This isn’t a new scam, but it seems to be getting some play lately, so I thought I’d clue you in on it. Back in January 2007, the FBI published a story with the headline “ONLINE EXTORTION E-Mail Scam Includes Hit-Man Threat”. In it, an online extortion scheme is exposed and some advice is given on how to react if someone tries to pull this one on you. I’m going to extensively quote this part of the story, because it shows very plainly how this scam can incorporate information from social networking sites to make the victim think the scam is real.
In one case, a recipient responded that he wanted to be left alone and threatened to call authorities. The scammer, who was demanding an advance payment of $20,000, e-mailed back and reiterated the threat, this time with some personal details about the recipient—his work address, marital status, and daughter’s full name. Then an ultimatum:
“TELL ME NOW ARE YOU READY TO DO WHAT I SAID OR DO YOU WANT ME TO PROCEED WITH MY JOB? ANSWER YES/NO AND DON’T ASK ANY QUESTIONS!!!”
Bill Shore, a special agent who supervises the computer crime squad in the FBI’s Pittsburgh field office, said recipients should not be overly spooked when scammers incorporate their intended victims’ personal details in their schemes.
“Personal information is widely available,” he said. “Even if a person does not use the Internet or own a computer, they could still be the victim of a computer crime such as identity theft…
… The new extortion e-mails vary in style and content and generally contain misspellings and some broken English. But the underlying message appears to be the same: pay the sender or risk the alternative. A scam e-mail in December said as much:
“I have followed you closely for one week and three days now … Do not contact the police or F.B.I. or try to send a copy of this to them, because if you do I will know, and might be pushed to do what I have being (sic) paid to do.”
IC3 recently noted a new twist in the scam. Now e-mails are surfacing that claim to be from the FBI in London and inform recipients that an arrest was made in the case. The e-mail says the recipient’s information was found on the suspect and that they should reply to help further the investigation. This, too, is a scam. ”
Most of us are members of at least one social networking site. I have accounts at LinkedIn, MySpace, Facebook, Twitter, and MyBlogLog, just to name a few. Each of these is a network, and every network contains certain detailed information about me. Someone with devious purposes could try to use that information against me at any time.
This is not to say that I plan to close out my accounts with all my social networking sites, or recommend that to you. At this point, it seems like I wouldn’t get by without some of them. Your situation is probably similar. Some of those sites are important to me, being if not the only means of communication, at least the easiest that I have with some people. Even close friends.
So that’s not what I’m saying. I’m just reminding you that nearly anyone can grab all kinds of personally identifying information from many social networking sites. And with that info, they can try to manipulate you or harm you in some way. There’s really no hard and fast advice to follow, except this. Be diligent. Be awake. Know that the threats are there. If someone sends you a questionable email, copy and paste a snippet of it into Google and see if anybody else has gotten it. You can learn alot by searching a little. What you do with that is your business.
I am Jon… or am I?