Scammed in Nigeria
I always thought of myself as a seasoned traveler and quite capable of avoiding any major incidents and disasters when on the road. That is, until recently, when I was trying to get on a plane from Lagos, Nigeria to Rwanda!
In the space of 90 minutes I potentially had my two corporate cards, my own personal card and my phone compromised. I could see all of the risks unfolding in front me and even having a good understanding of cyber security and how vulnerable we all are, I still fell into a big trap.
I was so desperate to get an airline ticket, I disregarded all common sense and good cyber practices.
Our African leg of the trip took us to Nigeria, Rwanda and South Africa. Prior to the trip we got the appropriate visas for Nigeria and Rwanda. However, due to the timing of the trip, my Rwandan visa expired the day before I was due to travel there. My travel companions, being from the US and UK had no issues as they could buy a visa on arrival. Being an Irish citizen, I could not.
Never one to be deterred from a challenge, I thought that I could use my charm, my years of sales experience and talk my way onto the plane. My optimism was soon dashed as the chap on the desk referred to a very large manual which listed all the countries that could buy visas on arrival in Rwanda. Ireland was not on the list and he was not going to allow me onto that flight.
So, I waved goodbye to my colleagues and agreed to meet them in Johannesburg a few days later. There was a flight nine hours later, all I needed to do was buy a ticket - that should be easy I thought.
As I was standing trying to find the right airline desk, a knight in shining armor appeared behind me, like he was dispatched by my guardian angel. As it turned out, he wasn’t so much of a knight in shining armor!
As the flight was over 9 hours until departure, the airline desk was not open. But my new-found friend took me to a kiosk at the end of the terminal where I could buy a ticket. The girl behind the desk confirmed the flight and there were seats available.
Excellent news I thought as I handed over my card to her. For some reason, the card was declined on her machine so she tried her other card reader. It also was declined. She tried it several times on each machine but to no avail.
I then gave her my other corporate credit card and got the same result, declined.
I phoned both banks and they confirmed that there was ample credit on the cards and no transactions had come through on their side. As you can imagine, I was starting to get worried at this point. I tried to use my phone to book the ticket but the 3G connectivity in Nigeria is very poor.
At this point my new-found friend is still by my side and trying to help me and he has another fantastic idea...let’s get some cash and he can get me connected to his Wifi hot spot in the airport.
As I was starting to get desperate, I went along with his idea and went to the ATM. I tried both of my corporate cards and they were declined. Nigeria is notorious for credit card fraud but feeling really under pressure to get a flight, I used my personal card and got enough cash to pay him for a password for his Wifi.
Unfortunately, his Wifi hotspot was not working and he somehow disappeared, nowhere to be found. As I looked around at the others in the hotspot I realized that I may have been the victim of a scam. Were these other people logged into my phone? It only takes two minutes to access a mobile device, if you have the skills. I quickly disabled the Wi-Fi on my phone.
For a brief moment, I felt like the Tom Hanks character Viktor Navorski in the movie Terminal - Was I going to be in this airport for a very very long time?
Never one to admit defeat or perhaps in sheer desperation, I went to try and find somewhere to get a better signal on my phone. I eventually did and phoned our HQ in Chicago where one of my colleagues booked the flight for me.
To date, one of my cards has been compromised. I am not sure if that is a result of my experience at the airport or from somewhere else.
Some very good lessons learned and a lot of schoolboy errors that were made in a state of panic by this pro!
Always be CyberAware...
John McGlinchey is the Executive Vice President of Global Certification for CompTIA