Dear Mighty Portal

Dear Portal (like Yahoo and other web based e-mail providers):

Recently on one of my junk* e-mail accounts I received an e-mail from a friend that told a well-woven tale of woe.   The gist of it was she was traveling abroad, was mugged, lost all her money, communication devices, identification, and was in desperate need of help ($$$) to return to her native land.  This superbly crafted literary tragedy appeared to come from my friend’s e-mail account (at your portal) with all the fixings to make it look legitimate.  It turns out someone hacked (cracked) my friend’s account on your portal, looked through their e-mails for a writing style, and then sent out these fictitious little goodies.

Should I blame you that my friend’s e-mail account was hacked?  Maybe.  I’m sure she had a password that was easy to crack and she never changed it.   Still, did you insist she have a more complex password and that she change it regularly?  Maybe it was an e-mail she received that made it look like it was from your portal, which sent her to a fake site where she entered her password?  Who knows?  I suppose that’s the reason for the image/challenge question idea that I see popping up here and there.

Anyway, although the e-mail was very suspicious, and although I’m fairly computer savvy, I replied to the e-mail (no money – just sincere wishes for a good outcome).  Who knows what would have transpired should I have had some way of helping?  I’d like to think I would have figured out that it was a scam as it went along.  And lest you think, no harm no foul, I beg to differ.  This caused me a great deal of emotional distress (no not the suing kind) as I was very worried for my friend.

My friend never answered me, so I e-mailed her directly and she recounted the hacking story.  I then went back to the original e-mail and looked it over thoroughly.  Yes, it came from her account – well, you said it was genuine in the headers.  Yes, it used her e-mail signature, and language comparable to hers, but the reply-to address was slightly different.  When looked at closely an ‘m’ in her e-mail address was replaced ‘rn – r n (R N – shown here in upper case for clarity).’  I’ve seen this trick before, and knew to look for it, but it never occurred to me that my friend’s e-mail account would be hacked and used in this manner.

To my point, please dear Portal, ye who were once mighty and powerful, please advise people when the reply-to address is different than the sending/received-from address.  If I had been advised of that, I would have known something was definitely wrong.  You know, it’s called Phishing.


A Concerned Web Browser (not to be confused with Internet Explorer, Opera, Firefox, or Safari)

*I call it junk because I get lots of junk mail there and give it out first where ever possible

This entry was posted in Computer Stuff and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Enter Captcha Here : *

Reload Image