Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

A Weird Email From A Friend…

Another great question from a reader..

Q:Tech Paul,

I need your input on something.  I have received two emails from someone I knew very briefly last year and have not seen for several months, so it was an email out of the blue so to speak.  He addressed me by name, but the message was conveying a link I should check out about making money.  (get rich scheme), etc. I cut and pasted the weblink into my browser and checked it out.  It was some news story on some pyramid get rich scheme.  I didn’t think anything of it really and left the site and deleted the email.  I got another email last night from the same guy.  This time I replied telling him not to email me because I wasn’t interested.  Now I just got a message from him again saying:

‘Its not me. I’m sorry you’ve received these. Others have as well. Don’t know where they’re coming from ‘

What do you think Paul?  Has someone stolen his email address (is that possible to send email out to people using someone elses email address)?  Since I replied to the sender, has that put my email in jeopardy?

A: It is quite easy to “spoof” (basically, put in what ever you want) the Sender in e-mail. So, my experience tells me one of two things has happened: (with the latter being the most likely)
1) some spambot, somewhere out there in the void, is mass mailing, and using legit email addresses as the Sender.. this time your friend’s (harvested early and exchanged between scammers/spammers) address.
2) Your friend’s PC has been infected, and IS that spambot.
Do not open that email and click “Reply”.. start a new email to him, and tell him his machine is quite likely under someone else’s spell. Direct him to Trend Micro’s online virus scanner, “Housecall”, http://housecall.trendmicro.com/ and tell him to run a full scan. If it finds anything.. he probably should contract a pro for a more complete malware removal ‘cleaning’.

As for your email.. it is (most likely) not “at risk” (say, of hijacking) but, yes.. some scammer/spammer probably now has you on their list of “valid” (active+real person) emails. Which usually simply means you will be included in their mailing runs (aka — you’ll get more spam).

BTW… whenever you suspect the possibly of something .. um, “shady” occurring (or, perhaps, your antivirus says it detected and prevented something serious [and not just a tracking cookie]) it is, well, “smart policy” to change your login passwords.

These badguys are reaping such large harvests, they don’t always use your stolen info right away (should they gain it). So my further reco to you is to change your email’s login password, and advise your friend to (if he is infected, and I suspect he is: use another computer to, or .. after he gets his cleaned by a pro) change ALL of his online passwords. Starting with his bank…

Related: A quick word on passwords:
Strong passwords should be “complex”. That means that they should contain both upper and lower-case letters, special characters (!@#$%^&*(){}[]) and numbers, and be at least eight characters long, and – most definitely – not be a word found in the dictionary (or a name). Your passwords (notice the plural. It is not wise to use the same password for everything.) will be easier to remember if you make them into a ‘passphrase’. An equestrian might use a passphrase of 1Lu^h0rsez, for example.

123456 is not a good password.

Copyright 2007-2011 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


January 21, 2011 - Posted by | computers, cyber crime, e-mail, Internet, security | , , , ,

4 Comments »

  1. Paul,
    Great stuff; couldn’t have said it better. Keep up the good fight.
    Best,
    Paul

    Like

    Comment by Paul Lubic, Jr. | January 21, 2011 | Reply

    • Paul Lubic, Jr.,
      Thank you, Paul.

      You also are doing a super job of raising “public consciousness” on your Paul’s Home Computing Blog.. fighting the good fight. I hope my readers will visit you often (hint hint).

      Like

      Comment by techpaul | January 21, 2011 | Reply

  2. TechPaul,

    Another great job at providing a “real life” example and what steps to take to prevent problems. I have gotten into the habit when I send emails to use the “BCC” (blind carbon copy) field to place the addresses. Helps mask the addresses from spambots.

    Rick

    Like

    Comment by Ramblinrick | January 22, 2011 | Reply


Post your Comment/Question

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: