DaZZa wrote:
On Sat, Jul 2, 2011 at 7:38 PM, Michael Chesterton
<[email protected]> wrote:
On Sat, Jul 2, 2011 at 3:17 PM, DaZZa <[email protected]> wrote:
My suggestion is to fill this form out ASAP. Any of your online accounts
that use [email protected] could reset your password at will.
<http://www.google.com/support/accounts/bin/request.py?ara=1>
Done that.
Twice.
Unfortunately, the b****rd who hacked the account changes all the
password recovery questions - which means I am S.O.L - Google says "We
can't verify who you are" - Christ, it's been 10 years since I started
using Gmail, how am I supposed to remember the date? Or the invite
time and date?
I thought when you (or someone else) changes your recovery email address,
you get sent an email to the old recovery address and can undo the changes
from there?
Apparently, not if you're Google. All you need to do is compromise
someone's Gmail account, and you can change their recovery settings
for *all* their Google services without any additional intervention.
Interestingly, the message I'm replying to was flagged as forged by gmail, I
found it in my spam bin.
I didn't notice that - I know it had a dud "reply-to" header on it,
but it appeared to come genuinely from Gmail for the ones my wife got.
I'm on Darren's address book, so I got the scam request for cash from
his account. It looked perfectly genuine at first although the return
address was dagibbs@Ymail instead of gmail.
I started a fun conversation with the scammers (8 emails so far), who
gave me an address to send the cash (Western Union). I've tried
desperately to get some official response. Nada, nothing, zero.
abuse@google and abuse@yahoo replied with form responses directing me to
web forms, which were complicated and confusing. I've dutifully
completed the Google webform, but haven't got any response - not even an
automated one.
When I rang the police the operator wasn't sure, but thought that their
internet crime unit only works 9-5 monday to friday, but they would take
my details. I haven't heard back. The operator seemed to think that
there was a lot of it going on. I pointed out that there is a lot of
speeding going on too, but I still get booked if I speed. Somehow the
point didn't seem to sink in.
I rang Western Union (since they are the funnel for the scam). They gave
me an email address for frauds <[email protected]> so I sent all
the details including the western union branch in London that I was
supposed to send cash to. So far I have received nothing back, not even
an automated response.
I'm getting the impression that authorities think that internet crime is
not "real" crime and it's a bit too hard. With some simple co-operation
these guys could easily have been nabbed. You can be sure it's not the
only time they've done it.
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
