Email scammer poses as local man’s fellow board member
SARANAC LAKE – Telephone scams aren’t the only tactic scammers use to get people to part with their money.
Todd Smith of Saranac Lake, president of Adirondack Sustainable Communities, said the nonprofit organization was recently targeted by an extremely convincing email scam.
The organization’s program director, Chloe Erickson, was in France and had filled out a request form for money. Smith said two checks from donors had come in but were $6,000 less than he had anticipated, so he emailed Erickson and asked her to fill out a new request form.
“All of a sudden an email came back that said she was traveling and didn’t have time to fill out the form,” Smith said. “The email also said there was a new bank account, and requested the money be placed into that new bank account.”
Smith thought that was strange, so he responded by explaining that the organization’s internal protocol required her to fill out and submit a new disbursement form with an approved budget attached.
“It kept going and going, and the emails back and forth were getting really aggressive,” Smith said. “They almost had me convinced that they were my director. The only reason I caught onto it was I noticed all the emails said, ‘Hey, Todd.’ In the life of our friendship and business relationship. Chloe’s always called me Smith. I looked back at all of my emails and they said ‘Hey Smith,’ so I knew it wasn’t her.”
Things weren’t adding up, so Smith contacted Erickson via Facebook and asked her to call him. She called the next day and was surprised to learn that she – or someone Smith thought was her – had been arguing with him.
Around that same time, someone at Smith’s bank received an urgent email requesting a $6,000 transfer. Smith determined that both his and Chloe’s email accounts had been hacked into.
“When someone hacks into your account, not only are they monitoring your account, but they also have the active control of deleting files, sending emails and deleting the records that those were even sent,” Smith said.
Smith said he now changes his email password at least once a month, something he advises everyone to do. He recommended double-checking everything you receive, including documents, to make sure they actually came from the listed recipient.
Smith said using an app like safePass to generate and remember random passwords for various accounts is also a good way to protect yourself from hackers.
“Most people think of passwords that they can remember, and those days are long gone,” Smith said. “You now have to use this crazy combination of things that you’ll never remember, so it helps to have a program to do that”
Apple and Gmail both have secondary password identification, which also offer protection. Users enter a password for their account, which generates a four-digit code that is sent to their cellphone. That code has to be entered to access the account.
“It’s a lot less convenient to do that then it is to have a simple password that someone can hack,” Smith said. “Then you lose a week, a month or a year, and maybe your finances. It’s the new level of common sense. You have to stop thinking of your email and all of your online things as convenience for the moment, and think of them as tools.”
Contact Shaun Kittle at 518-891-2600 ext. 25 or firstname.lastname@example.org.