Western Union

Dr Paul – Resurrected

Yesterday’s Dr Paul post got me feeling a little bit nostalgic. I miss our late night phone calls. I decided to see if I could redeem our relationship – and pursue the conclusion of our transaction. I ate humble pie. I apologised.

Dr Paul,
I wonder if you have had a chance to reconsider this arrangement.
I would like you to consider continuing with this transaction under the terms dictated previously.
As a sign of good faith I will be transferring a portion of the payment to Emmanuel via Western Union when I receive your reply.

And he took the bait.

Dear.

Thank you very much for your mail. how are you today my friend. my friend before you make my main to feel bad but now i no that you main have come down. so my friend since that time you fund is in airport waiting for you but because of the way you make my main fee bad make me that i did not contact you again. my friend that last time i try all i can do to see that i help you but you do want to understand me. but if you have come down just go and send it money today and get back to me fast so diplomat will live first tomorrow morning.

My friend as am sending you this mail all arrangement have make to deliver this fund to you this very week.  but friend just belive me that i will help you got you fund this week if you follow my word, but am happy now you main have come down because i did not like if am telling somebody truth it will hear me. so my friend please as you getting this mail now go and send this money fast. Am looking forward to hear a good new from you today.

Yours Friend

Dr Paul

Now, I’ve been doing a little bit of reading up on the whole scambaiting thing – Gilbert from scambuster419.co.uk – is the master. He has devised a number of ways to pay the scammers, without forking out any actual money. I decided to take this game to a new level… enter, the Western Union receipt.

Dear Dr Paul.
I went to the local Western Union agent to do the transfer – attached is a poorly scanned copy of the receipt. The post office I visited to conduct this transfer had very old equipment.
I will send you a better quality version when I can.
Regards,
Nathaniel
Good day sir.

Right. That’s official looking. I’ve paid my dues. It’s time for Dr Paul to come through with the goods.

Sadly, Western Union have an online facility for verifying the details of these things…

Dear.

My friend i have big problem now in western union the paper you send to me for the payment ,the MTCN number is not ok. my friend please go back to western union now fast and go am collect the information again because this one you send to me the MTCN number have mistake.

my friend please try do it fast now am in western union waiting for you. so by tomorrow diplomat will start coming to deliver you fund to you. my friend as i want to western to pick up this money the western union the find this mistake. please as i told you go now and collect the correct information please. my friend please try do very thing fast now so i will run down to airport and give them this money.Am looking forward to hear from you now.

Yours Friend

Dr paul

His request came outside of office hours – how could I possibly acquiesce – besides, the details are right. I’m sure of it…

Dr Paul, 

I am sure the details are correct – I also had to give the clerk a security question – they said these are mandatory for transactions to your country.

The question – was "what’s your favourite bible verse" – the answer is Exodus 20:15.

I got into Western Union’s local agency prior to their closing for the day – that receipt is exactly what they provided me.

You may need to work this out with the clerk on your side.

This is when the phone calls started. I’m not ready to talk to him again just yet. I suspect he stole my money.

Dear.

Thank you very much for your mail once again my good friend. my friend am not lair to you am telling you the truth please. my good friend i can collect this money and told you that i did not collect. my friend the code i try it by my hand in western union web site the code is not OK. my friend am please you to go back to that western union you send this money and please them to check it for you again so the will give you correct code please.

my friend since that time am standing in western union in fact not happy will them the time the check it and tell me the code is not correct. my friend let you main come down, try go now to western union send this and tell them to give you the correct code please. my friend since morning here am run round in airport to see that diplomat will move today. my friend i can lair to you am child of God. please take it easy very thing will being ok.

my friend please take my word i will not lair to you because i take you as my good friend. my friend how can i lair to my good friend i want to help.  my friend do it fast so i will take the payment to airport now.Am looking forward today

Yours Friend

Dr Paul

Indeed. Computers. Who can trust them. The Western Union system must be down… I have a few ideas of what might be causing the hold up (other than that I didn’t actually send any money of course…).

Perhaps the payment won’t clear for a day or two – I did pay by cheque. You might need to try again tomorrow or the next day. I will confirm that the details are correct – what number did you try?

They also said you’d have to go in person – not on the website – because you are in Ghana. There are special rules dictating transfers from Australia to some African nations.

That must surely be it…

Dear.

Thank you once again my friend. my good friend since am in this office i never see this before.  my friend please have you contact  the western union where you send this money since this problem come out?

please my friend if you did not contact them please try contact them so very thing will be clear fast. my friend by now diplomat have to live Ghana today but because of this problem is in airport waiting for me to come back and do the payment before he live Ghana will this fund. my friend this is transfer control number:8561629001  i see in that paper you send to me. my friend i will never lair to you in my life.

my friend am Man of 56year , i have three sons so  for me to lair to you can not help me. so my friend take my word very thing will be nice. my friend since today am never have Rest because of you try help me as am helping you here. Am looking forward to hear from you today.

Yours Friend

Dr Paul

Hmm. He’s never seen this before. Well, it must be a Western Union problem. The scent of payment got him pretty excited. I missed 6 calls from him last night. So this morning I sent him these two emails.

Dr Paul, 

Has the money arrived? I trust that this has all been sorted overnight and we can now proceed with the transaction.

Let me know what must be done in order for the diplomat’s trip to be a success.

Dr Paul,

That number is definitely correct. I have spoken to the lady at Western Union here – she said there are some computer issues that have prevented the transaction being registered with the Internet service – and said you need to go into the Western Union branch nearest to you to claim the funds.
The funds have definitely been transferred and cleared.

Hacker sacked

A couple of people have commented on my Facebook note regarding the hacker saga (it was imported from a post to my old blog – one of the ways I tried to get the word out regarding the hacker). Scams of this nature traditionally involve someone claiming to be in dire trouble – and asking for money to be transferred via Western Union. In this case the hacker also changed the access email address for my account to something quite bizarre and obviously not linked to me. This same process was carried out with another friend’s account a couple of weeks back – and the best way to get access to your account back, and the way I got my account back, is to notify Facebook immediately. The link is pretty hard to find – but it’s here in case you’ve come to this post via google looking for some sort of solution to your own Facebook hacking saga.  

In my case the hacker was logged on at around 2am Australian time, claiming to be from England. It would appear that he had also hacked into the email account he was using to access my Facebook – but that’s pure speculation on my part. To my knowledge he spoke to two of my friends – who both took similar courses of action to verify that it was not me – one rang my mobile, the other tried to get in touch with my parents. Hackers are not smart. The basic premise of the hacker’s story was that I was in London and had been robbed at a hotel. I needed money. My friend Mark had seen me at a wedding three days before this conversation took place:

“1:34am Mark
when did you fly to London?
1:35am Nathan
4 days ago
1:41am Mark
did Robyn fly with you?
1:41am Nathan
yes
we are robbed together
1:41am Mark
you flew out on the 19th?
1:42am Nathan
cant remember the date
why are you asking?
1:42am Mark
why can’t you remember?
1:44am Mark
what day was it?
1:45am Mark
Nathan this isn’t like you what’s going on? when did you fly out of Townsville?
1:48am Mark
Hello Nathan? What’s happening? this isn’t like you what day did you fly out>
?
1:50am Nathan
i told you something
you didnt believe me
1:51am Nathan
what else do you want me to say???
1:52am Mark
you said you flew out 4 days ago, i can’t believe that becuase i saw you 3 days ago
i want to know what’s going on.
?
1:53am Nathan
it was 4 days ago
1:54am Mark
Friday, the 19th was 4 days ago, and I saw you at the Wedding on Saturday the 20th.”

Lesson one for would be Western Union scammers – make sure you don’t contradict someone when they tell you where they last saw you. Lesson one for potential victims – stick to your guns. The scammer then suggested Mark transfer money using his credit card and westernunion.com – when he was told Mark didn’t have a credit card he suggested he head to his nearest Western Union agent. No doubt unaware the Darling Downs (where Mark was staying) doesn’t think highly of 24 hour trading…

“2:12amMark

one problem mate. i don’t have a credit card
2:12amNathan
ok
then go and do it any agent close to you
2:15amNathan
have you gone?
2:15amMark
no i’m here
2:16amNathan
why?
how much can you loan me?
2:17amMark
how much do you need?
2:17amNathan
$800
how much can you afford?
2:18amMark
you need $800 cash?
2:19amNathan
aussie dollars is very loan in UK
2:20amNathan
low in UK
2:21amMark
right i understand
2:21amNathan
when are you going?”

Mark by this time had called me – and decided it was time to give the hacker a moral lesson. He didn’t like that much.

2:28amMark
why, well i’m interested, when did you got a new email address?
2:29amNathan
is that your business?
why would you need that to help me out in a situation like this
2:29amMark
and how’s the weather in Nigeria?
2:30amNathan
which Nigeria?
2:30amMark
and finally how can you ask for money from well meaning people?
2:30amNathan
you are nut
2:31amMark
i am nut
?
2:39amMark
does not appear so
2:39amNathan
sure
2:40amNathan
have a nice day
bye
bye
not to meet again

At this point I logged in to Robyn’s Facebook account to try to initiate dialogue with the hacker – he ended our Facebook friendship. But not our Facebook marriage. He also went very close to convincing friends of mine who were in England at the time to help – they offered to drive north to London to rescue me – which is nice. But all the hacker wanted was my money. 

I was left with no access to my account, some confused friends, and an email address for the hacker. I decided to take matters into my own hands. The hacker’s email address was an address at verizonmail.com – which is a domain sold by mail.com. I sent them an email complaining about the misuse of that account. 

Then I got in touch with the hacker. 

Magor,

If that is your real name… I am willing to pay to get my account back under my control. Please forward your Western Union account details. I would be willing to pay $US250 to have my account returned.

I’m not advocating this sort of behaviour in normal circumstances – but this hacker already had my email address, and various other pieces of information from my account, so it was not a hard decision to make.

Lesson one for people with lax online security – you know how they say make your password hard to guess and don’t use the same password at multiple sites – this probably saved me losing access to my gmail – which thanks to its wonderful archiving system would have allowed the hacker access to my passwords for multiple accounts on multiple different sites.

I received a response to my generous offer…

“RICHARD Vincent is the name
Location is London,Uk”

I intended to use as much information I could get to try to get into this guy’s email address – his secret question was “pet name” – I would suggest never using an obvious answer to your secret questions (ie don’t use something people can find out by googling you). Anyway, I also tried a couple of sites that let you reverse search an email address – one of them suggested an IP address somewhere in the US – but I figure that was for the Mail.com servers.

I wanted as much information about the hacker as possible so I went fishing (or phishing… almost)…

“Australia has increased regulations for Western Union money transfers – to combat fraudulent transactions. I also need to verify your date of birth and occupation.

His reply:

“august 6th 1976……
what should i make the password of the box??”

I wanted to stall him while I waited for Facebook to restore my account – or to get access to his email… which is probably not the most ethical way to go about it.

“Is this offer acceptable to you?

I don’t know how I can trust that you will in fact relinquish control of the account – how would you suggest proving that you can be trusted?”

That’s right hacker. Make me trust you. Someone who’s proven untrustworthy already.

So he responded with a little bit of pathos. A happy birthday to me. And a revelation that for him at least – it’s all about the money.

“so today is your birthday?
i can swear with my life that you will get the account back immediately you send me the money.Thats all i need.
am sorry for doing this,but i need the money.

The choice is yours”

I decided to see just how dumb he was. If he reset the email address on my account I could have a password reset form emailed to myself… but this email bounced.

“I’m not sure the word of a hacker is worth much to me.

I think perhaps if you change the email address on my account back, send me an email notifying me of the change. When I see the email on the account has changed I will make payment and we can agree on a password for you to change it to.”

Poor Richard Vincent in London probably has no idea why his email address has been closed down. Or maybe it was just an account set up to swindle unwitting facebook friends out of their hard earned cash.

As I mentioned in an earlier post on this situation – there are lessons to be learned from this experience. Don’t make your password something stupidly obvious. Don’t make your secret questions easy to figure out. Don’t store passwords for every account you have in one email address. Don’t use the same password for more than one site. Change passwords regularly. And don’t expect $800 from your Facebook friends.

Scroll to Top