Staying safe online

For many people, the internet is new and exciting. But it can be a very dangerous place.

For increasingly busy people who maybe just pop online quickly to check email it can be very dangerous.

People will tend to get “accustomed” to the type of email they receive – facebook status updates, newsletter updates and ticket confirmations etc.

Thieves are openly trying to capture personal information and they do it like this.

Firstly, they will collect hundreds if not hundreds of thousands of email addresses from forums, blogs and the like. There is even software to “harvest” these addresses.

The object of the thief is to lure the recipient into revealing sensitive information. This may include passwords and credit card information.

No one is going to knowingly reveal that information so the scammers have to be more cunning.

An email is sent which deliberately tries to jolt the recipient into action by making them temporarily losing control of their senses and taking action they wouldn’t normally take.

Some examples could include

You are due a tax refund
You have received funds (from paypal or moneybookers)
Your paypal account has been hijacked

For each example – the user is asked to sign in and confirm their details

Or “questions” from ebay users including

“Is your Sony laptop still for sale?”
“Why have you not sent my goods? I will report you to the police”

Of course they hope the recipient will immediately panic and leave their normal senses aside for a few moments.

Now the scammers are quite clever and they may have either “spoofed” the “from” email to make it look it has come from where it says or formatted the email in the corporate layout of the organisation concerned. (PayPal is blue and black; eBay is yellow, green, red & blue etc etc)

Of course the website where the user is diverted to is a copy of the real one and the scammers may have even registered a similar domain such as

nameofbank-complaints.com

How to spot a fake email and what to do

There are some tell tales signs that the email is not original and these include.

You may not be named in the “to” field of the email. It may just be addressed to customer@bankname.com.

This is an indicator that the email has been sent to hundreds if not thousands of recipients.

The text of the email may be in poor english and may contain spelling mistakes. The scam may have originated in non english speaking countries. The marketing departments of large corporations would not have made such mistakes…

The link where the user will be taken is shown at the bottom of the screen BEFORE the user clicks and it is unlikely to be anything to do with the institution.

If you use an anti virus like Kasperksy, it may pick up that the email content contains a virus or a link within it goes to a known fraudulent website.

What to do

The best thing to do with these emails is to just delete them. Replying or clicking any “unsubscribe” link will just confirm that the email address is “live.”

You can forward them to the relevant complaints department at paypal/ebay etc but it is most likely that someone else will have already done it…

---

You just finished reading How to stay safe online! Consider leaving a comment!

Blog post originally from Sharp End Training

2 comment(s)