Tag Archives: spoofed

Crime, General Legal, Opinion

Hacked, Cloned, Spoofed and Phished…

Leave a comment

The internet is truly the wild west of modern day society. Social media, electronic communications and instant access have made daily life easier and more painful!

Hacked= use a computer to gain unauthorized access to data in a system.

Cloned=cloning  the process of copying the contents of one computer hard drive to another disk or to an “image” file. 

Spoofed= Spoofing is a type of scam in which a criminal disguises an email address, display name, phone number, text message, or website URL to convince a target that they are interacting with a known, trusted source. Spoofing often involves changing just one letter, number, or symbol of the communication so that it looks valid at a quick glance. For example, you could receive an email that appears to be from Netflix using the fake domain name “netffix.com.”

Phishing= the fraudulent practice of sending emails or other messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.

I have been a victim twice in the last 6-months!

6 months ago my Facebook was hacked. The hacker, from exotic Thailand, began attempting to login multiple times and then managed to change the recovery email to their own. Facebook, clearly confused that I may be in Thailand, allowed my new friend access and allowed them to be me! They immediately sent 100s of friend requests and did mainly other mildly annoying things, but no real damage. Or so I thought…

It turns out what the hacker was doing was buying ads for some dumb game/virus scam. Even after I was able to recover my account I was unaware that my Thai-buddy purchased Facebook ads with my credit!

Facebook sent me a notice of how my ad campaign was going. I advised Facebook that I had no such campaign. Turns out I had 3! One active and 2 in the hopper. I was able to end the current ad and delete the future ads, with minimal actual out of pocket expense to me. When I reported this to Facebook, they stated they reviewed the campaign and it all looked legit so I could not get my money back. Whomp-whomp.

However, I was able to regain control, detach a payment source and ultimately minimize the harm. It wasn’t super easy or straight forward and I felt as if Facebook thought I was up to something as opposed to the Thai-user.

Well, this week, my email account was hacked. This time my friend traveled to Lagos, Nigeria. They began login attempts at 6 in the morning and gained access at 2 in the afternoon. Now why Outlook doesn’t think every attempt to login to my email from Nigeria isn’t suspect is beyond me. A review of “My Activity” shows numerous logins from good ‘ol Madison, Mississippi for years and then a few hours later Nigeria!

Outlook’s assumption? I must be in Nigeria and need access. And I forgot my long-in and password… The Nigerian interloper gained access for a few minutes, sent out 180 emails with an attachment that looked like a Word download of a Bed Bath and Beyond Coupon and I immediately started getting calls, texts, and emails asking “Is this legit?

As I responded as fast I could “No!” The hacker was responding “Yes. Please download.” !!! The hacker then started deleting my sent mail so I could not warn all persons it was sent to. I was finally able to wrestle back my email and changed the credentials to a password no human can ever remember…

This hack made less sense to me, but it turns out they targeted a law firm in the hopes of getting access to the lawyer’s trust/escrow account. They failed. This time.

Just for fun, the Hacker also implemented a “Rule” within my Email that rerouted all incoming messages to a subfolder that was previously never used. It took an expert diagnosis to solve that conundrum and the explanation of why incoming messages were rerouted was so that I would quit responding to persons that it was a scam.

This was also during the Snowapocolpyse of 2024. Perfect timing.

So what are the takeaways? Have some good antivirus software on your computer. Have some good passwords that are hard to guess. Have a recovery email go somewhere that you will have access to it. Get a credit card that is exclusively for online purchases. Get a bank account, again, solely for online activity. This will not prevent any hacking, but it will minimize the damage.

Matthew Thompson is a family law attorney in Mississippi and cautions you to be careful with downloads, uploads and computer users from Thailand and Nigeria.