Last Wednesday started off like any other day. I stopped by a colleague’s desk to catch up on her recent vacation. I got back to my desk 10 minutes later and saw I had 297 unopened Gmail messages. I immediately knew something was off; even on my best day I am not that popular. I had a slew of emails with similar subjects like “Thank you for subscribing” or “Thank you for your inquiry”. Some messages were English, some Spanish, some were what I think to be Arabic.” WTF?!?!” went through my head a million times. I immediately logged into Gmail on my computer, and deleted what now rose to about 500 emails. But they would NOT stop. Emails were coming in by the second. I added a million filters which caught thousands, but it was relentless. And I was at wit’s end. I sighed audibly a good 3 times when my cube neighbor popped up and asked, “Ok, Missy, that was the 3 sigh. What is going on?” I told him I was getting spammed like crazy, so he came over to look at my email. We saw about 500 in my spam box (and growing) and about 60 in my inbox (and growing) and he exclaimed, “Holy shit, you’ve been hosed!” Thanks, Pal.
I tried googling what was going on. My first assumption was my email was hacked and I would need to delete the account, which was heart wrenching and not really an option I wanted to consider. I have probably a decade’s worth of emails and information that I did not want to part with. After not finding much help on Google, I tried finding Gmail support (which basically does not exist, or if it does, Google has it so purposefully and cleverly hidden).
I did find a Gmail help forum. I posted a question not really expecting a response as I had no idea if it was monitored or even frequented. Much to my surprise though, I did promptly have a few response. Here is a snippet of that conversation:
Silly naïve me was truly fixating on the wrong issues which is the point of being spam bombed. I kept asking questions about switching emails, exporting/importing while icantchooseone insistently told me to check my finances.
So after about 3 comments from him/her, I got spooked enough to start calling my banks and credit card companies. Everything was good on the bank fronts, same as the first credit card company I called. When I called my second (and only other) credit card company, the agent was checking recent transactions. He told me there was a charge made the day before for $2.99 to an online apple store. He asked if I had an iphone apple account, and I said I did. However, that is not the amount of my typical monthly charge. He said there was another charge made that day to the same store for the amount of $3000.00. I assured him that was not mine, and so he flagged it as fraudulent and declined it.
He also told me there was a $33 apparel charge over the weekend that was declined as it was suspected of being fraudulent. Really, credit card company? This is me… an avid shopper who drops money on clothes ALL THE TIME all around the country and the world. $33 is suspicious but a $3000 apple charge is not?! At any rate, I actually found that amusing (and truth be told, my credit card company is typically on point with catching fraud so I am very grateful).
The agent also immediately cancelled my current credit card and was issuing another one to be mailed to me. So who knew? Icantchooseone was onto something, much to my dismay.
About two minutes after I got that squared away with the credit card company, I received a phone call from apple about a recent charge that was declined. I let him know that was fraudulent. It is good to know (not being snarky) that even though a fraudulent charge got through initially on their site, they have checks and balances for when that charge goes astray.
Side note: It was unsettling to say the least that on July 4th when the first little fraudulent tester went through (I am sure it was an attempt to keep the amount small and undetectable to see if they found a winner card to rip off), I was chillin at the pool without a care in the world while someone or someones were probably sitting in a dark basement somewhere, anywhere really (and I don’t know why I assume it’s a basement. Maybe I have watched too much “24” in my day) laughing up a storm at what a sucker I was and all the new fancy electronics they were going to buy. If someone is smart enough to decode or crack a code or whatever it is they do to get people’s personal information, why are they wasting their talents on such evil? But I digress…
I of course immediately messaged icantchooseone back to let him/her know of the charge (as I think this person was legitimately concerned. He/she had told me the first day when he/she was logging off to go to sleep, guessing lives in a different country and checked back in the next day). He/she also told me that as I suspected after putting two and two together, that the email spam bomb is intended to distract from the credit card charges. To put in perspective, I am certain I received about 200,000 spam emails during the course of 6 hours; that is NOT an exaggeration. I cannot explain the feeling of seeing emails pouring in. It is like not being able to stop bleeding no matter how many Band-Aids you put on.
At any rate, I have since put every possible alert on my bank accounts and am re-evaluating when and how I use credit cards. I will never know how or where or when the hackers got my email and credit card information, which also is endlessly infuriating. It is a weird feeling that somewhere my information was exposed. Also, the sad reality too is that I am sure that after these delinquents got rejected by my card, they moved onto the next innocent. So I write this post as another reminder that credit card fraud and even identify theft are very real, very prevalent threats. Knock on wood, I am lucky that the extent of my hacking experience ended with a few charges as there are cases far more severe. So everyone when it comes to your money, finances and identity, be safe, be smart!