So the other day, I was working hard, minding my own business when suddenly a Facebook chat message from an old college friend popped up on Adium. I hadn’t talked to this friend since college, so I was a bit surprised when I received his message.
It started ordinary enough, a quick exchange of greetings. But soon I discovered that my friend Luke Le Duc wasn’t doing so well. Turns out he and his wife had been visiting a resort in London and had been mugged. All of their belongings had been stolen, Luke had been slightly injured and the police were unable to apprehend the thieves. He asked if I could send him money to help cover the costs of getting back.
My spidey sense started to tingle; several things didn’t seem right about this. Why wasn’t he contacting family or closer friends? His phrasing was unusual and he made strange grammatical flaws. There was no indication on his wall that he or his wife’s wall that they were traveling which was odd since he was using Facebook to reach out for help. Plus, Luke is a Presbyterian minister, and everyone knows that Presbyterians don’t have fun, especially the kind of fun that involves European resorts.
But I didn’t want to leave a friend in a bad situation, so I told him I’d help but I wanted to verify first. He gave me a number where he could presumably be reached (009447024083642). I tried calling via Skype then on my cell, but it wasn’t going through. He insisted that the number was correct. He was rushing me, which also made it seem even fishier. So I posted a simple message on his wall about how sorry I was that he had gotten mugged. I figured if it really was Luke chatting with me, it wouldn’t hurt to post a message; if it wasn’t, Luke would get notified pretty quickly via email.
Because I couldn’t get the call to go through, I told him that if he sent me a message from the Gmail account listed in his profile, I’d send him the money. (Granted, his Gmail account could have been hacked as well, but I thought both being compromised would be less likely.) The person I was chatting with got upset and implied that I was calling him a liar and disconnected. This set off alarms in my head so I sent a message to Luke’s wife and left a voicemail at the church where he works.
A few minutes later, the hacker came back online. I jumped back in and told him that I had the funds ready to go, but that he had left so quickly I didn’t know how much to send or where to send it. I dangled the carrot by telling him that would send the funds as soon as I received an email from Luke’s gmail account. He told me to send $1500, gave me the Western Union information and assured me he was sending the message:
Name: Luke Leduc
Address: 212 park will hill
City: London , England
Zipcode: SW7 5RN
Country: United Kingdom
Txt Question: who send money
Answer: you
I checked my mail and behold, a message from Luke Le Duc! In the time it took for us to have our conversation, our hacker had registered a Gmail account that was 1 letter off from the one listed in Luke’s Facebook profile and had sent me this message:
Title: I NEED YOUR HELP
Sequel to our help upon which i just wanted to confirm you that i was the one writing you , so go and send us the money now $1500.
Thanks
This was the nail in the coffin, I knew I was dealing with a hacker. So I ended our chat with a bit of grandstanding: “I’ve notified Luke, his wife and the authorities. I’ve also tracked your IP address.” At which point our hacker friend immediately disconnected. I had a brief conversation with Luke later that day and he has since cleaned house and changed all his passwords.
You can read the full transcript of our conversation here.
Moral of the story: Your identity matters, even on Facebook. A hacker only needs one compromised part of your identity to start worming his way into the rest (much like the recent Twitter break-in). Your passwords should be like your underwear: hard to guess, private and changed often.
Updates: Looks like I’m not the only one experiencing this London Mugging Facebook Scam:
- Sky News: Facebook Scam: ‘I’ve Been Mugged In London’
- TechCrunch: Latest Facebook Scam: Phishers Hit Up “Friends” for Cash
- News.com.au: Facebook accounts hacked by scammers seeking money in London
- Darkreading: Facebook Scam: I’m Stranded In London. Send Money!
