 You don't need to be an 'investor' to invest in Singletrack: 6 days left: 95% of target - Find out more
Mrs Stoner's google account was compromised this afternoon. And the normally reasonably intelligent Mrs Stoner very nearly fell for a scam as a result.
Mid afternoon I had sent her two Google Chat messages. Only the first of which she responded to.
Sometime later I got an email alert saying she had set up a new Western Union account (She had BTW - I got an alert because she used an email address that we would have used for such a thing), I got on the Chat box and asked her why, and she said it was because I had asked her to, and then had told her to send a payment via the new western union account!
I calmly and gently* pointed out that that is not something I am likely to do. And especially not to Mr Oolanguo of Lagos, Nigeria. Fortunately she didnt get quite as far as making a transfer before I stopped her. FFS.
It appears that around the time I Chat msgd her, someone got hold of her google credentials, and added a new Chat contact to her contacts with my name, using my google+ profile image, but from a random gmail address.
They then started off a chat with her, using the last message I sent her. Mrs S then though that she was still chatting to me, my name appeared on the chat box header, my profile pic appeared in the chat profile when hovered over - only the email address was incorrect. She didnt spot that.
As you can imagine, the chat then went along with "me" imploring her to send some money via WU to a "client".
A quick look through the devices section on her google account and some lovely chap in Kuala Lumpur appears to have been logged into her account this afternoon. Not any more, obviously as I quickly changed her google password. Ive run various spywayre/malaware apps on the big W7 machine here at home, and nothing showing.
Part of me is wondering if the credentials could have been extracted from sniffing the chat client ports at her office? Anyone have any ideas?
* may or may not be quite as she recalls it later over a debrief...
Hasn't she got two-stage authentication enabled ? I'd be impressed if that was enabled and they still got access.
no. good point, might be safer all round...
Get it enabled. Where it's available (google, paypal) then I go for it.
cheers, just done it for mine, will do it for her account in a bit
We had something similar recently when somebody hacked the mail account of my customer in Uganda then intercepted a proforma invoice we sent the customer, deleting it and re-sending it from a slightly different email address, with our bank details removed and a Barclays account in Peckham substituted in the hope my customer would pay to the wrong account.
Luckily my Ugandan customer is on the ball and she phoned me to ask if we have a new account at Barclays. However a customer in Sudan fell for the same trick and sent $30,000, which went to an account in China. Too late they phoned me to check.
I've reported it to Barclays and they couldn't have been less interested.
Isn't it more likely that she's been phished on some website which made it look like she was validating something with her google account
possibly, but I cant think of something that she'd fall for.
Or created an account on another website with her google address and the same password?
nah, we have a specific method of creating new accounts at online sites that prevents spoofing or phishing.