[SeniorTech] SeniorTech Tip - Beware of Spoofing & Phishing

• From: "Jerry Taylor" <jerry@xxxxxxxxxxxxx>
• To: <jerry@xxxxxxxxxxxxx>
• Date: Fri, 20 Aug 2010 20:33:41 -0400

  

Spoofing & Phishing
A New Email Danger... Am I safe?


Q: Ok. I finally understand what spam is and I just delete e-mail messages
from people I don't know or with subject lines that I don't want. But now I
hear about people getting messages from me that I didn't send. Also, I see
messages from big companies (like eBay and my bank). What's that all about? 

A: Unfortunately, the bad guys have found some new ways to infect our
e-mail. As you mentioned, spam is unwanted e-mail that (usually) marketers
send out by the thousands hoping to get a few people to respond and click on
the links they provide.Often a message will tell you that you can be removed
from the list or unsubscribed, by responding back to a special e-mail
address. Don't do this. This is a technique of these people to determine if
your e-mail address is active - then they can sell it to other spammers as a
"live one." You'll start getting even more junk email! Just delete any
messages that you don't like the subject of (Mortgages, Viagra, Make $ at
home, porn, etc) without even opening them up. The same with messages from
people or companies you don't know or are not interested in.

But that brings us to the current problems as you mentioned.

A term called "Phishing" is used to refer to e-mail messages that you
receive that seem to come from a legitimate company that you may have an
account with - AOL, Bank of America, eBAY, Microsoft, PayPal, American
Express, other banks and so on. If you have accounts or do business with
such companies, you obviously want to read their correspondence - and that
is what the Phishers are counting on. The typical scenario is that the
message from, say AOL, will tell you there is some trouble with your
account. Maybe it warns you that someone may have broken into your account
so you need to confirm some information. Usually the message directs you to
click on a link and go to a web page to "update" or "confirm" your
information. The page looks just like an AOL (or eBAY or PayPal or.) page.

The Phisher hopes that you will be fooled into providing the information
asked for on that page. Then they can use that information to really access
your account and do damage. You wouldn't "confirm" important information to
someone who calls you on the phone so don't be fooled just because you are
on-line.

Here's what you need to remember. Legitimate companies such as the ones
mentioned above will NEVER send you an e-mail and ask you to confirm your
password, credit card number, social security number, account number or any
other information. 

If you get such a message, delete it because it is NOT from the real
company. You may want to save some of the messages to a separate folder and
alert the Attorney General's office as Phishing is a serious crime. Also,
Microsoft and the others will NEVER send you a message with an attachment
that they want you to open or a program to run. If you get something like
that, delete it without opening it.

 

Spoofing...

But what about when you get a message that appears to be from a friend or a
friend gets something from your address? This is a new problem area called
"Spoofing." Certain viruses will grab every e-mail address they can find on
your system (like from your address book). Spoofing is when the virus grabs
one of the addresses from you for the "From" field and another for the "To"
filed. So it looks like the message (usually with a virus or some other
problem attached) came from someone in your address book - and hence you are
likely to trust it.

Spoofing is a tricky situation to deal with because the message comes from
someone familiar, maybe even yourself! The best defense is prevention. Keep
your anti-virus definitions up to date so that you will not be infected by
these spoofing or other viruses. You may also want to devise a strategy with
your most common e-mail buddies. If you are the type who likes to send
messages with attachments to your friends and vice versa, come up with a
little code so that you all know the message is really from you and OK to
open. For example, you could tell your e-mail buddies that if you send them
an attachment (pictures or whatever) you will include a certain word in the
subject line or the body of the message. So if they get a message supposedly
from you with an attachment and it does not have the secret word, they
should delete it. Decide on a word or phrase that won't come up naturally in
spam messages.

E-mail is still a fantastic tool but unfortunately we have to be more and
more careful in how we use it. Have fun but be smart and safe. 
 

 

 

Jerry Taylor
SeniorTech
http://www.seniortech.us <http://www.seniortech.us/> 
Personalized In-Home Computer Lessons
     for Senior Citizens and Retirees
585-964-3319
"Computers are not just for kids"
 
 

• Follow-Ups:
  • [SeniorTech] Re: SeniorTech Tip - Beware of Spoofing & Phishing
    • From: Mom Morin

Other related posts:

• » [SeniorTech] SeniorTech Tip - Beware of Spoofing & Phishing - Jerry Taylor
• » [SeniorTech] Re: SeniorTech Tip - Beware of Spoofing & Phishing- Mom Morin

1. Home
2. seniortech
3. Archive
4. 08-2010

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---