Tag Archives: phishing

Track Down a Suspicious Email

We received a very suspicious email this morning. On the surface, it looked innocent enough but the clue that told it was a ‘phishing’ email was simple. The email was from Air Canada, Canada’s national airline but the person who received it does not fly…ever. Here’s how we figured it all out. This is the email we received:

Photo of Email 1
Here is the subject line.

 

Photo of Email 2
Here is the email itself. Hotmail has prevented some of it from loading.

If we had recently booked tickets, this email might have tricked us into clicking the links in it. Where do the links lead? Let’s check. If you hover your cursor over each link, you will be able to see the actual link that it leads to. Please don’t make a mistake and click on the link. Ever! This is what we saw when we hovered over the links:

Photo of Email 3
Look down that the very bottom of your browser. See where it says ‘www.lakewoodpool.com/PDF/ticketRX749CA.zip ? Nothing to do with Air Canada there.

 

Photo of Email 4
This one has a contact PDF file which probably has a piece of malware in it.

 

Neither link leads to the Air Canada website. We didn’t click on the links but we did open up a new browser window and typed in ‘www.lakewoodpool.com’. This is what we found:

Photo of Email 5
This website is real but it’s out of date. It hasn’t been updated since January 2010.

We showed you how to check the IP address of a suspicious email here: Check IP Address  First we checked the email source by right clicking the closed email in the junk mail folder. (This is how to do it in Hotmal/Outlook/Live  but your email system may vary. It may not be the same as this but EVERY email system allows you to check the source of any email you receive.) Here is the menu you’re looking for:

Photo of Email 8
Choose ‘View message source’.

 

This is what you see next. Yes, it looks like gibberish but all you have to look for are the numbers that are marked in blue here. Highlight them (click just to the left of the first number, keep the mouse button pressed and drag to the right until you get to the end of the last number, then release your mouse:

Photo of Email 6
Near the top, look for ‘(sender IP is …) That set of numbers is the sender’s IP address.

Next, we headed to http://whois.net/ip-address-lookup/  to find where that IP address is in the world. Whois is a Unix term which is a command, asking literally ‘who is this?’ Here’s what we found:

Photo of Email 9
This IP address is in France…a long way from Canada.

 

We went through this exercise to prove to you that the email in question is a fraud, a phishing email. The senders expected us to click the links and subsequentlydownload their malware. Once our computer is infected with the malware, they could either take control of our computer or gather information about our identity. Identity theft is much more common now than any other kind of criminal activity.

Besides all of this, the email had many clues in it that, hopefully, would make you suspicious.

Clues that an email a fraud or a phishing scam: 

1. If indeed we had purchased a ticket from Air Canada, they would have our name, right? Air Canada or any other company would not send us an email with the opening line: Dear customer.

2. We hadn’t purchased a plane ticket. That’s simple but important. If you haven’t purchased anything from a company but they send you an email which says you have, you can be pretty sure that it’s spam or a phishing scam. This goes for banks, shipping companies and ticket outlets.

3. The links in the email did not lead to an Air Canada site. Hover over any link in the email, then look down near the bottom of your browser window. The real link address will be there. Whatever you do, do not click on any link in any email that you think is suspicious.

4. One of the links contained a zip or compressed file. Malware can be sent via PDFs but usually it is sent in a zip file.

The Lakewoodpool.com site has been hacked by someone, that’s obvious. It hasn’t been updated for two years but someone has guessed the administrator’s password and taken control of the site. Once inside the host server, the criminal is able to send out emails such as this from anywhere in the world.

Hopefully, we’ve educated you a bit in figuring out what an fraudulent email looks like. If you have questions or comments, use the form at the bottom.

Thanks for reading!

 

Best Protection for Facebook Hacking



If you’re concerned about the security of your Facebook account, here’s how to eliminate the biggest threat. It’s easy, fast and once you set it up, you can rest a lot easier knowing that one route into your account has been plugged.

Facebook loves to send you emails. If you let Facebook have it’s way, your inbox would be chock full of notifications about this and that. Right now, there are many email scams out there. You might get an email that looks like it’s from Facebook, but it’s a very clever attempt to get your password in order to hijack your account. Here’s how to stop those emails in their tracks:

1. From any page on Facebook, look up on the top right and click on the arrow beside Home to bring down this menu:

Photo of Facebook Account Settings menu
Click on Account Settings

2. Once you are there, click on Account Settings then Notifications and you’ll see this menu next:

Photo showing notifications in Facebook Account Settings
Notifications is the one you want now.

3.Start with clicking on the word Edit to the right of Facebook. This is what you’ll see:

Photo of Facebook Account Settings showing unchecked boxes
This is what you want the menu to look like, all boxes unchecked.

4. If you use Facebook every day, why do you need an email to tell you that something has happened inside Facebook? You’re going to sign in and see the notices anyway, why do you need a follow-up email? We would strongly advise you to uncheck every box here.

5. Move down the list for each of the sections: Photos, Groups, Notes, Pages and so on. Make sure each box in each section is unchecked.

6. Now, look up on the top left for the word Apps and click on it. This is what you’ll see next:

Apps Menu in Facebook Account Settings
Make sure that the Apps never notify you.

7. Here you will see that we have prevented Words With Friends from notifying us. See the word ‘never’ on the bottom right? Make sure that is showing and click Close to ensure that you will not get any notices from this app. Move down the list and do the same for every app that you use.

You’re done! Now, you won’t get any email from Facebook. Whatever email comes to your inbox or your junk box will be a scam. Guaranteed. If you follow our directions here, you’ll be safe from phishing emails. Phishing is where an email tries to get information from you in order to hijack your Facebook or your bank account.

If you still want Facebook to email you, you’re on your own. You risk getting tricked by one of these clever emails. Good luck! It’s scary out there sometimes.

Thanks for reading!