ICFE eNEWS #14-10 - July 10th 2014
I've Been Hacked! What Now?
By Jim Garnett, a/k/a Ask Mr.G, a member of the ICFE's Board
of Educational Advisors
Last week it happened to me big time - I got hacked AGAIN! My
email account, "email@example.com," was
hacked, and a letter asking for funds with my name signed at the
bottom was sent to all my contacts. Here's the email:
I really don't want to disturb you about this but
I had no one else to turn to. I'm in Instabul (sic), Turkey to
see my cousin who's here undergoing treatments. she's critically
ill and needs family support. She is diagnosed with (Acute
Lymphoblastic Leukemia) - a type of Blood Cancer in 2011 and she
had been undergoing treatment since. The chemotherapy treatment
was going fine until last week when the doctor noticed that the
disease has relapsed and the only way she can survive is by
undergoing a BMT (Bone Marrow Transplantation). My sister whose
marrow matched she has agreed to be the donor and she will be
undergoing the transplant soon. I have already spent a lot
towards her treatment since i arrived here. Since the amount is
huge, I request you to lend out a helping hand and support me
with a loan of $3000 Since I don't know your financial status at
the moment, any kind of help whatsoever will be deeply
appreciated. Your help and support will give her a chance to
live a normal life once again. There is nothing called a small
help when the heart giving it is big. Any amount will be
accepted with gratitude and paid back after the surgery. Please
let me know how much you can loan me so that i can provide you
with the details to get the money to me and, I will pay back as
soon as I return.
email contained misspelled words, "strained" English phrases
like "my sister she" and "when the heart giving it is big," and
the return email address was one letter different than mine - "firstname.lastname@example.org."
The other two times this account was hacked, I sent an
explanation email to all my contacts, but this time my contacts
had disappeared, so, there was no way to notify anyone of what
had occurred. Two days later I found all my contacts in the
"Deleted" box and "Restored" them.
I immediately started
receiving emails and phone calls from friends and family who
knew it was a hoax. Here's a couple of interesting ones: "I just
saw you 2 hours ago, so I know you are not in Turkey!"...."If
this hacker only needs $3000 for this surgery, he must have
better health insurance than I do!"...."You taught me not to
send money overseas through the Internet - so I know it's not
you." I jokingly told some of these people to just send any
donations to my home address in Ankeny!
But I also
received responses from people who, out of compassion for me,
were taking this email request much more seriously. They
attributed the "strained" English to me being under duress, and
they saw that it had my name at the bottom. Their compassionate
response of wanting to help me was very much appreciated but a
reason for great concern. I do not want someone to lose money
because my email account was hacked.
I have read that
Yahoo and Gmail are equally secure, but my Yahoo accounts have
all been hacked, some once, some three times. while the Gmail
accounts have never been hacked. This is not to say they could
not be hacked tomorrow, so time will tell if this was a good
move. So, instead of following the "what to do after you are
hacked" advice again, I left my Yahoo accounts open, but made
them less attractive and less effective to hackers. How did I do
that? I transferred my contacts (the people who get the hacker's
emails) from the accounts.
These are the steps I took:
"Exported" my Yahoo contacts to a .csv (comma separated values)
then "Imported" these contacts into a corresponding Gmail
account. That way, I still have all the emails but they are kept
in a Gmail, not Yahoo, email account.
then "deleted" the contacts in the Yahoo account. Since there
are now no contacts in Yahoo account, there is no one to whom
emails can be sent.
changed all the passwords and used upper case, lower case,
numbers, and symbols like before. Did you know that in 2013, the
password "123456" replaced the word "password" as the most often
used password on the Internet? I think we could be more creative
than that! There is an abundance of information about selecting
passwords just waiting to be "Googled."
Why didn't I just
did not close the Yahoo accounts, and go with only Gmail
accounts? Because I have a lot of publicity "out there" that
uses the "email@example.com" in the
I also pursued the matter with an
investigator in the Consumer Protection Division of the Iowa
Attorneys' General Office. He said these overseas hackers are
impossible to catch and there is no reason to try.
learn anything from being hacked this time? Only that the reason
hackers hack is because there is some level of success in their
efforts. If only one person sent money for "my cousin's
surgery," it was worth the time spent hacking.
were a recipient of one of my hacked emails from "firstname.lastname@example.org"
please forgive me for any inconvenience it may have caused you.
I've taken steps to keep it from happening again, but these
hackers are extremely bright people! It's too bad they can't do
something more constructive with their "brightness."
Jim Garnett. The information on this site should be understood
to be a general discussion of the subject matter and DOES NOT
constitute a legal opinion about the situation. For further
information please consult a qualified attorney.
© Jim Garnett, The Debt Doctor
AskMrG Consulting, LLC
2216 SW 35th Street
Ankeny, IA 50023
eNEWS is available FREE upon request by visiting our Web site and
filling out the
contact form, with the words "eNews request" included in the
comments field. Please pass this eNEWS on to your peers and interested
others and invite them to subscribe for free.
Paul S. Richard
President - Executive Director
Institute of Consumer
Financial Education (ICFE)
About the ICFE:
The Institute of Consumer Financial Education (ICFE) was founded in 1982 by the late Loren Dunton (creator of the Certified Financial Planner (CFP) designation). The ICFE is dedicated to helping consumers of all ages to improve their spending, increase savings and use credit more wisely.
The ICFE is an award winning, nonprofit, consumer education organization that has helped millions of people through its education programs and Resources. It publishes the Do-It-Yourself Credit File correction Guide, which is updated annually. The ICFE has distributed over one million Credit/Debit Card Warning Labels and Credit/Debit Card Sleeves world wide.
The ICFE became an official partner with the Department of Defense/Financial Readiness Campaign in June of 2004.The ICFE was an active partner in the California Student Debt Resource Awareness Project (CASDRAP) which resulted in a new web site: (studentdebthelp.org). CASDRAP disbanded in 2010, shortly after the web site project was completed. In 2011 the ICFE assumed the single sponsorship of the (studentdebthelp.org) web site and is now responsible for its content and operation.
The ICFE is also an on-line help for consumers who spend too much. ICFE's spending help was featured in PARADE Magazine in the Intelligence Report section. The money helps and tips are from the ICFE's Money Instruction Book, our course in personal finance.
Visit the ICFE's other web sites at: www.financial-education-icfe.org and studentdebthelp.org. Both sites helps consumers and students with mending spending, learning about the proper use of credit, budget and expense guidelines, how to set up and implement a spending-plan and also how to access financial education courses and how to teach children about money. Other ICFE services include: Ask Mr. G, a free eNews, and an online resource center for students, parents and educators, plus financial education learning tools and a book store.