All this week we’re posting tips on ‘safe computing’; how to keep safe online. While we write about PCs mostly, these tips will apply to Macs too, most of them anyway. If you use an Apple computer (a Mac), don’t assume that you’re safe from these exploits. You’ll need to stay on your toes no what what type of computer you use.
Email – Threats in your Inbox:
We all get large amounts of spam email every week. Normally any junk email easy to spot. Some types of phishing emails are a little bit harder to pick out. Here’s an example of a phishing email in one of our junk folders:
Out of the millions of people who receive an email like this, a certain percentage would almost certainly have a Discover card, right? Let’s see what the email is all about:
Whether these emails mention Discover cards or bank accounts or airline tickets, there is one simple way to check if they are phishing emails. Aside from the fact that your credit card would call you on the phone to report ‘irregular activity’ on your card or account, don’t you think they would know your name? Any emails from these kinds of institutions, and they don’t send out many at all, would always have your name in the subject line as well as in the body of the email.
We get a notice once a month about our account statement being ready, complete with our name in the subject and our name in the salutation of the email. We also get emails from PayPal about different specials they are running and, again, our name is right up front in the subject line.
Obvious Clues:
Aside from the name issue, this email has a couple of other clues that it’s a fake. At the top, you’ll see that it purports to be from ‘discover@email.discover.com, which is probably a legitimate address. If that’s the case, why would the link in the body of the email lead to ‘cicfif (dot) cn’? That .cn is the top level domain for China, in case you didn’t know. When did Discover start using a domain in China for their security office?
Besides that, as we mentioned before, credit card companies don’t email their customers when there is a problem. Speed is of the essence in these situations. The companies don’t want to interfere with their customers activities but they do want to minimize any fraudulent use of the credit card in question. There’s nothing faster than a phone call to settle these issues. An email would never be used.
Phishing. What the heck is it?
Any unofficial (fake) email or website that asks you to fill in your personal information is said to be phishing for that information. While a virus is bad and malware can really slow down your computer, phishing can hit you right in the purse or wallet. If someone gains access to your bank account or credit card details, they can clean you out in a matter of minutes. Depending on which bank or credit card company you are with, you may or may not be liable for these losses. It’s always a good idea to check out the fine print before something like this happens.
How to Protect Yourself:
1. We strongly suggest that you use an online email account, as opposed to one that is with your ISP (Internet Service Provider). We use outlook.com (formerly hotmail), gmail and yahoo for our various accounts. Why is this important? Primarily because none of the emails from your online accounts are actually stored on your computer. Since you have almost unlimited storage space with these companies, as opposed to the limits set by your ISP, you don’t have to download the emails to read them. As a matter of fact, outlook doesn’t even let you download your inbox. Dangerous or phishing emails never reach your computer, they stay on the online servers.
All of these online email companies have very strong anti-virus/malware filters in place, far stronger than what your ISP probably uses. Before an email gets into your inbox, it must pass through very strict screens. If you have set up your account correctly, most junk emails will end up in your junk folder. You will not be able to click on any links contained in them until you certify that they are safe.
2. Don’t click on any link in email that is not from someone you know or a company that you do business with and has mentioned you by name in the email. Even if the email is from a friend, we’d suggest not clicking on it until you can verify that they actually sent you something. If their email account has been compromised, whatever form of malware that did it will now be accessing your contact list and sending out emails as soon as you click on the link.
3. Since email links can be faked, think about alternative ways to access your credit card or bank account online. Type the address into your browser yourself if you feel the email might be legitimate. Here’s how a link in an email can be faked, in case you didn’t know. Click on this link (it is totally safe, believe us): www.freestuffforyou.com What? No free stuff? Not today, just free information.
4. Here’s a trick for you, one that might keep you safe in the future. Your browser has a cool feature in it that you probably never use. Hover over any link that you see, no matter if it’s in an email or on a website. Don’t click on it, just hover over it with your cursor (mouse). Down on the lower left, right at the bottom of your screen, you’ll see where the link really leads. Try it with our fake link just above this.
That’s it for today, just some simple tips on keeping out of trouble with email scams and phishing. These are things that you actually have to try to get stung with. Your actions in these situations control whether you get into trouble or not. Later on this week, we’ll deal with things that are out of your control. Stick around. Better yet, like us on Facebook and keep up with our tips, tricks and posts: Computers Made Simple on Facebook
Thanks for reading!