Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

Amazingly Dangerous Email: Must See To Believe

Amazon.com (Evil) Deal of the Day

Folks, I just received an amazing (and dangerous) e-mail that my phishing filter/spam catcher did not catch – claiming to come from Amazon.com as one of my “notification subscriptions” –> Amazon’s Deal of the Day. It looks identical to my real notifications but…

amazon spoof

every single link is dangerous, and they’re pushing ED drugs! These hyperlinks really take you to websites titled “http:\\######.fishenough.ru”. Seriously! (.ru = Russia)

Do I need tell you what will happen should you click a single link? Nothing good, I assure you!!!
Here’s more..

amazon spoof2

What are those red warning signals? They are automatically inserted by a tool I have installed on my machine, see, Why You Want WOT.

I kind of admire the craftsmanship that went into this.. this.. criminal attack. It fooled me for a while. But, sheeze: anyone else wonder how come these guys are still getting away with this? And maybe.. a bit fed up with it?

Are you listening, cyber czar?

Copyright 2007-2010 © Tech Paul. All Rights Reserved. jaanix post to jaanix.

>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<

Share this post :

April 25, 2010 Posted by | cyber crime, hackers, Internet, Internet scam | , , , , , , , , , , , , , , , , | 5 Comments

Virus In My E-mail?

“A friend told me my e-mail had infected their computer.”

It is never any fun to take the blame for something you didn’t do. But that’s what happened to a recent client of mine. The call started out easy enough. When I asked “how can I help you today?”, they told me they wanted me to “remove the virus from (their) computer.”

I asked a few more questions; such as, were they running an antivirus, and what was causing them to think they were infected? (You might think it unlikely that there are people — in this day and age — who are not running an antivirus program.. but, sadly, there still are. If that be you, or you have let the “subscription” expire, please, click here!)

The client informed me that not only did they have an up-to-date antivirus but the scan was coming up clean, and that they had used the online scanner, Housecall, and it had come up clean as well.
Hmmm…
Bizarre behavior? Machine slow? Missing files? Garbled files? Odd Error messages? None.
Hmmm…

So what made this person think their machine had a virus?
Their reply, “A friend told me my e-mail had infected their computer.”

My client was very relieved to learn that not only was their machine free from viruses [Yes, I did some further checking] but that they had not even sent the infected e-mail in the first place!

What had happened was that their e-mail address had been “spoofed“. The infected e-mail in the friend’s Inbox only looked like it came from my caller, but had actually come from somewhere else.
Address spoofing is a hacker’s method of changing the code in the header of the e-mail so that it displays a (legitimate) e-mail address, but one different from the actual sender… very much as if you wrote a make-believe return address on an envelope you mailed.

Spammers and Phishers use this technique to hide the real origin (to make it seem as if the e-mail really did come from BofA, for example), and some types of malware use it to propagate and spread themselves. It was this latter use of spoofing which triggered my client’s call.
Someone (a friend or relative, most likely) – who had my client’s e-mail address in their address book — has been infected with a worm. This worm scanned the infected computer for anything resembling an e-mail address, collected them, and then mailed itself to those addresses. The recipient, thinking the poisoned e-mail came from a trusted Sender, opened the e-mail (and probably clicked on the attachment, or link). In short, my client was not infected, but someone they know is.
If you find yourself in a situation like my client, or if you get “Delivery Failure” notices for e-mails you did not send, your address may be being spoofed.

Tip of the day: Sadly, there is not a lot you can do to stop ’spoofed’ e-mails from appearing in your Inbox, but you can take preventative steps to keep from being victimized by them. (And, tell all your friends and relations they should check their antivirus…)
First of all, simply understand that what appears in the Sender box may not be the true point of origin, and exercise the appropriate caution. I have mentioned before, and repeat here, that you should not click on links you receive in e-mail. and spoofing is why. Instead, Copy the URL (the link) and Paste it into address bar of your web browser.
And if you are not expecting Uncle Joe to send you an e-mail with an attachment, ask him if he did, in fact, send you such an e-mail before you open it. And do the same for institutions, like BofA or Pay Pal: if you suspect an email reporting to come from your bank, call them and ask about it.
And, of course, have a up-to-date antivirus installed and have it set to scan your e-mail. Do not rely only on the antivirus which your ISP or e-mail service provides. Again, I refer you to the link to my prior article (I mentioned above) if you need some help or advice in this area, or need to download a free antivirus program.

Today’s free link: If you are in the market for a car, selling a car, or simply need to know the value of your vehicle, the Kelley Blue Book is the definitive place to look and is the industry standard. KBB online will give you real prices/values for new and used vehicles, offers advice for buying and selling, and has a Perfect Car Finder search engine.

Copyright 2007-9 © Tech Paul. All rights reserved.jaanix post to jaanix

Share this post :

December 9, 2009 Posted by | antivirus, computers, e-mail | , , , , , , , , , , | 4 Comments