2012年6月7日 星期四

與騙徒交手記

日前又接到一封來自朋友的Yahoo帳戶的電郵,不是「疑似」,可以肯定是詐騙: 

Hello, 
I'm sorry I didn't inform you about my traveling ,My family and i came down to Madrid Spain for a short holiday unfortunately  we got mugged at the gun point last night at the park of the hotel where we lodged.All cash,credit cards and cell phone were stolen. we've been to the embassy and the Police here but they're not helping the issues at all,Our flight leaves today and I'm having problem  settling the hotel bills.
The hotel manager won't let us leave until  the hotel bills is settle (2,500 USD)now am freaked out.Please reply and let me know if can you have the money wire to me through Western Union we promise to pay back as soon as we get back home.
XXX
這個XXX是與我同住布里斯本的華人朋友,已經幾年沒見過面。英文寫得很爛,也看得出不是香港人的文筆;用字方面,在澳洲人人叫手機做Mobile Phone,沒有人跟美國佬叫 Cell Phone的。

我相信是他的電郵信箱給人Hack了進去,按著通訊錄漁翁撒網的發出詐騙訊息。要斷定這些電郵是否詐騙有辦法,你抄其中一句Google一下,就會找到很多網友的詐騙報告。

於是我附了信件原文,發出回覆:

Dear XXX,

I believe your email account has been hacked and used to send out scams.

You may wish to change your password immediately.
只是5分鐘後,對方竟然回覆----可見騙徒是整天守株待兔,時刻留意有沒有人上釣,馬上跟進:


This is for real, We are doing everything possible to get ourself back home peacefully.. We have been to the police to report the matter but they said we should wait for 2 weeks for proper investigation and we can't wait for that because am freaked out here. The consulate are helping me out with our return ticket but i need 2,500 USD to sort out our hotel bills , I will pay back once we get home, Our flight back home is leaving soon. 
We really hope on you.
......................................

Home?不說Brisbane或Australia,Home在哪裡都講不出,還想玩下去,好,我轉寄到朋友的辦公室電郵信箱,再這樣答:
Dear XXX,

So it is real. Sorry to hear about that.
I have informed the Deapartment under Queensland Government where you are working for.
I am sure they will arrange your rescue.
................
又是幾分鐘後,騙徒現身了。如果真是我的朋友XXX,知道是我搭手處理,不與我敘舊幾句多謝我一下,連我的名字也懶得稱呼,還不是 Copy and Paste 範本的產品!
........................
I'm so glad to hear back from you. 2,500 USD will cover all our expenses including our taxi fee to the airport, we promise to refund it to you as soon as we arrive home. You can wire it to my name via a western union agent near you for security reasons cos the name written below is whats on my passport and that can be a mode of identification to pick up the cash at a western union down the road here (faster and more secured).

Here are the details you need to get it to us:

Name -XXX
Address: Plaza de Santa Ana 14, 28012 Madrid, Spain
I still have my passport so I can use it as identification, email me the transfer details and the confirmation number.
Thanks....  I would want you to take this as a life saving Moment i will never forget.
................
正 PK!

回想一下,我最初發電郵警告我的朋友實在是多餘,因為騙徒撞入了他的電郵戶口之後,隨時可以更改登入密碼,之後只有他們可以登入使用,連戶主都使用不到自己的郵箱的。

晚上,終於打通了朋友的手機,知道他人在澳洲安然無恙。他說已經接到其他朋友通知,整天都在處理這事。估計應該是騙徒Hack進了Yahoo的Server,騎劫了他的戶口,到現在還未能打開自己的郵箱。

.....................

22 則留言:

  1. 如果想將其繩之以法,何否向西班牙報警,現後假意匯款(匯$10)等西班牙警方在那邊的western union部署捉人?(問題係以西班牙警察工作態度同效率會否處理)

    回覆刪除
  2. 要出到Interpol,大陣仗矣。

    回覆刪除
  3. Chris兄,

    你都夠得閒喇。呢啲 PK 都唔需理佢。

    第一,佢係乜水,連自己個名都講唔出,第二,佢稱呼你都無一聲,就咁好似發鱔告,願者上釣,第三,佢啲家人死哂,如果唔係為乜攪到朋友,第四,酒店唔找數米入冊囉,同酒店方面鬥拚爛,況且有護照米叫領事理。

    呢條友俾過所謂地址,將佢放哂上網通哂佢天,然後叫西班牙警方處理。

    係喇,Chris兄有無再發email用星星月亮太陽鬧呢啲 PK,等佢唔好以為咁好玩。

    回覆刪除
  4. I have received the same identical messages as yours last year.

    回覆刪除
  5. 有空的話不妨跟騙徒耍樂一下~

    回覆刪除
  6. 我都試過一兩次,而且次次都係吖呼,係同一個戶口,重隔咗一兩年添。

    回覆刪除
    回覆
    1. yahoo似乎弱D。

      刪除
    2. YAHOO係有心唔隔的...傳聞係方便CIA揀蟀,[邀請]黑客精英入其部門幫手攻擊別國(亞洲某國為主)系統之用。

      刪除
    3. 真是匪夷所思了。

      刪除
  7. 你回覆他, 小心他會連你的email account 也hack, 因為所有往來的email 除了內容外, 有你的隱藏資料。

    回覆刪除
  8. 戶口被HACK, 一是和PASSWORD有關, 又或是和secure question有關.
    另外是站對password保存的保安方法.
    password一係用了一些平常人常用的配搭, 如自己名, 戶口名, 自己出生日期, 電話之類,
    由於這些資料可以在登記時取得入了DB, 就算爆入DB取不了password data, 只要有這些個人資料在手,
    就能硬試, hack入account.

    另外, 現時不少網站有secure question, 用來防止萬一忘了password後可登入改password,
    這是保安上一大漏洞來的, 因為HACKER不需要任何PASSWORD登入, 只需扮忘記password, 去試答secure question, 而這些問題, 多是問阿媽是什麼名, 什麼學校畢業, 隻猫或隻狗叫什麼名等.
    這些答案, 一定是能由字典上找到的, 所以比硬試password更易入侵.
    這類問題的答案, 一定要大細階加數字, 答案愈像PASSWORD愈安全......
    所以secure question是無用的.

    另外, 有些人很喜歡一password(或來來去去2至3個)和username走天涯, 不論password有多長, 只要其中一個網站的password保存的保安方法是plain text(大陸網站9成9都是plain text), 就會很大鑊.

    基本上, 網站存USER的PASSWORD, 都會用one way HASH的方法,不會存Plain Text,
    但有很多新手, 又或公司貪平找無經驗公司架站, 又不重視保安的話, 那些站的password就會用Plain Text存入DB. 只要DB被爆, 由於登記時會入EMAIL, 而USER又一PASSWORD走天涯的話, 那EMAIL ACCOUNT, 就很自然的會被HACK了.

    回覆刪除
    回覆
    1. 聽君一席話,勝讀十年書。

      刪除
  9. Raymond上午9:39

    小弟日前也收到類似的電郵,知道絕不可能,立即刪除!

    回覆刪除
  10. 無聊題外話﹕這篇電郵的英文真的很爛嗎?

    我是spot 到數處 grammatical mistakes, 和它好似不懂用 full stop..除此以外,我覺得它行文、用字都頗流暢及地道(真的覺得..哈),難道我的要求過低嗎?

    回覆刪除
    回覆
    1. 大細寫字母亂來,很多tense的錯誤。

      刪除
  11. 我在公司也收到這朋的電郵,一看就知是「Scam」,亦無須深究內容文理就知是假嘢,因為遇到這種情况定必直接用電話聯絡自己的至親,為何尚要電郵給這麼多其他朋友要求援手,况且有些朋友只是泛泛之交,會否幫忙尚是疑問。

    回覆刪除
  12. 套句強國話,認真你就輸了。

    回覆刪除