I belong to the South Bay Macintosh Users Group and one of our many benefits is an e-mail list for the members with all kinds of information from tips, links, fixes--and rarely a warning. Today, one of our officers and our former president, who is a well-known local computer consultant, posted a warning that I think AOL users will want to make note of. (Since then, another post has come in from someone on Yahoo who had the same experience today as people are experiencing on AOL.)
"I have received some disturbing emails from people I know with AOL email addresses. The email says that my friend is writing this with tears in their eyes. Was on a short vacation overseas, and was robbed of everything except passport. Injured during the robbery, but only slightly. Now stuck overseas, and could I please loan then enough for a plane ticket home & to quickly settle some bills?
The main problem is that my none of my friends sent those messages. They are not stuck overseas. they are mortified that some crook is trying to scam their friends & business contacts into sending money via Western Union. However the email was (usually) sent via their AOL account, probably via webmail. It is my opinion that AOL may have suffered a security breach and account logins have fallen into enemy hands. The bad guys are using these logins to try & extort money. Some are found word for word as reported by the London UK Embassy
AOL users - CHANGE YOUR PASSWORD. The bad guys may already have your old password!
Recently the bad guys have kicked it up a notch and in addition to spamming everyone in your address book, they are also erasing your AOL address book, so you are at a double disadvantage. The most recent case I saw today (7-20-2010) was additionally confused by the spammers creating an account at Yahoo.com with the same screen name as the victim has on AOL. The extortion emails were sent from the new Yahoo account, to everybody in the victim's AOL address book. So the victim will not even know who replied to try & send money to the scammers. What a mess!
So AOL users - CHANGE YOUR PASSWORD. The bad guys may already have your old password!
Unfortunately AOL does not make this a painless process. If you don't know the answer to your security question (required to change your AOL password) you can bypass that question by using the old 2005 version of AOL, which does not ask security question. So at least you can get that done.
Please tell other AOL users to change their passwords immediately."