Most of us are already well familiar with the frustrations of spam: unsolicited email advertisements. In recent years, unwanted emails have evolved in an attempt to avoid increasingly advanced filters and wary consumers. The contents and goals of unsolicited emails are not always the same, however, and some emails are more dangerous than others. We’ve put together a list of red flags to help you quickly identify emails that may be harmful to your computer and your wallet.
Suspicious attachments
Attaching files to an email is a quick and easy way to share files with your contacts. The downside is that unscrupulous spammers can attach files like viruses and trojan horses in the hopes that an unwary recipient might download the file and infect their computer. Any time you see an email with an attachment that you weren’t expecting, be very cautious about downloading the attachment or even opening the email.
Links that don’t make sense
In an email supposedly from Yahoo, a link to a specific page on Yahoo’s site appears. So why does the text of the link not begin with “http://yahoo.com”? Because it’s a scam. Many scam artists attempt to gain account information or even credit card numbers by posing as respectable web companies looking for information about your account. These emails typically contain a link where you can reset your password, confirm your credit card information, or log in to access some special new feature. To spot these bad links, you need to look at the url: the address of the page that is being linked to. All urls begin with “http://” or “htpps://” and from there vary from website to website. If the url is not visible in the link, you can hover your mouse over the link and see the url in the lower left corner of your web browser.
email containing links that don't match up and suspicious sender information
Notices about accounts you don’t have
Virus spreading emails that mask themselves as emails from major websites are banking on their recipients actually having accounts with that website in the first place. If you get an email about your facebook account when you never signed up for facebook in the first place, the odds are very good that this is a phishing or virus email.
Password reset requests you didn’t send
One of the most common phishing emails currently is the fake password reset. These emails claim that you recently requested a new password, and direct you to a webpage where you can enter your “old” account name and password. You may be able to identify these emails by the link urls or because you don’t have the account that you would supposedly be resetting a password for in the first place. Even if you don’t see anything wrong with the link or the account information, never respond to a password reset email that you didn’t specifically request.
Sender addresses that don’t add up
An email from YouTube.com will be sent from an account that ends with @youtube.com. If “joey5683426$$@ytmail.com” is sending you important updates about your YouTube account, it’s a safe bet this is also a malicious email. If your email system hides sender information, you can change your settings to show full headers or usually click a link right in the email to show all of the sender information.
Money transfer requests
Typically from Nigeria, these emails claim that there is some obscene amount of money sitting in an account somewhere that the sender wants moved to the United States before something terrible happens to it. It’s not uncommon for these emails to be completely in upper case and poor English, although there are exceptions. These emails are scam attempts, trying to get your bank account information so that the sender can access your funds. No matter the pretense for the email, you should never share bank account information with anyone you don’t know. Recent versions of these emails claim to be from “a member of your church.”
Weird emails from friends
The most dangerous and difficult to spot malicious emails are the ones sent by your friends and other contacts. Usually if you receive a suspicious email from a friend or co-worker, it’s either because their system has been infected or because their account has been compromised. If you see an email from one of your contacts that contains strange characters in the subject, has attachments that you weren’t expecting, links to a file sharing site, or otherwise looks unlike the correspondence you’re used to from that person, take the time to check with them before clicking on any links or downloading any attachments. If you do find a strange email from a contact that later turns out to be a virus or online scam, it’s important to remember that your friend most likely was not the one that sent the email to you. These are almost always sent either by a virus or by someone who gained unauthorized access to your friend’s email account.
Email from the user's account containing a suspicious link and subject
Emails from yourself (that you didn’t send)
These emails can be disturbing when you find them. If you find an email from your own account sitting in your inbox that you know you didn’t send (and you have not allowed anyone else access to your account) immediately change your password and security question for your account. Next, check your “sent mail” folder to see if any other emails went out that you were unaware of. Let everyone who received one of these suspicious emails know that you did not send the emails, that they should not open them or click any links or attachments and that you suspect your account was compromised. You can also let your email provider know about your concerns. If this problem recurs, your system may be infected and need virus cleanup service performed.
As users and spam filters become more aware of these malicious emails, scammers will develop new schemes to get at your computer, bank account, and other information. The best weapon against these attacks is a healthy dose of skepticism, though even vigilant users can fall victim to scams and viruses. If you believe you may have a compromised email account or infected machine, or if you just want more information about how to prevent these problems, give our office a call at 1-800-GEEK-HELP (433-5435).