Just writing to let you know our trip to West Midlands,UK has been a
mess. We were having a great time until last night when we got mugged
and lost all our cash,credit card cell phone.It has been a scary
experience, I was hit at the back of my neck with a pistol. Anyway,I'm
still alive and that's what's important. I'm financially strapped
right now and need your help.As we speak i need $1,500 to add up and
sort my bills,don't worry i will def refund it as soon as we get
home,the fastest and safest means you can get money to me is via
western union, Here's my info:
City:- West Midlands, CV4 9PL
Amount : $1,500
As soon as it is done, kindly get back to me with the confirmation
number. As soon as it is done, kindly get back to me with the
confirmation number. Let me know if you are heading to the WU outlet
I await your positive response.
Thanks and Regards
To those unaware, this is most likely a scam, I believe Chris is
actually in Beijing and not in the UK. His account was likely hacked
and used to send these messages to his contacts.
> You received this message because you are subscribed to the Google Groups "mxug" group.
> To post to this group, send an email to mx...@googlegroups.com.
> To unsubscribe from this group, send email to mxug+uns...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/mxug?hl=en-GB.
Yep, my accounts got hacked.
They got gmail and Facebook, and set up email forwarding and a
different reply-to address. Also, they sent followup messages to
friends who replied. On Facebook there were chat messages to online
friends. Apparently they spoke good German, okay English and fluent
Russian. Some uncooperative friends were blocked.
I was able to log in, close other sessions (one from Nigeria), change
my password and put back normal forwarding and reply-to settings. So
that should be it.
I suspect they got my passwords from some PC I used in the past.
Particularly because on Mac I use Little Snitch to allow or deny
Usually this is done by listening on the traffic of an free wifi
network that doesn't have client separation enabled.
As most sites don't use SSL for user sessions, your cookies travel in
plain text for all devices on the same network to see.
With only your cookies in their possession, they couldn't change your
passwords as that operation usually requires reauthentication.