Travel Scam Alert – Your friend was not mugged

A ‘friend’ sends you a desperate email from overseas. They’ve been mugged and are asking for your help so they can pay their bills and get a flight back home. The email is coming from your friend’s account, and it does sound legit, but you didn’t even know your friend was on vacation. Be careful before sending cash, you’re this far from becoming the victim of the latest internet scam.

In the latest trend, scammers have been hacking their way into web based email accounts (like Hotmail, Yahoo, and Gmail) by guessing a users password. They then send out a ‘cry for help’ email to everyone in the address book. The hope is that someone can be convinced into sending cash using a wire service.

Here’s one email I received from a friend’s hacked account:

I’m writing this with tears in my eyes,my fam and I came down here to London,England for a short vacation unfortunately we were mugged at the park of the hotel where we stayed,all cash,credit card and cell were stolen off us but luckily for us we still have our passports with us.

We’ve been to the embassy and the Police here but they’re not helping issues at all and our flight leaves in less than 3hrs from now but we’re having problems settling the hotel bills and the hotel manager won’t let us leave until we settle the bills.

Am freaked out at the moment..

Other variants include, “I’ve lost my wallet on my way to the hotel” or “Our rental car was broken into and everything was taken”. Other ways to tell it’s a scam – they usually don’t address you by name and the spelling, syntax, and grammar are off.

So, if you are the recipient of one of these emails, call your friend (don’t use the email account), make sure they’re okay, and tell them their email has been hacked. If you are the owner of a web based email account, make sure your password is sufficiently strong enough to not be guessed. Some combination of letters, numbers and special characters usually does the trick.

Illustration Credit: / CC BY 2.0

9 Comments on “Travel Scam Alert – Your friend was not mugged

  1. Also, tell your friend to send an e-mail to everyone in their address book warning them about this scam!

  2. Hey, Thanks for posting this… I just got an e-mail exactly like this….

  3. They hacked my Yahoo email, but I can guarantee you they didn’t “guess” my password. Looks more like the email host was hacked to get the email addresses. The bad part is that I notified Yahoo and they locked my account for 24 hours so now I don’t have access to my address book to notify all the people. Not sure what good it is locking my account. The email does display your email address however if you use the reply option, there is a very slight variation of it and would probably not be noticed.

  4. Thanks for posting this quote. I received this exact email as well.

  5. My boyfriend just got an email just like the one posted above. His friend travels pretty often, but she’s good about telling people she’ll be out of town, so he was suspicious when he got the email. He would not be the first person she would contact in an emergency like this, so it seemed odd. The english was also a little broken, which is unlike her. Below is the exact text from the scam email:

    “I’m seriously weeping at the moment, in fact I’m at a public library before i could get access to the internet, i know it might look shocking to you but things are not working fine at the moment,i went to Manchester United Kingdom for a short vacation and got mugged at the park of the Hotel where i lodged all my cells credit cards money where stolen except luckily for me my passport is still with me…….i have been to the embassy and the nearby police here but they seems not to be helping matters fast and so unfortunate for me my flight leaves in about 3-4 hours from now but am having problem settling the hotel bills and the hotel manager ordered the security to keep me await till i settle the bills, I’m seriously freaked out at the moment. I contact you for help, you loan me money I return it to you immediately I am back home.”

  6. My dad was the victim of this hack yesterday. I got this email and noticed one, he would never tell me half the stuff he said, two, I am his son and therefore I am part of his family, and three, he knows English.

    It really is sad that people actually fall for this scheme. This is just like the old Nigeria prince email. This one is much more clever because it uses the sender’s name and usually is someone the receiver knows.

    Oh, crackers, you and your crappy schemes.

  7. My Microsoft e-mail address was hacked into and every one of 1000+ persons on my address book got a ‘tears in my eyes’ e-mail. I was on holiday without access to a computer but my mobile phone was red hot with people checking up on my whereabouts and well being. I borrowed a wifi notebook and sent the following message to Microsoft Customer Support on the 24th August. Quote:
    My e-mail address ‘’ has been stolen, the password has been changed and the e-mail address is being used to contact everyone on my address book with the fraudulent message that my wife and I have been mugged in Malaysia and that I require a substantial sum of money to be wired to Western Union in Malaysia. How do I recover my e-mail address? End Quote
    This message was acknowledged by Microsoft Customer Support at 12.05 a.m on the 25th August 2010, yet a relative who was in transit in Doha received this message, thought it was real and he and his wife went to ATM’s in Turkey for the next three days and sent $8,000 to these fraudsters in Kuala Lumpur. Microsoft finally blocked this e-mail account on the 28th August. Do not these Microsoft guys have a ‘duty of care’ to investigate an abuse message when fraud is reported to them?

  8. Thanks for posting this. I pasted “my fam and I came down here to London,England for a short vacation” into Google and found this page. Good to hear that my accountant is not actually in trouble! I figured it must have been desperation, because I was surprised that he would email his clients! The grammar and punctuation problems tipped me off.

Leave a Reply

Your email address will not be published. Required fields are marked *