Fitness Site Scam! Watch Out!

YogaRunner
YogaRunner Posts: 652 Member
edited September 22 in Fitness and Exercise
Hi Everyone,
I wanted to warn you of a scam that I fell for so that you don't. I was sent a friend request from someone I knew to a site called LiveHealthClub.com I accepted the friend request. This unfortunately allowed them to hack my gmail account. They then sent friend requests to all of my contacts. THEN, they sent spam e-mail to all of my contacts from my gmail account stating that I was in London, was mugged and needed money. In addition, they wiped out all of my contacts from my gmail account. While many people realize that the e-mail saying I was in London and needing money was a scam, many do not realize that the friend request is a scam too. Since we are all fitness minded, I wanted you to be aware so you don't fall victim like I did.

Risa:flowerforyou:

Replies

  • UpToAnyCool
    UpToAnyCool Posts: 1,673
    oh no! sorry you had to go through that. thanks for the warning - ! i'm not a seagull, but i'm gullible.
  • ohwhataday
    ohwhataday Posts: 1,398 Member
    Ack! Thanks for letting everyone know! That is awful, and I am so sorry it happened to you. =[
  • FabulousFifty
    FabulousFifty Posts: 1,575 Member
    Stinkin' scammers! My laptop crashed last weekend and I bet I opened something I shouldn't have. Thanks for the heads-up!
  • mmtiernan
    mmtiernan Posts: 702 Member
    I am assuming that you accepted the friend request by clicking a link in an email?

    Just a bit of advice from a person who works in I.T. and sees these scams all the time - never, EVER click on a link in an email, sent to you that you did not specifically request. ALWAYS, always, ALWAYS, open a new browser window and TYPE the URL for the actual web site yourself - not the URL from the email. This is ESPECIALLY true if that link comes from a bank or associated with ANY institution with which you have any type of account. I can not stress this enough. The same is true for any phone numbers listed in an email - NEVER call them - look up the correct number on your bank statements, credit statements, etc.

    Also, a lot of banks and businesses ask you to answer questions to prove that you are actually the person authorized on the account. Many of these questions are things like your mother's maiden name, your high school mascot, etc. Many people don't want to give out this 'personal' information, but they also don't realize that most of it is already readily available on the internet! Go to any Facebook page and you will likely find that the person lists his or her family members by name, are linked to their high school and may even list the graduation date - and that's just for starters! Remember the story about Sarah Palin's Yahoo! email account being broken in to? She answered those same type of "security" questions and the thief was easily able to get the information to break in to the account. What most people don't realize, is that when you are asked to set up these 'security' questions, you don't have to give the correct answers - you only have to produce the SAME answers each time you log in and are asked the question. The bank does not care if your mother's maiden name is really Jingleheimersmith or not - it only cares that you provide that same exact answer every single time for verification.

    YogaRunner - I am so sorry that you had this experience. The web and technology have so many incredible and fantastic benefits - MFP being a shining example - and it absolutely sucks that there are also such scummy, horrible people out there exploiting it to steal. I hope this information helps you and others avoid such scams in the future.
  • JulieTX86
    JulieTX86 Posts: 303 Member
    I am assuming that you accepted the friend request by clicking a link in an email?

    Just a bit of advice from a person who works in I.T. and sees these scams all the time - never, EVER click on a link in an email, sent to you that you did not specifically request. ALWAYS, always, ALWAYS, open a new browser window and TYPE the URL for the actual web site yourself - not the URL from the email. This is ESPECIALLY true if that link comes from a bank or associated with ANY institution with which you have any type of account. I can not stress this enough. The same is true for any phone numbers listed in an email - NEVER call them - look up the correct number on your bank statements, credit statements, etc.

    Also, a lot of banks and businesses ask you to answer questions to prove that you are actually the person authorized on the account. Many of these questions are things like your mother's maiden name, your high school mascot, etc. Many people don't want to give out this 'personal' information, but they also don't realize that most of it is already readily available on the internet! Go to any Facebook page and you will likely find that the person lists his or her family members by name, are linked to their high school and may even list the graduation date - and that's just for starters! Remember the story about Sarah Palin's Yahoo! email account being broken in to? She answered those same type of "security" questions and the thief was easily able to get the information to break in to the account. What most people don't realize, is that when you are asked to set up these 'security' questions, you don't have to give the correct answers - you only have to produce the SAME answers each time you log in and are asked the question. The bank does not care if your mother's maiden name is really Jingleheimersmith or not - it only cares that you provide that same exact answer every single time for verification.

    YogaRunner - I am so sorry that you had this experience. The web and technology have so many incredible and fantastic benefits - MFP being a shining example - and it absolutely sucks that there are also such scummy, horrible people out there exploiting it to steal. I hope this information helps you and others avoid such scams in the future.

    Thanks for the info... very useful!
  • VJ150
    VJ150 Posts: 453
    So sorry you had to experience that. Thanks for the info - I'll be sure to be mindful.
  • skyski_tige
    skyski_tige Posts: 67 Member
    I had a Facebook friend that said he was in London and had been mugged. He needed me to send him some money. I said sure, just answer one question. Where did I finally meet you in person? We went back and forth and the other person was very offended that I would ask such a question in him time of crisis and finally removed me as a friend. I was never able to get in touch with this person but assumed he had been hacked.

    I have also heard of this scam where they will call an older person claiming to be a grandson / niece and needed money.
  • CMcBryer
    CMcBryer Posts: 139 Member
    I'll reiterate. Never ever open a link in an email!
  • MzBug
    MzBug Posts: 2,173 Member
    Something I do, I have a hotmail account that I only use for online....I use it for MFP, Facebook and My Space, and any other online things I do. My Hotmail account has no contacts other than one for my other email account so if it does (and it has) get hacked, the virus is contained to just one contact, myself. If I get an email that is legit that I need to keep (online reciepts) I forward it to my other account. I never open a link in any email. If you move your cursor over the link and look in the lower left corner of your window you can see where the link would take you. If the info in the link doesn't match what shows in the LL of the window, don't click it.

    Sorry you got burnt!
  • LotusF1ower
    LotusF1ower Posts: 1,259 Member
    I am assuming that you accepted the friend request by clicking a link in an email?

    Just a bit of advice from a person who works in I.T. and sees these scams all the time - never, EVER click on a link in an email, sent to you that you did not specifically request. ALWAYS, always, ALWAYS, open a new browser window and TYPE the URL for the actual web site yourself - not the URL from the email. This is ESPECIALLY true if that link comes from a bank or associated with ANY institution with which you have any type of account. I can not stress this enough. The same is true for any phone numbers listed in an email - NEVER call them - look up the correct number on your bank statements, credit statements, etc.

    Also, a lot of banks and businesses ask you to answer questions to prove that you are actually the person authorized on the account. Many of these questions are things like your mother's maiden name, your high school mascot, etc. Many people don't want to give out this 'personal' information, but they also don't realize that most of it is already readily available on the internet! Go to any Facebook page and you will likely find that the person lists his or her family members by name, are linked to their high school and may even list the graduation date - and that's just for starters! Remember the story about Sarah Palin's Yahoo! email account being broken in to? She answered those same type of "security" questions and the thief was easily able to get the information to break in to the account. What most people don't realize, is that when you are asked to set up these 'security' questions, you don't have to give the correct answers - you only have to produce the SAME answers each time you log in and are asked the question. The bank does not care if your mother's maiden name is really Jingleheimersmith or not - it only cares that you provide that same exact answer every single time for verification.

    YogaRunner - I am so sorry that you had this experience. The web and technology have so many incredible and fantastic benefits - MFP being a shining example - and it absolutely sucks that there are also such scummy, horrible people out there exploiting it to steal. I hope this information helps you and others avoid such scams in the future.

    Excellent advice in the above!!! The bit about opening another window and manually typing in the web address yourself is tiptop too. So many links that are malevolent will have the web address look like it says something else, something that is benevolent, that it is saying what it means, but it isn't genuine, it will lead the receiver to a malevolent site that could automatically download a trojan, virus or keylogger onto your PC without them knowing. The next ti they log into something like their Bank Account, the passwords will be logged and sent to the person who sent them the email in the first place and then they will fleece all the money from the bank account.

    I am surprised at the amount of personal info people will stick into things like Facebook to be honest. In the main, people have their real names on there, they will post the towns where they live, some people even stick their mobile numbers on their Info page and then we have the Birthday - it all looks innocent, but that birthdate is quite important and could cause no end of problems. I have had lots of people requesting my DOB so that they can put it on their FB Calendars - I know they mean well, but I never reply to those requests.

    I used to be a moderator on a certain large Internet Server, one of the areas I was quite active in was moderating kids' chatrooms. We were instructed to immediately "gag" the chat of any kid who plastered their address, real name or telephone number on the chatpage. I would continually inform the rooms NOT to put the name of the school they attend on the net and definitely not into the chatrooms or Instant Messages.

    The whole internet can be used for incredible good, it can also be used for bad, evil, wrongdoing, call it what you will. It is all very sad, but for every 100 people that walk by your housewhen you leave your front door wide open, three will walk in and take as much as they can, it is the same on the internet.

    Keep your PCs secure and do not give anybody so much info that they could literally steal your life.
  • this is really good information. thank you
  • This particulare site had the name of someone I knew, and thought it had to do with health items since I am on a diet; I was scammed as well.

    I now since; having read the information on this page have learned some interesting information.. and will do what has been suggested . Thank You...and Risa: I am glad that you are ok, and sorry for any inconveniences, I was as innocent as you.
  • mmtiernan
    mmtiernan Posts: 702 Member
    This particulare site had the name of someone I knew, and thought it had to do with health items since I am on a diet; I was scammed as well.

    I have seen this a lot before too. Even if the email is from someone you know, you should never click on an email link - especially if it is not something you asked them to send or they didn't tell you they were sending it. It's a hard lesson. We all like getting e-cards, watching funny videos and sharing web sites like MFP with our friends and it's a darn shame that we have to always be so very diligent.

    The same really holds true for accepting friend requests that you don't know - especially on big social networking sites like Facebook and allowing applications on Facebook. Never a good idea. I have ever seen any suspicious activity on MFP, however.

    I really hope that no body lost anything important over this and it's really great of you and Risa to alert others to the scam.
  • YogaRunner
    YogaRunner Posts: 652 Member
    Thank you all so much for your answers and support. Tigerrohr - we were both innocent victims here. No upset or worry on my end.
    I am wondering if one of you might help with a little more info. I fixed my gmail account by changing the password and more importantly by deleting the bogus forwarding e-mail the hacker had set up in my gmail account. I also ran a Norton 360 scan and AVG scan on my computer. How likely is it that those two programs would detect any key loggers etc that might have been placed on my computer? I am afraid to log in to my bank account until I know for sure there is nothing hidden on my pc.
    Thanks
    Risa
  • MzBug
    MzBug Posts: 2,173 Member
    Can't help you on that one. I had Norton 360 and the boyfriend got a virus from a website last year. Took 3 trips to the shop to cean it out. Not familiar with AVG. Ive been using Webroot products since then.
  • mmtiernan
    mmtiernan Posts: 702 Member
    The viruses that do the most damage, stealing millions on millions of dollars every year are very clever. The writers craft them to operate in absolute 'stealth' mode so that you will likely not even know it is on your machine, let alone be able to detect it with standard antivirus software. The pity is that it takes a tremendous amount of creativity, cleverness and intelligence to be able to craft these viruses - just imagine all of the great things that could be accomplished instead if only these minds were used for good instead of greed.

    Unfortunately as I said, the antivirus softwares can not catch all of the viruses and trojans out there today. The programs are so ingenious that they write the code within valid Windows files, among other methods. The only way to ensure that there is nothing on your machine is to literally wipe the hard drive clean and start it over. Not what you wanted to hear, I know.

    I refuse to use a Windows machine to do my online banking or purchases - I have a laptop with Ubuntu Linux on it. That does not mean that there are no viruses for Linux or Macintosh, which is Unix-based, however over 90% of the world's PC population is Windows, so it is the primary target for thieves and virus writers, which makes Linux and Unix a much better choice for safety.

    As to your gmail account - I would close it, rather than deal with an account that has been compromised, and create a new one. That gmail account was attacked once, which may or may not make it still a target for the thieves in the future.
  • LilynEdensmom
    LilynEdensmom Posts: 612 Member
    Thanks for the heads up...

    I got a message back a few months ago from a facebook friend (she happens to be my manager as well) saying she was in england, scotland somewhere like that and had been mugged and needed me to help her out and wire her some money...Sent a message back, saying sure get right on that as soon as you let me go on break, since you are running the store today...then showed her and told her she needed to check her account.
This discussion has been closed.