Armed with just a computer and bits of personal information, a cyber criminal walks away with the cash
There I sat drinking coffee at my kitchen table at around 8 a.m. on Martin Luther King Day, reading the paper and checking email, when suddenly the words – “How are you?” – flashed across my screen: an IM from Eileen, someone I’ve known for years and, like me, still an AOL user; hence, on my “buddy list.” Not that odd, I thought. Hadn’t she said hello this way once before? “Great weekend. How are things with you?” I pinged back.
Eileen: “Not so good. We were held up last night at gun point in London.”
Me: “OMG Are U okay?”
Eileen: “Yes, but they took our credit cards, cell phone, everything except our passports.”
Me: “Who’s with you? Anything I can do?”
Eileen: “I’m with Craig [her husband] We need to pay the hotel bill and catch a flight out of here. Could we borrow $1,000? I’ll pay you back as soon as we return.”
Now I’ve seen my share of telemarketer frauds promising free gifts and prizes. I’ve deleted emails from courtly Nigerian businessmen asking for help in moving large sums out of their country in exchange for hassle-free profits. I’ve read what Rutgers' Office of Information Technology has to say about hackers ransacking computer networks for Social Security numbers, home addresses, and banking information. But it never occurred to me that the person contacting me wasn't Eileen. After all, she had used her husband’s name. I knew this couple, both in the medical profession. They were people I could trust and would, of course, help, which for the next hour I proceeded to do.
Click here to read what cyber crime experts had to say at a recent Rutgers symposium.
Eileen suggested I check out Western Union to see if I could transfer funds to a branch near their Leicester Square hotel. The website told me I could use my credit card to send funds in Eileen’s name to a Western Union agency, which she could collect with a money transfer number and photo ID. Simple enough.
Taking out my Visa card, I tried the online transfer. No luck. Next I called an 800 number and spoke with several Western Union reps, none of whom could approve the transfer because of problems verifying my identification. Each time I explained my poor friends’ plight, but not one of these folks commented on the story or warned me of a potential scam. Still back and forth with Eileen, she told me to check the phone book for a local Western Union agent, and, sure enough, there were several – one, at a shop in town just three blocks away.
Reluctantly, I changed out of my PJs and drove to the stationery store, where they said I could send money with my debit card for a $68 transfer fee. Within five minutes, I had wired $1,000 to London and rushed back home to give Eileen the tracking number. With that and her passport, the money would be hers.
“Thank you!” she pinged. “Will pick up and pay bill. BRB.”
I felt like a mensch. What a great community we live in!
But within 20 minutes an IM appears: “U there?”
“Yes,” I replied. “Success?”
“It wasn’t enough,” came the response. “Could you wire a little more?”
My stomach lurched. “What the x#xo#x*!x?
I dialed Eileen’s number and reached voice mail, and then called her neighbor.
“Thea, are Eileen and Craig in London?”
“Not that I know of,” she replied. “I ran into them at Indigo Smoke the other night.”
Then I grilled Eileen through IM:
“What’s my husband’s name? Your neighbors’ names?”
Silence.
Me: “You need to tell me right now.” Eileen: “Why are you asking me these questions? I’m really stressed out ...”
Frantically, I dialed Western Union. I asked to cancel the wire, but it was too late. The money had been picked up. Where?
We can’t give out that information, the rep said. You have to contact your local police.
“The police in Maplewood New Jersey? That’s ridiculous,” I declared.
My next move was to call one of my best friends in London, who was on the case right away. She contacted the London police, but they said the request had to come from the victim’s local precinct. By now my husband had returned and after giving the stationery store and Western Union a piece of his mind (and trying not to be too annoyed at me), we filed a report with the Maplewood police. The officer looked at us like we were nuts. It was the first one of its kind she could recall.
On Tuesday morning, a Detective Sally from Maplewood called me at work and politely listened to my tale. I urged him to contact Western Union to find out where the perpetrators had collected the cash. It took four days and a few nagging phone calls, but he finally got me the information: The money was picked up at 11:09 from Favour, a shop at 172 Deptford High Street, London. "Eileen" had used a fake ID and given an obviously fictitious address and telephone number. I got the name of the London precinct closest to the shop and asked Det. Sally if he'd contact the store to see anyone had installed a video camera. But the detective didn’t think his precinct would allow him to make an overseas call. I bought an international calling card he could use.
“Detective Sally,” I said. “I’ve given up on getting the money back. But now I’m curious. I’m a former newspaper reporter. I want to take this story to the end. “
When Eileen heard what happened, she apologized profusely. She and her husband even offered to split the cost, but I refused. She felt terrible, she said, because the reason the perpetrator knew her husband’s name was that before my IM discourse, the scam artist had been engaged in a similar conversation with a friend of hers, Bob, who had IM’ed: “Are you with Craig?”
Bob had been about to wire money but had somehow caught on.
Eileen was even more upset than me – it’s one thing to lose $1,000, another to have your identity stolen. She made a few phone calls, including to the Securities and Exchange Commission, but like my experience, everyone was polite but pretty useless. She changed her email service and noticed that on Facebook that day an unknown person named Tunde Abdulkareem had tried to add her as a friend – information I passed on to my Maplewood detective.
So what we had here was an internet scam and a case of stolen identity, about which no one cared. Det. Sally did phone once to say he used my calling card to contact the London precinct, but no one had called back. I pestered him for a couple more weeks, but after a few unanswered phone calls, I, too, lost interest.
On the bright side, the incident has made me a more cautious internet user and has served as a warning to others. I’ve since heard similar tales from people who fell for cyber ruses and thankfully, more often, from those who avoided them. Plus, as the story spread within my circles, I got the reputation as a pretty nice person – maybe a little gullible, but a good friend on whom people could rely in a crisis. And then there was the consolation prize. A few days after the incident, I arrived home to find a case of wine on my porch, mixed red and white, with a lovely thank you note from Eileen.
That night I opened a bottle of Pinot Noir and poured myself a glass. Here’s to the 21st century, I toasted myself. We won’t get fooled again.
Carla Cantor is the managing editor of Rutgers Today.