<p>I thought the post regarding Microsoft XP was helpful in that I had not heard of that one. </p>
<p>H fell for an email that said he needed to verify AOL account because of access from an unknown location or something to that effect. He actually gave away his pw and all his contacts received an email (from me, and I am not the “owner” of the account, so don’t know where my name came from) that we needed money, stranded overseas etc. I have gotten those emails before. All the contacts were removed from the account, but he was able to get into the account and change the pw. He is getting more spam now, some which appear to be additional scams - your aol account is full, click here to …(didn’t bother to read more). The email “appeared” to come from aol, but if you click full details (which he didn’t), you would see that it was not from aol. He didn’t ask me before he did this, and when the calls started coming from friends to see if we were at home or work, he didn’t even connect the incident. Oh well.</p>
<p>The thing that may be confusing to those who don’t really focus on scams is that Facebook appears to send legitimate emails that say that someone tried to access your facebook from a different location if you do that. Or is that a scam too? Do any other websites send such emails which are legit?</p>
<p>My mom got the weirdest email like that, supposedly from my son about how he was sick and needed money for the emergency room. It must have been Facebook-based because someone had a lot of information, including my son’s name (a not-quite-typical shortening of his given name) and what he calls his grandmother. When you look at his Facebook page, though, you could tell how they got the details. Luckily, my mom isn’t your typical sweet little 82-year-old widow. She shut the scam artist down in no time flat! </p>
<p>I’ve never heard of Facebook notifying people of accessing their account from a different location. I would think people do that all the time, and wouldn’t be unusual enough for notification. Is this something they do?</p>
<p>I have had those notifications from Yahoo and Google after accessing my email in Germany and Mexico, but I have a rule of never clicking on links in emails. I figure if something fishy is going on with my accounts, there would be a notification upon me logging into them directly.</p>
<p>It’s funny you bring this up as I’m an aol user and with some frequency get emails about my account from aol but they all seem fishy, I never click on links and just delete them. It has occurred to me, though, that I wouldn’t know how aol WOULD reach me as I’m already logged on to my account when I get these emails. If aol really did want to communicate something to me, how would they do that?</p>
<p>Yes, Facebook does this. There’s a setting under Security called Login Notifications. If you activate it, you’ll be notified if your account is accessed by a computer or mobile device that you haven’t used before. So if you use your friend’s computer to access your FB account, you’ll get a text or an email letting you know about it.</p>
<p>Always make sure that your websites are legitimate by looking for the ‘https’ and the lock before your URL–it’s also really hard to spoof URLs these days, so a hacker can’t use A0L.com. They have to use some random URL, so if you’re paying attention, that’s an easy thing to notice</p>
<p>Facebook notifies you, but doesn’t ask you to confirm or to click a link. It just says, “If this wasn’t you, please go in and change your password.” It directs you to go directly to Facebook.</p>
<p>Any time I get an e-mail like that, I open a new browser window and go directly to the allegedly affected website by typing its address or using my bookmarks. Then I can verify if there’s an issue.</p>
<p>soccergurl, I just looked at aol (another tab on my computer and I’m logged in) and in the address bar it starts with mail.aol.com/ (and a few more characters). I’ve noticed the https and a $ sign when I’m buying something online which shows me that it’s a secure site. I don’t see the https on this page either – I see talk.collegeconfidential.com/parent (and many more characters). I still feel like I’m missing something!</p>
<p>Ha! I just got an email from a friend with an AOL account (in other words, someone hacked her account)… the kind that says they’re abroad and can’t leave their hotel because their credit card got stolen and it will take 3-5 days for money to be transferred from their bank.</p>
<p>Thanks to the wise folks of CC, I responded with this email:</p>
<p>OMGosh!</p>
<p>How horrible. I didn’t realize you were going to Istanbul after Rome. </p>
<p>How much do you need? Thankfully, George just got his huge mid-year bonus and we haven’t transferred it into our investment accounts yet. Give me a call - (847)968-4600. Or have the hotel manager call me. I will be home all day.</p>
<p>Lisa</p>
<p>The phone number I gave was to our local police department.</p>
<p>I’m so glad to hear from you,I’m stranded and empty without my phone which has limited my communication to email.I feel so sick right now also your lovely email has cheered me up,i need to get my ticket straightened out and sort my hotel bills. I promise to pay you back as soon as I get back home,i need about $1,900,you can have the cash wired to my name and present location via Western Union thank God i still have my passport ID as identification to pick up the money.</p>
<p>The details you need is:</p>
<p>Name : *************** (I’ve starred it out because it has the name of my friend)
Location: Ebusuud Street 213 Sirkeci, Fatih, Istanbul 34210, Turkey.
Amount… $1,900</p>
<pre><code>As soon as it has been done, kindly get back to me with the confirmation number. Let me know if you are heading to the Western Union outlet now.
</code></pre>
<p>Thanks… I would want you to take this as a life saving moment i will never forget.</p>
<p>I’m going to keep playing along with it I think.</p>
<p>I will be interested to see where this leads, Teriwtt.</p>
<p>I once remember reading some stories on a web site of people who love to string these scammers along. When the scammers realize they’ve been had, they are SO INDIGNANT. Oh, the irony…</p>
<ol>
<li><p>If you get a notification from XYZ about your account verification or something like that, never go to any link in the email, no matter how legit everything looks. Close your email and restart browser (abundance of caution) and go to XYZ.com instead.</p></li>
<li><p>If you are exceptionally suspicious, when you go to XYZ.com login with your legit ID, but then try a totally fake password. If things are legit, you will get a “invalid pw, try again” type message. If it was not legit, you will get some notice that "thanks for logining in, but please try again later to get into your account. All that means, is they think they now got your ID/PW combo with that.</p></li>
</ol>
<p>But generally, step 1 is all that you need.</p>
<p>Within a half hour of my last post here, I got an email from my friend’s work email address, letting people know her AOL account had been hacked, so I figured the gig was up. I told her how I responded to the AOL emails I had gotten, and she just replied with a ‘thanks’. I don’t expect anymore, but it’s nice to know I strung someone along for at least a few minutes.</p>
I go one step further - I almost never use links in any email that take me to any of my personal accounts. If I go to a site to reset my password and they say they’re going to email me right away, I may do so, but I think the risks of using links in harmless looking emails outweigh the convenience.</p>