Lori Berezovsky is pictured at her desk at the Salina Public Library on Tuesday, Aug. 10, 2010. Hackers sent all of the contacts in Berezovsky’s email address book a message that she had been kidnapped for ransom. (photo by Jeff Cooper/ Salina Journal) | Buy Journal Photos


Printer-Friendly

Email A Friend



Put this e-mail in ‘hoaxes’ box


8/11/2010
By DAVID CLOUSTON Salina Journal

No, the evildoers don’t have Lori Berezovsky or her family holed up at gunpoint in a foreign land. But they did hijack her Google e-mail account.

And that was enough to worry her close friends and work colleagues — even an acquaintance from Moscow called out of concern for her welfare.

Someone using Berezovsky’s personal Gmail account sent an alarming message to her e-mail contacts Monday.

The subject line: “HELP!!!!!!!!!!!!!!!!!!!!!!!!!!!!!”

The message: “I’m sorry for this odd request because it might get to you too urgent but it’s because of the situation of things right now. I’m stuck in the United Kingdom with family right now, we came down here on vacation, we were robbed, worse of it was that our bags, cash and credit cards were stolen of us at GUN POINT.”

Berezovsky, the community outreach coordinator for the Salina Public Library — she delivers books to homebound patrons and others — hasn’t traveled recently. She was flabbergasted at the note, which continued on to report that she and other family members still had their passports but were without money to pay their hotel bill.

The note asked recipients to loan Berezovsky money, but it didn’t offer an address or instruct recipients about where to send their cash.

The note ended with Berezovsky’s name and her work title and contact information at the library. That’s probably because her Gmail account was linked to her e-mail account at work, she said.

Receiving phone calls

Berezovsky said she received about two dozen concerned phone calls from work contacts and friends. The callers were from several states, and even a friend in Moscow — Berezovsky’s husband is from the Ukraine — called to check in.

The library receptionist took several calls she didn’t bother to pass on, Berezovsky said. And someone from the Salina Police Department called to say that someone had reported the note to them.

Berezovsky said she spent the rest of the day setting up new accounts and changing passwords, making sure that any site that her Gmail account had been linked to was changed.

“I was warmed by the fact that people cared, but I did not receive any money out of it,” she quipped.

No one else at the library reported anything similar happening to them, she said.

“I don’t know what the purpose of it was, other than to take over accounts,” Berezovsky said.

Salina police investigators have worked several cases in recent months in which e-mail accounts of others were similarly hijacked, Deputy Police Chief Carson Mansfield said.

Poor password security

Victoria Katsarou, a spokeswoman for Google in Mountain View, Calif., said Tuesday that account hijacking can be accomplished through a variety of means, such as when people reuse their e-mail password on another site that becomes compromised.

Google communicates with users about security topics in its Gmail Help forum online, she said.

The culprit in many such account hijackings is poor password security, Mansfield said. Too many people give away the identity of their passwords by the reminder hints they leave, which thieves can use to guess the password, he said. Such an example would be a hint that says “hair color” for a password that’s “red,” “black” or “blonde.”

Mansfield said investigators have heard of hijacked e-mail accounts among Salina users and users statewide.

The people responsible “do it to embarrass people, to try to get money — whatever they can think of to misuse it for,” he said.

n Reporter David Clouston can be reached at 822-1403 or by e-mail at [email protected]






Email this story to a friend:

Subject:

Recipient:

Sender’s email (required):



Enter text seen above: