A Click Away From Malware

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019

When an innocent looking email is a scam

You receive an email that looks like it came from FedEx. It is attempting to no­tify you that your package was shipped to the wrong address. The subject line reads something like "FedEx tracking" or "FedEx item number." All you need to do to reroute the package is open an attached file (purportedly a shipping form) so you can print it out. This email, however, was not from FedEx, and the attached file was actually malware. It was one of many, sent to entice users into opening the malware laced file that would compromise their computers.

The FedEx scam serves as a real life example of common large scale at­tacks whereby data thieves and mal­ware script writers "go phishing" or use other ploys to trick users into opening a file attachment or clicking a Web link in an email in order to deliver their mal­ware. For the data thief who wants to steal information such as credit card numbers and other personal info, email scams represent an easy way to gain access to PCs and even networks with a low barrier of entry.

All you need to do to reroute the package is open an attached file (purportedly a shipping form) so you can print it out.

All you need to do to reroute the package is open an attached file (purportedly a shipping form) so you can print it out.

Most users know by now to prompt­ly identify messages as spam (click a Spam button, move the message to a spam folder, or take a similar action) when they are obvious scams, such as solicitations to claim money from a Nigerian bank or offers to run free diagnostics tests on their computer. However, attackers are getting craftier and are using more subtle ploys to trick users. Here are some ways to de­termine the difference between ordi­nary email and a con job, especially when attackers do their dirty business in not-so-obvious ways.

Enter your credit card number here

Another scam, similar to the FedEx scam, informed recipients via email that fees must be paid in order to receive a parcel. All the user had to do was enter a credit card number to pay a small fee in order to resolve the matter.

All the user had to do was enter a credit card number to pay a small fee in order to resolve the matter.

All the user had to do was enter a credit card number to pay a small fee in order to resolve the matter.

"With the likes of logistics compa­nies, the message will ask for a parcel number and will then generally state that customs duties or excess postage is required," says Clive Longbottom, an analyst for Quocirca ( "It then asks for credit card de­tails or some such thing."

One rule to take away is to never pay for something on a website that is accessed through a link in an un­solicited email, at least not without checking first. "Either phone the company from a number obtained from their website, not the email or if you know that this sort of payment can be done through their website, go there on your own steam by typing the address into your browser and looking for your consignment details there," Longbottom says.

Don’t trust that sender address

After hijacking an email account, at­tackers will often use the victim's email address to spam contacts and solicit them to click a link or download a file. The scam is crafty since users under­standably think they are receiving an email from someone they know or a co-worker who has a company account.

When this happens, a lack of per­sonalization in the body of the email should raise flags. If the email text be­gins with "Hi" from a friend or "Dear colleague" from a work address, then it is very likely fake. There are other signs to look for that indicate the mes­sage was sent from a compromised email account. "If the email looks as if it is personalized but does not have your name in the 'To' field, then it is bogus. If there are no contact details (a proper name along with a matching email and a telephone number), it is possibly bogus," Longbottom says. "If there is a telephone number provided, dial it; don't say who you are or why you are calling if someone answers, but ask them who they are and who they are representing. If they stumble over responses or cannot answer, the email was bogus."

Many users continue to fall for the "your IT department has identified a problem with your machine" mes­sage, especially when the sender ap­pears to be from within the company, Longbottom says. "These email mes­sages are always scams of some sort. You often download a virus and then have to phone the company concerned and pay to get it removed."

English usage alerts

Unfortunately, the use of poor gram­mar is becoming more prevalent and accepted in business communications. However, there is a big difference be­tween poorly drafted messages and one written in broken English, which often serves as a flag for an illegitimate message, says Joe Malec, a fellow at the ISSA (Information Systems Security Association;

"Messages that contain spelling er­rors, missing words, and logical gaps in reasoning should be treated suspi­ciously," Malec says.

Messages that are designed to look as though they come from a U.S. source, for example, but use British spellings (such as "center" instead of "center," or "defense" instead of "defense") or vice versa should be viewed as suspect. "Check for the obvious: If the email purports to come from the UK, but has words [with spellings] like 'specialize,' 'color,' and so on, then it's [probably] bogus," Longbottom says.

Report spam, don’t unsubscribe

Annoying messages that somehow make their way past the spam filter often claim to offer the recipient the option to unsubscribe from the list by clicking a link. But as tempting as it might be to follow the instructions instead of copying the message to the spam folder, users should take heed.

"Links, such as the 'Unsubscribe' link, are a popular way for spammers to validate your email address as well as deliver malware to your system," says Malec.

Gmail has one of the best spam-blocking features of any mail provider.

Gmail has one of the best spam-blocking features of any mail provider.

Check them out

Whenever a user has any inkling of a doubt about an email's origin, tests exist that can quickly and ac­curately make sure the sender's address is legitimate. This can be done by checking the sender's .com domain. For a link embedded in an email, verification systems such as can verify the au­thenticity of a website, says Brad Kowal, a director of data centers for Shands HealthCare in Florida.

"The basics for how you verify if a FedEx message or other email is legitimate are the same," Kowal says.

Greed is not good

It is common sense for most to ignore certain types of messages, but many users still need to be re­minded not to click links or file at­tachments in email messages that claim to offer the lucky recipient the chance to win a prize or other too good to be true offers.

Top 10
Free Mobile And Desktop Apps For Accessing Restricted Websites
TOYOTA CAMRY 2; 2.5 : Camry now more comely
KIA SORENTO 2.2CRDi : Fuel-sipping slugger
How To Setup, Password Protect & Encrypt Wireless Internet Connection
Emulate And Run iPad Apps On Windows, Mac OS X & Linux With iPadian
Backup & Restore Game Progress From Any Game With SaveGameProgress
Generate A Facebook Timeline Cover Using A Free App
New App for Women ‘Remix’ Offers Fashion Advice & Style Tips
SG50 Ferrari F12berlinetta : Prancing Horse for Lion City's 50th
- Messages forwarded by Outlook rule go nowhere
- Create and Deploy Windows 7 Image
- How do I check to see if my exchange 2003 is an open relay? (not using a open relay tester tool online, but on the console)
- Creating and using an unencrypted cookie in ASP.NET
- Directories
- Poor Performance on Sharepoint 2010 Server
- SBS 2008 ~ The e-mail alias already exists...
- Public to Private IP - DNS Changes
- Send Email from Winform application
- How to create a .mdb file from ms sql server database.......
programming4us programming4us