my way to the hotel I stayed and my luggage is still in custody of the hotel management pending when I make payment on outstanding bills I owe. My return flight will be leaving soon, please let me know if I can count on you. Please help if you can.”
“I’m not in the Philippines. I’m doing fine,” he said Tuesday, the day friends started calling his office to ask whether he was overseas. “I’ve been hacked…. Something happened today. It got breached.”
He is not alone in that predicament. Columbus police Maj. Gil Slouchick said it happens all the time. He has received the same message – from his kids. If he didn’t already know it was a scam, he’d tempted to ask what they’re doing in Bangladesh or wherever they got robbed this time.
The scheme is based on volume: Hack an email account and send pleas for rescue to all its contacts, and maybe two or three will fall for it, and wire money to the conman. Hack a hundred email accounts, and it adds up.
No one ever gets the money back, because unlike the victim whose account was hacked, the scammers are, in fact, overseas, in another country, and no one’s going there to find them.
The first tip for folks who find out from friends that they’ve reportedly been beaten and robbed in another country and need money right away is this:
Change the email password, else the hacker will just keep on using it, and may find other useful data in the account, such as banking or personal identification information. If any of that information is accessible through the email account, then the person hacked had better change other passwords, too, and check financial accounts for other fraud.
New passwords should be nothing like the old ones, and include numbers or other symbols besides letters.
Victims also are advised to tell their friends they’re OK and don’t need money.
They should check their email account settings, as hackers may set up automatic message forwarding to continue the information theft.
And they’ll want to make sure no spyware was installed during the hacking, so they’ll need to give their computers a security scan.
In a recent survey of 1,000 Americans by the online security company Ooma.com, 31 percent said their Internet network, e-mail, or computer had been hacked or otherwise compromised, and 54 percent said they had visited a website that gave their computer a virus.
Twenty-two percent said they would like their computers or other devices with Internet access protected from such intrusions.
The message that said it came from Roberts in the Philippines is so ubiquitous that the Ledger-Enquirer’s security system flagged it, warning it contained language commonly used in scams, and providing a automatic prompt to click on to report it.
Roberts said he was going to get his email unhacked, once he got finished catching up with the people calling to check on him.