Saturday, 20 November 2021

THE DIGITAL CURSE-STORY OF A HACKED

The debate on whether technology is a boon or bane will continue for years to come. That it is essentially an enabler with double-edged application is likely to be the conclusion, if at all there is one. 

For those of us who are aware of the hacker's delight and the agony of the hacked, there is no means to anticipate the increasing sophistication and teamwork of hackers engaged in their nefarious and despicable activity. "Really?" some may argue. No different from human trafficking, drug peddling, arms smuggling, terrorism and so on. Yet another,albeit distant activity, of exploiting another human being. 

What is the level of sophistication in hacking and what needs to be done may vary with individual interpretation. Let me narrate my story.  

Reasonably aware of dont's, my investigation reveals that fake messages purportedly from the Microsoft team started to arrive at irregular intervals on resetting my account using a four digit number sent on my cell. Hotmail users would know the story of the Samir Bhatia invention bought over by Microsoft and facilitation of Outlook-the chain of which I have never bothered to study, may be exploited by clever hackers. Was it the case? not sure but it appeared from the" MS team."

Blissfully unaware that my address book has been compromised as the password had been duly and successfully changed, I changed my PW as a precautionary measure as soon as vague reports started to arrive on a message from me to my friends. I posted a message on the wall of my FB page and to my WhatsApp groups.My immediate investigation of possible methodology of hacking revealed that the hacker had changed my PW from Nigeria as contained in a machine generated message from MS team. The first red flag should have been raised by team MS. The exact modus operandi followed by the hacker is not clear to me. 

What followed thereafter was a series of well planned moves that indicate an extremely well versed team of people with expertise on internet and banking fault lines. Here is why I think so.

  • Use of knowledge of Hotmail/outlook and likely gaps therein
  • How my emails have been studied to establish names of my family members to prove that their mails for financial assistance is duly authenticated when challenged. 
  • This includes dates of loss of my wife and son
  • Authentic picture of a new born baby at a hospital in California
  • use of language and even font used by me
  • Four to five bank accounts established purely for collection of fraudulently acquired funds.
  • All banks are located at Noida, delhi and remote places in UP where the money was withdrawn the same day.
  • Very factual and calibrated responses to those that questioned them. Even thank you mails for their handsome contributions.
  • Different stories to suit the target.
  • Remain engaged on outlook.com despite my changing my password on hotmail. Even as I type this they are engaged in entrapping more unsuspecting but gullible friends.
  • The whole operation has been planned and executed by experts from multiple specialisation, Former employees of software/IT companies and/or the banking sector appear to be working together in multiple locations. 
Sadly, those who were scammed did not follow the basic step of authenticating the info on cell or other means. It was gratying to note their devotion and faith in me. The perpetrators of the crime took advantage of just that. There were many red flags in their appeals that should have alerted the users of internet. 
Using this as a case study and the useful contribution of dedicated cybercells created for this purpose, I intend pursuing this dirty gang. I know they will read this and laugh away. You wont be laughing for long.

No comments:

Post a Comment