There is currently a scammer taking over email accounts belonging to radio amateurs and asking for you to buy gift vouchers on their behalf.
If you get an email from someone who rarely writes to you or from someone you often talk with but the style is strange - BEWARE.
The story is the common one - for some reason, they are incapacitated and need to send a present to a family member and need your help as they cant do it themselves.
These emails are usually the result of ID theft either directly or from a website where the person who is “supposedly” sending the email has an account.
Often the scammer will use the same “signature block” so it appears to be coming from who he/she says it is.
If you have a way to contact the person via phone (OR RADIO) to tell them please do so, so that they know what is going on and can see if they can cancel their email account (or Twitter, or Facebook, or WhatsApp or or or …) to stop the fraud.
If in doubt, on no account give any money in any form in response to these emails.
I received an email earlier today from a well know SOTA Activator/Chaser just asking me to confirm receipt of the email and wanted a favour. The callsign was at the end of the email, so I ended up assuming it was the right person so wanted and asked what the favour was. When I found out it was to buy an Amazon Card for a niece’s Birthday, I started to think that this was dodgy so I private messaged this SOTA activator/chaser via this Reflector to state that I suspect the email account had been hacked.
Indeed they can. But these scams work on the social engineering aspect that you are receiving an email from someone you know. Or at least you are meant to think your are receiving from someone you know. In that case you need access to the mark’s address book for it to work and so you can send it to people more likely to respond.
One of the hacks used is to commandeer an apparently inactive profile on a popular website for providing info about ham radio ops. So it’s worth keeping an eye on your own profile on any and all websites you can think of, periodically updating the password. I am not specifying the site but most hams with internet know it.
Andrew vk1da
I frequently have emails arrive that are made to look like they have come from other Hams, with random links and all sorts of stuff, as it happens my email provider is getting better at filtering them and most of them end up in the Spam folder.
Some even appear to use the real email address of the person they are supposed to be from, but most just have a Name and/or callsign and a fake email address.
Thanks Phil,
Yes the FJ cruisers have been discontinued now (in Australia at least) and are becoming somewhat of a rare item.
I had forwarded photos of the station as requested to whoever was coordinating things at the UK end of that contest. The antenna mast is of course my SOTA mast and the antenna was my old linked dipole.
The caption stating the station was operating outside Canberra was slightly incorrect, as I was located on Red Hill about 2km south of Parliament House. It’s a Hump, as it doesn’t have the prominence to be a SOTA summit. It has a WWFF number for the nature reserve. I set up once on Saturday night for the first 3 hours of the contest (local time 9pm to midnight) then again on Sunday afternoon in light rain, for another stint of about 3 hours.
Conditions on 40m on Sunday afternoon were quite staggering, s9 signals from G stations and immediate responses to my replies in most cases. Very enjoyable and I even improved my 22wpm sending with the portable paddle and the keyer in the 706. No memory keyer in that rig, sadly.
I just thought that I’d best make you all aware I have now had 2 recent scam emails from the same well known SOTA activator/chaser that I had back in July. I have sent another private message via this Reflector to this well known SOTA activator/chaser about this which will hopefully get seen as I never had a response to the private message I sent back in July so unsure as to whether or not that was seen. I will not be disclosing the identity of this well known SOTA activator/chaser on this public Reflector, but I will advise that if you come across any suspicious looking emails in your inbox or junk mail folders from any SOTA activators/chaser so you don’t make the same mistake that I did back in July by responding to that email.
The problem might be out of control for the respective person. If the email adress was leaked to those scam criminals then it might pop up again and again. It is part of databases that get traded on the darknet. Not much that can be done afterwards.
The email adress is burned “forever” and the only chance is to move to a new one and take care.
I can confirm that it DOES repeat. I use gmail for my email and it is now effectively flagging these as spam emails, but sometime, you start to wonder when you read them …
I had them (apparently) from a SOTA activator/chaser and from non-radio friends as well. If you look at the source code in the message and then do a “Whois” on the IP address, the latest batch of these appear to be coming out of Ghana and other African countries over “Afrinet”.
What this means is that somewhere an acoount owned by the activator was hacked to obtain some details. Next a new account is set up using the activators email name but on a server where user checks are lax. That new email address with new domain is then used to pretend that assistance or help is needed. That may take several forms but commonly they request vouchers or payment cards, but may include request for remote financial assistance. I explored this in depth recently but unfortunately I have deleted all the data.
