by: Chris Kitching
Winnipeg Free Press
Nothing appeared out of the ordinary when an official-looking email — bearing the Bell MTS name and logo — arrived in Julie Leefe’s inbox, claiming she had a new voice message.
When she clicked on a link and entered her login details, she unknowingly gave hackers access to her account and contacts, including two well-intentioned friends who ended up losing $300 each in a subsequent emergency scam.
“It looked completely legitimate,” Leefe said of the email. “I stupidly clicked. I had to put in my email address and my password, and then there was no voice message there.”
The 69-year-old Oakbank resident wants Bell MTS to send an alert to its customers.
“They don’t seem to want to warn the public,” she said. “As seniors, we’re always dealing with change. I’ve never heard of a voice memo, but you can do voice recordings. I figured, maybe, it’s a new thing. “We have to be even more aware than we had to before.” The disguised email containing the malicious link displayed a “no reply” Bell MTS address. It didn’t contain the kind of typos or grammatical errors Leefe is used to seeing in most phishing attempts.
She was on a fishing trip when the email arrived around Sept. 3. Expecting a quote from a contractor, she signed in assuming he had left a voice message. “I feel angry that I wasn’t more careful, and I feel very sad that my two friends got caught up in it,” said Leefe.
With access to her account, hackers sent emails asking her contacts if they have an Amazon account. Those who replied were given a sob story, as the con morphed into an emergency scam.
Posing as Leefe, the hackers claimed she had a “bad leg” and needed helpbuying a birthday present for a niece.
Each contact was asked to buy a $300 Amazon gift card and send a picture of the card numbers needed to redeem the value online.
The money would be reimbursed, the email claimed.
Thinking they were doing a good deed, at least two friends bought gift cards in stores and supplied the numbers.
Zdena Price, 69, cried when she found out it was a scam.
“The reason I cried is because I always wanted to trust, and I can’t do that anymore,” said Price, who lives in Castlegar, B.C. “Now, you almost have to become suspicious of anybody and anything.”
She realized she had been defrauded when her daughter urged her to call Leefe to find out if the request for help was genuine.
When she later alerted Amazon, staff told her the card had been redeemed and the account, based overseas, would be frozen.
Like Leefe, Price decided to speak out because she wants to warn others,
especially older adults.
“The crucial thing is to be educated and safeguard all your credit card numbers and personal information,” said Price. “Do not give it out to anybody.”
The second friend, who asked not to be named, knew she’d been scammed when she received an email asking for another $200.
The Oakbank woman had some doubts about the initial sob story, but it seemed plausible because she has seen Leefe with a brace on her leg.
“I’m disappointed in myself for falling for it. I’m frustrated this happens to decent people,” the 69-year-old woman said. “I just got caught wanting to help. People think they’re cautious enough, but it can happen to you.”
She reported the fraud to the RCMP, but accepts “there’s nothing they can do” because cyber criminals are difficult to trace.
Feeling awful about what happened, Leefe has offered to reimburse her friends.
“They’re the warmest, kindest, most honest people you can imagine,” she said. “It’s completely innocent, wonderful people who are getting sucked in.”
Leefe believes scammers obtained her email address when a different friend’s account was hacked last month.
She called Bell MTS when family and friends began asking about the suspicious emails from her address.
Staff, who helped change her password, discovered the hackers had set up a filter and were forwarding her incoming mail to a webmail account that mimicked her Bell MTS address.
Despite changing her security settings, the hackers were still able to erase her contacts and send and received emails, Leefe said.
She authorized Bell MTS to suspend her account.
Leefe reported the scam to the Canadian Anti-Fraud Centre. She was advised a police report wasn’t necessary because she didn’t lose any money.
Another friend, Val Arklie, said her email account was hacked Saturday.
“I have no idea what the trigger was. I got the voice memo email, but I didn’t click on it,” she said.
Hackers posing as her sent a similar sob story to her contacts.
Arklie, 69, said a “good-hearted” friend tried to buy a $400 Amazon gift card, but the payment was flagged as suspicious and the money was returned.
“It would be lovely if there was a way of catching these people,” said Arklie, who wasn’t defrauded.
Bell MTS encourages customers to call 204-225-5687 to verify emails or text messages.
“We want our customers to be aware that Bell MTS will never ask for personal information such as passwords, bank account information and credit card numbers in an email,” spokeswoman Morgan Shipley wrote in an email. “Customers are always advised to delete these messages and not to click on any links in them or reply to them.”
Seattle-based Amazon.com Inc. warns people to be wary of emails that create a sense of urgency. It encourages people to report scams involving its name or customer accounts.
“Scammers that attempt to impersonate Amazon put our customers and our brand at risk,” a spokesman wrote in an email.
Phishing is among the most common online scams, said cybersecurity expert Mathieu Manaigre, president of Winnipeg-based Avenir IT.
His company runs test phishing scams for clients to assess the awareness and carefulness of staff.
“The ones we catch people on tend to be voicemail- or fax-related scams,” Manaigre said, adding he would welcome more efforts to educate and protect older adults from online fraud. “Seniors tend to be the ones falling victim more often to these money-sending scams.”
RCMP spokesman Sgt. Paul Manaigre (no relation) said phishing scams are becoming “more and more” sophisticated.
People should “do their due diligence” and call the purported sender before clicking on links or divulging information such as login or banking details, he said. “It’s also a very good idea, if this involves seniors, for them to contact someone they trust — family, friends — and provide the information to them to see if it what is being asked makes sense.”
Winnipeg police have not received any reports about the recent scam, a spokeswoman said.
“That said, we consistently get multiple reports every week regarding compromised email accounts through various means,” she wrote in an email. “Criminal actors are constantly trying to gain access to emails as a mechanism to defraud others or to gain access to the victims banking or other services.”