"If I was in the criminal element of stealing information, all I'd have to do is start scanning people on Facebook [or another social media site] and get email addresses," BCSO Investigator Chris Wilson said.
The message is typically the same, Wilson said, but the form of communication can change. In February an Adairsville couple became victims to a similar scam when they believed an acquaintance had been arrested in another state and required money. They sent the cash to someone who they believed was their friend and became suspicious when another call regarding the same person came in requesting money be sent to a different state.
"If you think about all the other scams we have, like the Craigslist scam where all of a sudden you're selling something or inquiring for a job or whatever the case may be and you get a response but in all reality it's being generated in Africa," Wilson said. "Who's to say whoever is stealing your emails isn't in another country?"
Darla McAfee, a Cartersville resident, was a more recent victim of email theft when her account was hacked and a mass email went out to all of her contacts saying she was on a vacation out of the country and needed funds in order to return home.
"I went to bed and forgot to log off my email, which I do quite frequently," McAfee said. "In the middle of the night, I started getting text messages. I tried to ignore it and got up at about 4 a.m. and all these people are going, 'What's wrong?' 'Where are you?' 'What can I do?'"
McAfee's email had been hacked during the night from a scam corporation, possibly in Wales, England. The message that went out to all of her contacts told people that she was out of the country and had been detained in Wales and needed money wired to her immediately. While McAfee was in fact planning a mission trip to Cambodia, she was safe in her Bartow home. However, many of her friends were not aware of her whereabouts.
"A lot of people did realize I had been hacked and said to check my email," McAfee said. "The bad thing is numerous people were at the bank and called me on my cell phone and were fixing to wire me money -- people I hadn't talked to for 20 years. My divorce attorney from 20 years ago had his secretary call and say, 'What's up? Does she need money? We'll help her.' It made you feel good because you realize if you had gotten kidnapped people would have been there to help you."
McAfee quickly tried to log onto her email once the hack was discovered. Yet, when she tried to change her password, all of her security questions had been changed as well, making it impossible for her to prove that she was who she claimed to be.
"I couldn't re-claim my email," McAfee said. "So my niece [who works for a securities firm] had a direct contact for the Internet provider. It can be three weeks before they'll respond [when you click for help]. She got them to re-set my password, they sent it to me and they said to re-set my password and go in and check the options. When I did that, I noticed there was a secondary email listed that wasn't mine for all my emails to forward to. Had I just changed my password and gone back to work as normal, [the scam group] still would have been copied on all my emails because everything was being forwarded to them."
While working on retrieving her email and assuring all of her family and friends that she was safe, McAfee and her niece had copied all emails and exchanges to the Federal Bureau of Investigations. McAfee's niece had responded to the email, asking what she could do to help. The response she received, that used language such as "thank you so much from my tender felt cheerful heart," was forwarded to FBI investigators.
"I didn't know how to get a hold of Yahoo! and they're impossible to get a hold of when you're in a situation like that," McAfee said. "So, what they suggest when you send the help thing, is set you up a new email account. I've had my email account for 20 years. I deal with people from all over the U.S. and they know how to get a hold of me. If I change my email, all of a sudden nobody [knows how to contact me.] You know you get that email, 'I've changed my email, change it in your directory,' we don't ever do it. So when you get ready to hunt that person you can't find them because you don't know what their new email is. Getting them to re-set it and letting me capture back was an absolute nightmare."
When it comes to protection, Wilson suggests listing emails as password protected.
"You can change passwords often," Wilson said, "but if I clicked on it and said, 'forgot my password,' what does it allow you to do? You just have to answer a couple of questions sometimes, sometimes you don't, it depends on the site. Some of them say, 'enter new password and confirm new password' and voila, it's changed. Some of them, like the banks, you have to answer a security question."
Tips from www.ehow.com on how to protect emails include:
* Choose a complex password that includes both upper and lower case letters, numbers and special characters such as the percent or dollar sign.
* Change passwords regularly.
* Run anti-virus software that can recognize unusual activity.
* Use an anti-keylogger program. This type of software, which can be downloaded for free, records what it typed on a personal computer. Anti-keylogging software, like anti-virus software, recognizes hacking activity and prevents it from occurring.
Popular email sites such as Gmail and Yahoo! offer their own tips on how to protect emails from phishing scams as well as tips on what to do if an email is hacked. Gmail says they will launch an investigation to determine if an email has in fact been hacked and they will re-set the email within two business days. Contact must be made with the host through their online contact form.
Yahoo! offers a free sign-in seal that can be viewed on the user's home computer only. The seal is designed to be present on the real Yahoo! site only, alerting people to fake sites.
"The thing that really bothered me was they had gone into [my email] and not only changed my password, but [they] set up their email so that it bypassed mine," McAfee said. "Every time people responded to it they would think they were responding to me but they were responding to a third email. They came into my account and changed it and changed my security questions so I didn't have the authorization to go in and fix it.
"Had my mother gotten that and thought I was kidnapped in Wales, she would have had a heart attack. It was horrendous."