Scammers wreak havoc with rabbi’s e-mail
Rabbi Lisa Malik thanked her husband, brother-in-law, and Temple Beth Ahm’s president for their post-hacking help.
January 14, 2014
A Monmouth rabbi was the victim of a common e-mail scam, when unidentified hackers sent an e-mail in her name saying she had been held up abroad and needed an emergency loan.
The fake e-mail, sent Dec. 18 and identifying the sender as Rabbi Lisa Malik of Temple Beth Ahm in Aberdeen, alarmed hundreds of recipients in Monmouth County and beyond and wreaked havoc with Malik’s Gmail account.
“I was on the New Jersey Turnpike when I heard my text message alert sound multiple times,” Malik told NJJN. “I didn’t read those texts while driving, but it turns out that they were all alerts about the e-mail scam. Since I had a headset attached to my phone, I answered a call that was from the president of my shul, followed shortly thereafter by a call from my husband, both alerting me to the scam. Many people called the shul as well.”
The scam has been in circulation since at earliest 2011, according to various consumer protection websites. The e-mails claim that the senders are on vacation abroad and were held up by a “gang of thugs” who threatened them with “a knife poking my neck for almost two minutes.” The messages state that cash, credit cards, and cell phones all were taken and end with a plea for “a quick loan of 1800.”
The message sent in Malik’s name is nearly identical to scam letters identified by the consumer protection sites, although this one claimed the sender was vacationing in Ukraine.
“The farthest place I traveled in December was Newton, Mass.,” Malik told NJJN in an e-mail exchange.
Malik said the bogus message was sent to everyone on her e-mail list, including her congregation’s list serve. “It looked like an e-mail from me to the entire congregation, and it seemed to come from my Gmail address,” she said. The e-mail routed all replies to a new account that the hacker had set up on Yahoo. “I have no idea how many people, if any, responded to that e-mail or agreed to send $1,800 as requested by the hacker,” Malik said.
The hackers also set up Malik’s e-mail account so that all messages sent to her Gmail address went into the trash instead of the inbox, and deleted all her Google contacts.
The rabbi credits Beth Ahm’s president, Stu Abraham, with helping her to begin unraveling the situation. “As soon as he knew what had happened, he advised me to change the password on my Google account,” she said.
Malik said her brother-in-law Jason, who works for Google, helped restore her contacts. “My husband, Cantor Adi Wyner, gets most of the credit for figuring out what damage was done,” she added. “Not only is he a wonderful husband and father, as well as a talented singer, statistician, and professor, but he also happens to be a computer whiz!”
Malik said her brother-in-law and husband offered the best suggestions on how to avoid a similar con. “Jason said that no one should ever log on to Gmail (or any other personal account) on a public computer. In a public space, it is very easy for someone to look over your shoulder and figure out your password,” she said.
Wyner suggested that passwords should include numbers or other symbols, as well as a mix of upper and lower case letters — something easy enough to remember but challenging for someone else to figure out by just watching keys being tapped on a keyboard.
Beware the ‘Vacationing Friends’ scam
HERE ARE SOME tips to avoid being taken advantage of by a fake emergency:
• Check out the story before sending any money. Try to directly contact the family member or friend, at a phone number you know is accurate, to verify the situation.
• Remember some imposters research the people they are pretending to be and can answer basic questions about them.
• Never give out your Social Security, bank, or credit card numbers to any caller — regardless of the reason.
• Establish a “safe word” or “code word” with your family members and close friends for use in a real emergency.
• When contact is made by e-mail, be suspicious of messages that include poor grammar, spelling errors, and incorrect punctuation.
— Source: Wisconsin Bureau of Consumer Protection