Everyone gets junk mail, stuff from spammers who hope you’ll click on one of the links in the body of the email. As you know, clicking links in mail from someone you don’t know (or even from someone you do know!) can be dangerous. Today we got an email from wikimedia.org for a certain kind of product that shall remain nameless. Wikimedia? Sending out spam? Nope. Let’s see who it was really from.
1. Hovering over the email in our junk folder brought up this supposed ‘source’:
Hovering on the email in the folder shows this.
2. Here is what the email looks like when you right click it in your inbox and choose ‘view message source’.
Gobbeldy gook, right? Nope. There is some vital information here.
3. Lots of numbers and letters but there’s one set of numbers that lead to the source of the email, in spite of what the address is on the email itself. This is who the supposed source of the email is:
This isn’t who sent the email.
4. This is the IP address of the real sender:
This is the real origin of the email.
5. Here is that IP address copied and pasted into the search line at Who.is :
Who.is can track down an IP address or a domain.
6. The search came up with this information for the REAL sender:
At last, the real origin of the email. Taiwan! Who knew? Who.is did.
7. By the way, here is the real IP address of Wikimedia.org:
Search for an IP source or search for the IP address of a domain.
This might seem like an exercise in futility but these few steps will help you track down the source of many things, not just spam email. Knowing how to check an IP address is important, at least we think it is, plus discovering that Wikipedia isn’t sending out spam is reassuring, isn’t it?
Once you know the tricks, you can feel safer and more confident online. These tricks can be used to track down spam but they can also sort out suspicious emails from strangers who pretend to be from another country. Is your email buddy really from England or Canada or are they actually in China or Africa? Now you’ll know exactly where they’re from.
That’s it for today, thanks for reading! Comments and questions are welcome but Likes on our Facebook page get immediate attention. Here’s the link: Computers Made Simple on Facebook .
If you’re smart, you won’t get cheated by the many criminals out there.
We’ve noticed so many new kinds of scams lately that we thought we’d update you with some tips on how to spot one. Off we go:
1. If it sounds too good to be true, it most definitely is. Just as you know you didn’t already win the Publisher’s Clearing House millions, you didn’t win the Yahoo/Microsoft email contest either. Oh, and about that money held in escrow in England after that guy died? Nope, not going to happen.
2. Most banks, if not every bank or financial institution will never email you about a sketchy transaction or suspicious activity. They’ll either call you on the phone or simply suspend your access until you both can sort it out.
3. Anyone you do business with already knows your name and account information. If someone calls you and asks you to verify anything with them, tell them no, then call the bank/company/whoever yourself, just to check. They will know immediately from their records whether they have contacted you recently.
4. Do not answer polls on the phone, specially ones about home security, no matter how legitimate the person may sound. While you are answering the questions, you’re also giving the caller all kinds of information about your home, your current state of security as well as the hours when you’re there.
5. Never give money to anyone who is going door to door in your neighborhood. Even if they say they are from the Children’s Wish Fund or the Heart and Stroke Foundation, don’t give them any money. Why? Most of the time these people are scammers. Even if they aren’t, they are making money from the money that you hand out. In most cases, they are paid reps not volunteers. Give directly to the charity, and choose the charity carefully. This ensures that the money goes directly where you want it to, not into some scammers pocket.
6. Never donate a dime to the folks who hang around just outside the grocery store collecting for children’s charities or pet adoption outfits. We’ve checked dozens of these and not one has ever been associated with a registered charity. The money you give goes directly into someone’s pocket, not to a charity.
7. If you get a message on your answering machine and you don’t know who called, don’t call them back if you don’t recognize the area code. The 1-800 series of numbers are usually OK but there are numbers out that that will cost you hundreds of dollars a minute in charges. You’ll get a big surprise on your next home phone or cell phone bill. Look at it this way. If it’s important, they’ll call you back, right?
8. Don’t add unknown apps to your mobile phone. Some of the horoscope or trivia apps will send you text messages every day or several a day, all the while charging you money for them. Getting out of these charges is next to impossible. This goes for some Facebook apps too. In the signup process the charges will be hidden in the fine print and, if you’re like everyone else in the world, you never read the fine print. Getting a daily horoscope just isn’t worth $2.50 per text message, is it?
9. Check emails for spelling mistakes. That goes for websites, too. If you happen to get directed to a website that looks legitimate, check for misspelled words, bad English, etc. Scam or spam email is known for grammar errors and words that are misspelled. ‘Informations’, with an s, is a popular mistake that you will see over and over again.
10. Update your technology regularly. Windows updates itself whenever a new exploit is detected. This goes for your mobile devices as well. For us, a new version of WordPress is installed as soon as we find out about it. These updates help you avoid identity theft. By the way, if you get a notice of an update that comes from an unexpected source, let’s say while you’re on a website, stop what you’re doing, close the site and restart your browser. Chrome, for instance, updates itself every time you start it. Internet Explorer doesn’t but that in itself is a great reason to switch to Chrome, isn’t it?
Stay safe out there. If you have a security concern, talk to us about it. If you have found a new scam, let us know so we can spread the word. Do it in the comments below or Like our Facebook page and tell us there. Here is the link: Computers Made Simple on Facebook
We’ll get right to the point of today’s post. Here’s an example of a bad and very dangerous email:
We expect that you’d recognize this as fraudulent. We hope you would anyway.
A credit card approval in sixty seconds, supposedly from First Premier Bank. A telltale clue is the address up on the top left. Do you think the First Premier Bank would use ‘edanasupermoistnep.com’ as their email address? Apparently, some people do, otherwise criminals wouldn’t bother sending out millions of these junk emails. If only one half of one half of a percent even answers one of these emails, the mission would be successful.
Here’s more:
Look down on the lower left to see where this link actually takes you.
The link in the email does NOT take you to First Premier Bank. Additionally, although the bank’s address in South Dakota seems to be correct, the Texas address isn’t. It’s a well known source for this and other suspicious emails. If you received an email like this one, you’d delete it right? We hope you would. If your credit isn’t that good, however, the attraction of a ‘Bad Credit’ card might be very attractive. Unfortunately, after a bit of digging, we discovered that a First Premier Credit card is the last credit card you’d want. With interest rates up to 79%, you’d almost be better off borrowing from a loanshark.
We did not click on any of the links here, obviously. It was a simple matter to block further emails from this address, at least it was on hotmail/live/outlook. We suggest you do the same.
Here’s an example of a real email from a bank.
This is a real email from one of our banks. Still, there are things to look out for in it.
We’re in Canada and we deal with several banks here. The Royal Bank is one of the largest banks in the world so we feel pretty safe doing some of our online banking with them. This email is simply a notification that our electronic statements are ready to be viewed online. No big deal, right? How do we know that this is a real, and safe, email? Well, it contains a real name, for one. The account numbers (blacked out) match ours and, as we said before, we actually have accounts with this bank.
Still, there are some things in this email that we should warn you about, primarily the contact telephone numbers. While the numbers shown in this email are virtually 100% safe, don’t use them to contact the bank. Why? Because sometimes hackers have access to some of your information but not all of it. Let’s say that someone knew we dealt with the Royal Bank and somehow obtained the last four digits of our account numbers. How could they do that? Maybe from a slip of paper blowing in the wind on garbage day, for one.
If this person needed the rest of our information, it wouldn’t take too much time to draw up an email like this and zip it off to us, complete with phone numbers that would be answered by that person. If you want to contact your bank, how would you find the real number? Easy. The number is on your bank statement, on your credit card and your debit card as well as on your cheques, at least in some cases. Additionally, make sure that you type in the url of the bank’s site, don’t trust the link. We are pretty sure that this email is completely safe but you never know, right? Why not take the extra bit of time to look up both the phone numbers and bank url yourself? If you get in the habit of doing that every time you contact one of your financial institutions, you’ll be well on your way to keeping your identity and your assets safe.
What have we learned? Mainly that you have to be suspicious of just about everything.
1. An email from your bank should have your name either in the body or in the subject line. Emails from Paypal, for instance, always have your name in the subject line. This simple precaution has virtually wiped out phishing emails attempting to steal your Paypal credentials.
2. Don’t click on links or phone the numbers in these emails, even if you are sure that the email is safe. Enter the bank’s URL yourself. Look for the bank’s telephone number in a bank statement, in the phone book or on your credit/debit card.
3. If you don’t deal with the bank that supposedly sent you the email, delete it. Most banks don’t use email to contact their customers except for simple statement notifications similar to the one we showed you above.
4. Above all, if a bank or credit card company has found ‘unusual activity’ surrounding any of your accounts, don’t you think they’d call you on the telephone? Think about it. Stay safe.
Thanks for reading! We’ll continue this series over the next few posts. We will share more thoughts and links on our Facebook page. Here is the link to it:Computers Made Simple on Facebook.
Here’s a link that might help us if you are interested in hosting your own blog with Fatcow Hosting. We’ve signed up to become an affiliate and we make a bit of money if you sign up for hosting via this link: FatCow Hosting Thanks!
Just this morning we read that 100% of attacks on computers are criminal in nature. What does that mean? Simply that hackers aren’t out just to have fun, they are actively trying to steal your personal information. It’s not only personal computers that are under attack. Read this story about how a major Canadian bank was scammed out of $87,000.00: Bank of Montreal Gets Scammed Once you read the story, you’ll see how all of this started. The customer’s email account, which had been hacked, was used to initiate the process.
We’ve written posts about how you can protect your email account(s). Here’s a link that shows some of them: Email Password Protection Make sure you read as much as you can about using a strong password as well as how to enable two-step authentication. For that matter, make sure you use multi-level authentication for virtually everything you do online. Most email providers as well as banks, social networks and financial institutions already require this. Make sure you take advantage of it.
Enough preamble, let’s get to a new type of scam that you might fall prey to. This involves Google Maps. Bear with us while we explain how it works:
1. If you run a business, you can put your location and business information right there on the Google map of your city, complete with your street address, your logo and your phone number. This is where the danger is, that phone number.
2. Hackers have found a way to install fake telephone numbers in Google Maps. Let’s say you’re looking for a bank branch in another city. It’s easy to check a bank’s name, just type it in and you’ll immediately see little flags all over the map. This works for anything, restaurants, hardware stores, police stations, etc. Here’s an example of the information you might see:
There’s the bank’s number. Wait, is it a real number or a scammer’s number?
3. Before you call the Citibank number, it might be a good idea to check the number somewhere else, let’s say on Citibank’s real website. Use the map for the location but NOT for anything else. This doesn’t apply only to banks. Here’s a link to the story explains the exploit and how several people thought they were calling the FBI but were really calling a hacker, this time an honest one:
These are a few things to watch out for when you’re online. In our next post, we’ll get into a bit more depth on these scams and how you can protect yourself from them. Stay tuned. In the meantime, ask questions or comment below or on our Facebook page. Here is the link to it:Computers Made Simple on Facebook.
Thanks for reading!
________________________________________________
Here’s a link that might help us if you are interested in hosting your own blog with Fatcow Hosting. We’ve signed up to become an affiliate and we make a bit of money if you sign up for hosting via this link: FatCow Hosting Thanks!
One of the biggest threats to any forum or website is spam. There are thousands of people from all over the world whose sole job is to find unprotected sites with the aim of spamming them. We use Akismet on this site but we can’t protect our new forum this way. Here’s how we keep the forum free from spam.
First off, here’s a link to our forum: GTWorld.ca One of the games we play is the Gran Turismo series and this forum is purely about that. As you will see, we’ve set up a two-step registration process. First, a forum administrator must approve all new registrants. Second, anyone who wants to join the forum must send an email containing their Playstation Network ID in it. We get an email when there is a registration request. We then head to the forum to check. Here’s what we see:
New registrants are classed as ‘inactive users’ until we approve them.
If we click on the username, this is what we see next:
The username and email are there. Let’s see if the email address is from a spammer. Highlight it and click copy.
The email address sounds legitimate. Why do we suspect that it isn’t? Because we have not received the user’s PSN name in an email, that’s the first clue. We copy and paste the email address into Google. Like this:
If the email address has been used before, we’ll find that out here on Google.
We’re in luck. This email seems to be quite popular on the most popular spam checking site, stopforumspam.com. This is the report we get when we click on the first link:
Yay! We’ve identified our new registrant as a spammer. Into the trash bin he goes.
Even though the email says that the user is from the United Kingdom, this site tells us that he is really from the Ukraine. That in itself is an important piece of information. Now, if you think that this process is a waste of time, we have to say that we get multiple spam registrants every day. If we gave these people access to our forum, it would be full of spam in a very short time. We think it’s worth it.
Thanks for reading! Questions or comments are welcome. You can also ask questions on our Facebook page. Here is the link: Computers Made Simple on Facebook
____________________________________________
Here’s a link that might help us if you are interested in hosting your own blog with Fatcow Hosting. We’ve signed up to become an affiliate and we make a bit of money if you sign up for hosting via this link: FatCow Hosting Thanks!
a little bit of hi-tech, a little bit of common sense and a lot of fun
