Scam ensnares priest's e-mail account

Friends and relatives of a Malta-based priest were shocked to receive an e-mail from him telling them he had been mugged while on a parish programme in Nigeria and urgently needed money to get home. The priest himself was just as surprised when phone...

Friends and relatives of a Malta-based priest were shocked to receive an e-mail from him telling them he had been mugged while on a parish programme in Nigeria and urgently needed money to get home.

The priest himself was just as surprised when phone calls started pouring in asking if he was all right - he had never been to Nigeria.

Hackers accessed the priest's personal e-mail account to send out a scam message to people in his address book asking for 4,500 to help him out after he had been mugged in Nigeria on his way to the airport.

"It was traumatic realising that all my personal information had been accessed... Apart from that, my e-mail account was disabled and I can no longer access it," said, the priest, who preferred to remain unnamed.

Information technology lecturer John Abela explained that this type of "personalised" hacking had become common.

Hackers used different techniques, such as phishing or dictionary attacks, to scour various e-mail accounts against a list of predictable passwords.

Once a match was found they hacked into the account. They could then mimic the victim's writing patterns and use information to create a personalised scam they would forward to people on the victim's contact list.

Hackers also sent out fake e-mails from large organisations, such as banks, and asked clients to resend their personal data following an internal system failure. Once the victim sent the data, which could include bank account numbers, the hacker had easy access to people's accounts or personal information.

Dr Abela underlined the importance of selecting unpredictable passwords.

"It's best to go for a strong password that includes a combination of numbers and letters and change the password regularly," he said.

He added that money-hungry hackers often asked gullible people to transfer money across countries through international money-transferring services such as Western Union.

In fact, that was the same technique used by the priest's hacker who "tailor made" the scam e-mail. It mentioned that he was a Maltese priest and ended the e-mail with his unique signature blessing.

The priest said one of his friends actually replied to the scam message and the hacker responded asking him to transfer the money through Western Union.

The hacker even asked the benevolent friend to e-mail him a scanned version of the transaction receipt so he could cash the money in Nigeria. The money was never sent.

On realising what had happened the priest immediately filed a police report.

"People need to be really careful and check with the original source of the e-mail before transferring money," he said.

Sign up to our free newsletters

Get the best updates straight to your inbox:

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.