Tag Archives: Spam

Track Down a Suspicious Email

We received a very suspicious email this morning. On the surface, it looked innocent enough but the clue that told it was a ‘phishing’ email was simple. The email was from Air Canada, Canada’s national airline but the person who received it does not fly…ever. Here’s how we figured it all out. This is the email we received:

Photo of Email 1
Here is the subject line.

 

Photo of Email 2
Here is the email itself. Hotmail has prevented some of it from loading.

If we had recently booked tickets, this email might have tricked us into clicking the links in it. Where do the links lead? Let’s check. If you hover your cursor over each link, you will be able to see the actual link that it leads to. Please don’t make a mistake and click on the link. Ever! This is what we saw when we hovered over the links:

Photo of Email 3
Look down that the very bottom of your browser. See where it says ‘www.lakewoodpool.com/PDF/ticketRX749CA.zip ? Nothing to do with Air Canada there.

 

Photo of Email 4
This one has a contact PDF file which probably has a piece of malware in it.

 

Neither link leads to the Air Canada website. We didn’t click on the links but we did open up a new browser window and typed in ‘www.lakewoodpool.com’. This is what we found:

Photo of Email 5
This website is real but it’s out of date. It hasn’t been updated since January 2010.

We showed you how to check the IP address of a suspicious email here: Check IP Address  First we checked the email source by right clicking the closed email in the junk mail folder. (This is how to do it in Hotmal/Outlook/Live  but your email system may vary. It may not be the same as this but EVERY email system allows you to check the source of any email you receive.) Here is the menu you’re looking for:

Photo of Email 8
Choose ‘View message source’.

 

This is what you see next. Yes, it looks like gibberish but all you have to look for are the numbers that are marked in blue here. Highlight them (click just to the left of the first number, keep the mouse button pressed and drag to the right until you get to the end of the last number, then release your mouse:

Photo of Email 6
Near the top, look for ‘(sender IP is …) That set of numbers is the sender’s IP address.

Next, we headed to http://whois.net/ip-address-lookup/  to find where that IP address is in the world. Whois is a Unix term which is a command, asking literally ‘who is this?’ Here’s what we found:

Photo of Email 9
This IP address is in France…a long way from Canada.

 

We went through this exercise to prove to you that the email in question is a fraud, a phishing email. The senders expected us to click the links and subsequentlydownload their malware. Once our computer is infected with the malware, they could either take control of our computer or gather information about our identity. Identity theft is much more common now than any other kind of criminal activity.

Besides all of this, the email had many clues in it that, hopefully, would make you suspicious.

Clues that an email a fraud or a phishing scam: 

1. If indeed we had purchased a ticket from Air Canada, they would have our name, right? Air Canada or any other company would not send us an email with the opening line: Dear customer.

2. We hadn’t purchased a plane ticket. That’s simple but important. If you haven’t purchased anything from a company but they send you an email which says you have, you can be pretty sure that it’s spam or a phishing scam. This goes for banks, shipping companies and ticket outlets.

3. The links in the email did not lead to an Air Canada site. Hover over any link in the email, then look down near the bottom of your browser window. The real link address will be there. Whatever you do, do not click on any link in any email that you think is suspicious.

4. One of the links contained a zip or compressed file. Malware can be sent via PDFs but usually it is sent in a zip file.

The Lakewoodpool.com site has been hacked by someone, that’s obvious. It hasn’t been updated for two years but someone has guessed the administrator’s password and taken control of the site. Once inside the host server, the criminal is able to send out emails such as this from anywhere in the world.

Hopefully, we’ve educated you a bit in figuring out what an fraudulent email looks like. If you have questions or comments, use the form at the bottom.

Thanks for reading!

 

Check Your User Settings in Worpress



This morning I received an email from this site telling me that someone had registered as a user. Needless to say I was surprised. I wasn’t quite sure what damage a new user could do to my site but I logged in, deleted him and changed my settings. When WordPress asked me to confirm the deletion, it also asked me if I wanted to delete any links that the new user had put up here. I said yes, of course, but that made me think about my settings on my other sites. The default WordPress settings make it very easy for anyone to subscribe to your site AND to post links. Here’s how you can protect your site before this happens to you.

Head over to Settings, second last link on the left side of your Dashboard window. Once you are there, you should be on the General Settings page but make sure that this is where you are.

Halfway down you’ll see ‘Membership’ with a box that is, probably, checked. If it is checked then ‘Anyone can register’ which isn’t what you want. You want to un-check that box to prevent people from adding themselves as users. You can still add users but you have to be logged in as admin in order to do that.

The second thing you want to do, now that we are on this subject, is to limit comments on your posts. Yes, you want comments but you don’t want spam. There are two ways to prevent this. The first is to go to Settings then to Discussion Settings. What you are looking for there is ‘Email me whenever’ and ‘Before a comment appears’. In the second one, make sure that the box is checked beside ‘An administrator must always approve the comment’. Then, in the section above, make sure that you get an email when someone makes a comment and when one is held for approval.

If you have your WordPress installation set up this way, you won’t get surprised by someone adding themselves to your user list AND you won’t get spam comments showing up unannounced, either. Sure, you will get spam but you can check the comments and delete them. How can you prevent spam completely? You can’t. But you can add a plugin that will put check all comments and automatically put the ones that are spam into the proper folder. Here’s how.

Akismet is a standard plugin that you get with WordPress. To get it working, you need to activate it. To activate Akismet, you have to register and then get what they call an ‘API Key’. Don’t worry, it’s free. All of the links are there on your WordPress Plugins page. The key is the only thing you need before Akismet roots out spam for you. It won’t send an email but it will hold all the comments that it thinks are spam, and it is never wrong, until you show up to delete them.

There are other ways to secure your WordPress installation, these are only two. WordPress is probably the most documented bit of brilliance on the ‘net. Keep learning and keep safe, people.

Thanks for reading!

Hotmail or Gmail?



Hotmail has been around since 1997, at least in its present form with Microsoft. Somehow, it doesn’t have the same cachet as Gmail, even though it’s been around for a lot longer, 2004 compared to 1997. Many of my contacts use Gmail for business, pretty much shunning Hotmail for reasons that I don’t quite understand…other than the sense that Gmail is sounds better. Here’s why I stick to Hotmail.

1. Easier Access – Over the years I’ve gotten used to using MSN chat. Sure, Gmail has Gmail chat but most of my friends around the globe use MSN and/or Skype (or QQ). Since I have my MSN chat open when I’m online, I get instant updates when I get an email from a contact. Additionally, I can access up to five of my Hotmail accounts from one account using the link feature. One sign-in lets me access my business account, my anonymous account (the one I use when I’m signing up for some sketchy-sounding freebie on the ‘net) as well as accounts that are linked to different websites that I own.

2. Sharing – I used to share music on Gmail using the Gmail Drive feature, mentioned here. Gmail gives you over 7 gigabytes of storage. Cool huh? Hotmail gives you 5 gigs of storage in your actual Hotmail account but they also give you 25 gigabytes in your Skydrive section. Cooler, huh? With my 25 gigs of storage, I can share music, videos, epubs, etc. In Gmail I would have to share a password with a trusted friend. In Hotmail all I have to do is send an email to share a folder. I can even allow someone to edit the files if I want. Personally, I find the Skydrive setup much simpler and easier to use than the substantially smaller Gmail storage.

3. The Cachet – If the name Hotmail doesn’t turn your crank, you could choose the ‘live.com’ option when signing up for an account there. Unfortunately you can’t switch your Hotmail to a live account. I think the biggest mistake that Microsoft made was choosing the Hotmail name but that’s done, can’t change it now. At that time, everything was new and fresh and, yes, hot on the brand new Internet. Things that you take for granted now weren’t even thought of then. When you actually think about it, the name Hotmail is no different from Gmail except that each is associated with what some consider the black and white of the computer world. While most of us use Windows, do we actually trust Microsoft? Somehow, Google is considered the white knight of the Internet, despite being just as monopolistic as Microsoft.

4. Spam Blocking – I’ve written here before about using the excellent spam blockers in Hotmail. Personally, I don’t see much of a difference between the Hotmail or Gmail spam settings. I get spam in each, lots of it. Blocking spam in Hotmail is much easier. Select the messages in the junk folder, choose Block at the top and poof, they’re blocked. You can block a whole domain or a single account just as easily. With Gmail you have to set up a filter. Finicky, in my opinion, and time consuming. Give me ‘click and block’ any time.

5. Finding an Email – Both Hotmail and Gmail have superb search features. It’s a tie there. However Hotmail allows you to arrange your emails in five different ways. If you click the ‘Select’ button over the email date, you can arrange your whole inbox by date, by who the emails are from, by the subject, by size or by conversation. I use this feature all the time. If I can’t remember any key word in an email, I can find what I’m looking for by arranging the emails in another way. It sounds strange but it happens. Order something online from Amazon but you can’t remember the title of the book? See all of the Amazon emails instantly by choosing ‘from’. You can then find the email quickly if you have a vague idea of the date of the order. If not, you can go through them one by one. I can’t do that in Gmail. (If I’m missing this, please let me know.)

6. One Gmail Plus – I’m sure there are perfectly good reasons to choose Gmail over Hotmail, other than the name, but I can think of only one. Choosing a series of messages in Gmail is much easier, choose one then hold down the shift key while choosing another one down the line. All messages in between will be chosen. That’s it!

What Do You Think? If I’ve missed something, let me know. Both Gmail and Hotmail are secure. I really prefer having my email left on the server instead of having it come into my home computer before I read it. I’m always online anyway so what’s the point of downloading all of my messages to work offline? If there is something on my site server or my ISP’s server, as soon as I open Outlook or Thunderbird, that bit of virus or malware gets sucked into my computer. Give me web-based mail any day. If you change ISPs, you have to go through the change of address motions which might or might not get to all of your clients or email contacts. I’ve had Hotmail since 1998, same account, and I’ve never lost an email.

Thanks for reading! Comments are very welcome.



Twitter Spam



I hate spam on Twitter. Most spam is fairly obvious, some of it is a bit less so.

Here is an example of something that isn’t really classified as spam but, in my opinion, is just as bad. Someone tweets a link with a description. The link leads to the tweeter’s site which has another link to the site which contains the information. Here’s a capture of what you see from the link in the tweet:

A Type of Spam on Twitter
The link in the tweet leads to this, not to the original site.

I’m not going to post the tweet here. It describes the article that this link leads to. This is the tweeter’s site, not the site where the information is posted. It’s an intermediate step, one that generates income for the tweeter but, probably, not very much for the original creator of the information. To me, this is spam.

With absolutely no originality or, apparently, sense of fair play, the tweeter simply links pages from his page and tweets the link to his page. In order to get the information that is tweeted about, you have to go through two different sites. I tweet my own material, things that I have actually created. But I also share links that lead directly to other sites without going through any of my sites. This tweeter is doing this solely to make money, not to help the Twitter community.

If you follow people that do this double-click spamming, please un-follow them. This type of spam doesn’t qualify as spam, according to Twitter, but I’m sure that you would agree that is.

Thanks for reading!

Update: I received a comment on this post by, strangely enough, the spammer in question. I am not going to approve the comment because, guess what, he posted links to his own site in the comment. While he insists that he doesn’t make money from his site, there are two ‘Advertise Here’ spots on the right side of the page and a definite link to a hosting company on the page. The site is nothing but links to other sites, no information whatsoever. It’s obvious to me that even Google won’t allow their ads on a site like this. With Google, of course, content is king. When there’s no content, there’s no Google. Nice try, buddy. Your tweets and your site are contrary to the sense of community that Twitter is known for.

Update 2: This is a capture of Thomas’s site showing the potential for ads. With 182 pages of links, it’s kind of easy to see what there aren’t any there now.

Looking for Ads in All the Wrong Places
An Attempt to Get Some Advertisting