Most of us are already well familiar with the frustrations of spam: unsolicited email advertisements. In recent years, unwanted emails have evolved in an attempt to avoid increasingly advanced filters and wary consumers. The contents and goals of unsolicited emails are not always the same, however, and some emails are more dangerous than others. We’ve put together a list of red flags to help you quickly identify emails that may be harmful to your computer and your wallet.
Suspicious attachments
Attaching files to an email is a quick and easy way to share files with your contacts. The downside is that unscrupulous spammers can attach files like viruses and trojan horses in the hopes that an unwary recipient might download the file and infect their computer. Any time you see an email with an attachment that you weren’t expecting, be very cautious about downloading the attachment or even opening the email.
Links that don’t make sense
In an email supposedly from Yahoo, a link to a specific page on Yahoo’s site appears. So why does the text of the link not begin with “http://yahoo.com”? Because it’s a scam. Many scam artists attempt to gain account information or even credit card numbers by posing as respectable web companies looking for information about your account. These emails typically contain a link where you can reset your password, confirm your credit card information, or log in to access some special new feature. To spot these bad links, you need to look at the url: the address of the page that is being linked to. All urls begin with “http://” or “htpps://” and from there vary from website to website. If the url is not visible in the link, you can hover your mouse over the link and see the url in the lower left corner of your web browser.
email containing links that don't match up and suspicious sender information
Notices about accounts you don’t have
Virus spreading emails that mask themselves as emails from major websites are banking on their recipients actually having accounts with that website in the first place. If you get an email about your facebook account when you never signed up for facebook in the first place, the odds are very good that this is a phishing or virus email.
Password reset requests you didn’t send
One of the most common phishing emails currently is the fake password reset. These emails claim that you recently requested a new password, and direct you to a webpage where you can enter your “old” account name and password. You may be able to identify these emails by the link urls or because you don’t have the account that you would supposedly be resetting a password for in the first place. Even if you don’t see anything wrong with the link or the account information, never respond to a password reset email that you didn’t specifically request.
Sender addresses that don’t add up
An email from YouTube.com will be sent from an account that ends with @youtube.com. If “joey5683426$$@ytmail.com” is sending you important updates about your YouTube account, it’s a safe bet this is also a malicious email. If your email system hides sender information, you can change your settings to show full headers or usually click a link right in the email to show all of the sender information.
Money transfer requests
Typically from Nigeria, these emails claim that there is some obscene amount of money sitting in an account somewhere that the sender wants moved to the United States before something terrible happens to it. It’s not uncommon for these emails to be completely in upper case and poor English, although there are exceptions. These emails are scam attempts, trying to get your bank account information so that the sender can access your funds. No matter the pretense for the email, you should never share bank account information with anyone you don’t know. Recent versions of these emails claim to be from “a member of your church.”
Weird emails from friends
The most dangerous and difficult to spot malicious emails are the ones sent by your friends and other contacts. Usually if you receive a suspicious email from a friend or co-worker, it’s either because their system has been infected or because their account has been compromised. If you see an email from one of your contacts that contains strange characters in the subject, has attachments that you weren’t expecting, links to a file sharing site, or otherwise looks unlike the correspondence you’re used to from that person, take the time to check with them before clicking on any links or downloading any attachments. If you do find a strange email from a contact that later turns out to be a virus or online scam, it’s important to remember that your friend most likely was not the one that sent the email to you. These are almost always sent either by a virus or by someone who gained unauthorized access to your friend’s email account.
Email from the user's account containing a suspicious link and subject
Emails from yourself (that you didn’t send)
These emails can be disturbing when you find them. If you find an email from your own account sitting in your inbox that you know you didn’t send (and you have not allowed anyone else access to your account) immediately change your password and security question for your account. Next, check your “sent mail” folder to see if any other emails went out that you were unaware of. Let everyone who received one of these suspicious emails know that you did not send the emails, that they should not open them or click any links or attachments and that you suspect your account was compromised. You can also let your email provider know about your concerns. If this problem recurs, your system may be infected and need virus cleanup service performed.
As users and spam filters become more aware of these malicious emails, scammers will develop new schemes to get at your computer, bank account, and other information. The best weapon against these attacks is a healthy dose of skepticism, though even vigilant users can fall victim to scams and viruses. If you believe you may have a compromised email account or infected machine, or if you just want more information about how to prevent these problems, give our office a call at 1-800-GEEK-HELP (433-5435).
A new variant of the ?email virus known as “Bredolab” has been identified and is spreading at breakneck speed through the Facebook user base. It appears as an email with the title “Password Reset Confirmation Email” and has an attachment that supposedly contains the recipient’s new Facebook password. The attached file is in reality a Trojan Horse😕 a small program that exists solely to download other programs onto your computer. The program hides its download activity by going through other programs that access the internet legitimately, so your anti-virus may not be able to notice when new files are being downloaded by this virus.
Cleaning up after viruses can be a time-consuming ordeal and even with professional assistance viruses can sometimes re-infect your computer from hidden files, so prevention should always be your first priority. Bredolab is a simple virus to avoid, just don’t open the attachment. Facebook would not send you a password reset confirmation email unless you asked to have your password reset in the first place, and such an email would never contain an attachment anyway.
You should already be protecting your computer with anti-virus and anti-spyware programs, along with a firewall to protect your network from other intruders. These protections are excellent ways to reduce the chances that your computer will be infected, but it’s important that everyone who uses your network also learn safe browsing practices as well. The most important rule of safe browsing: never open an email attachment unless you know exactly what it contains. Other important guidelines include avoiding sites that commonly host malware, closing all pop-up ads with the red “x” in the upper right corner, and never downloading any program from vendors you don’t know.
If you think you might be infected, or if you’d like more information about safe browsing habits and security software, don’t hesitate to give us a call.
Within the private confines of their home, away from the prying eyes of co-workers lurking nearby, the average user of a home PC figures they can surf? the internet without worrying about intruders. Spyware and Viruses are all that concern them, the installation of malware protection enough to ward off any stress about their computer’s vulnerability.
Yet, no matter how much we caution users against leaving their computers unprotected from malware, those pests are not the only threat to which your attention should be turned.? Many home networks remain susceptible to the ill intentions of unwanted visitors.
Piggybacking ranks as one of the most common offenses, the term referring to the unauthorized use of bandwidth by an outside party.? With a wireless connection, piggybackers access an unsecured network, using it as if it were their own. While piggybacking is a relatively mild transgression, usually committed by a struggling college undergrad who can’t afford internet service, it can impact the availability of bandwidth on your network — resulting in a slow response time when using the internet.
The more serious violations of network security occur when an intruder invades your network for the express purpose of retrieving private information.? Housed on your network are files of all sorts, personal data that you wish to secure against snoops and thieves. Without ample safeguards in place, unauthorized users can ferret sensitive information from your network and use it for their own design.
Many people unwittingly leave their networks open, unaware that they’re leaving themselves subject to the unwelcome motives of the internet’s less scrupulous population. Protecting yourself against these incursions is paramount, and one of the most effective ways to do so is the establishment of a? firewall.
Firewalls do exactly what the term suggests, erecting a wall of protection that shields your network from outsiders, blocking entry to those who haven’t been granted authorization. They can be implemented through software or hardware, to varying degrees, depending on just how secure you want to be.
For those looking to set up a firewall on their network, here are a couple free solutions that I like:
Creating a firewall can be an involving process. If not properly configured, your firewall will leave you no more protected than you were? before its installation.? Should you have any questions on how to build one, feel free to give our office a call. We are here to help you.
Computer Geeks is always staying on top of the latest malware to emerge from underbelly of the internet. In addition to providing the best onsite technical assistance in this industry, we pride ourselves on alerting you to the latest pests to watch out for.
Most recently, hapless internet users have fallen prey to the URLZone Trojan, a decidedly nasty bug that rewrites their online bank statements to conceal fraud.
This bug is tucked away on websites ? many of them legitimate ? with the Luckyspoilt toolkit. Unbeknownst to visitors of these websites, bogus .PDF files or Javascripts traffic the URLZone Trojan onto their computers.
Once planted on the victim’s system, the bug begins to record keystrokes that are performed whenever they’re logged into their online bank account, pairing that with screenshots it takes of the user?s activity while they navigate the account. ?This information is then fed to the source of the bug, a command and control center located ?in the Ukraine.
With your information in their possession,? the perpetrators of this fraud transfer money from the user?s account. After the theft, the Trojan forges a bank statement to deceive the user into believing their account is not compromised, always ensuring that their online bank statement reflects a positive balance.
A more in-depth overview of this threat and its implications can be found here.
Computer Geeks always advises its clients to exercise vigilance when browsing the internet. If you think your computer has been compromised by malware, call our offices immediately.
