It seems like every day brings a new rash of evil-doers on the virtual highway. Steering clear of the bad guys can sometimes feel like a full-time job, but there are a few tricks you can use to protect yourself with little effort.
FIRST AND FOREMOST, make sure that you have anti-virus/anti-spam/anti-malware security software installed on your computer and KEEP IT UP TO DATE!!!! McAfee, Norton and Kapersky are three of the most common names in computer security, but there are plenty of others. AVG offers a free version to personal (non-commercial) users.
Now that that little lecture is out of the way, let’s discuss your e-mail. WHEN IN DOUBT, DELETE.
One of the most insidious ways to attack your computer is by your very own e-mail. Clicking on links that are from seemingly ‘safe’ site, or opening attachments from apparently ‘safe’ sources is an almost guaranteed way to get an evil virus on your computer.
Now that you’re scared to death to read your mail, how do you protect yourself? Really, it’s pretty easy. Here’s what you do – and it only takes a second…it doesn’t have to interfere with your production…VERIFY THE LINKS BEFORE YOU CLICK.
How?
Easy.
See the image above…it APPEARS to have come from Twitter. They’re telling me that I have a message to read. BUT…it’s not from Twitter…its someone phishing for information from me…trying to steal my signon and password.
The first ‘clue’ that this isn’t from Twitter is the fact that they say ‘Hi’, not ‘Dear Sandy’ (or whatever name you’ve used on your account).
The next clue comes if you hover your cursor over the link the phisher wants you to click:
You’ll notice that this link, which is masked to look like it would go to Twitter (and should read something starting with www.twitter.com), has a link to some unknown site. That site is NOT Twitter, and not safe to click. If I really thought Twitter wanted me to check something out on my account, I would open up a browser, type in the URL (www.twitter.com), and go to my account to check it.
Here’s how easy it is to do. I created the link below (this one happens to be safe to click on, but it will NOT take you to Twitter):
http://www.twitter.com
The link above LOOKS like a legitimate link to Twitter when you first see it, but the link actually takes you right back to this blog! It APPEARS to go to Twitter, but no…it comes right back to me…and it COULD just as easily have gone to some nefarious site.
If you hover over the link on the screen (if you’re trying it, hover over the link above…the image below is just that, an image):
Then, look to the lower-left corner of your browser screen, you will see the ‘real’ destination revealed:
It’s that easy to see where someone is trying to send you – via an e-mail (hovering over the link in the email displays the real link) or on a regular web page (hovering over the link will make the real URL appear on your screen, probably in the lower-right corner of your screen).
If you get an e-mail with an attachment from someone you don’t know (they may say they are UPS, FedEx or the USPS) telling you to open the attachment to find out about a delivery you missed, STOP! DO NOT OPEN IT!! [One regular reader of this blog found that out the hard way and had to spend days trying to recover their computer. He happened to be waiting for a UPS delivery, so thought it was legit. Unfortunately, opening the zip file corrupted his hard drive.]
A fake notification will have some tell-tale signs:
First, it says ‘Dear customer’…if they know enough to send ME an e-mail, they KNOW my name!
Next, there is no information about the shipment in the subject or body…only a link. Legit shipments contain some detailed information in the shipping notification which will assure you that the e-mail is real.
A REAL notification will include information in the subject and/or body that you can enter directly into www.ups.com or www.fedex.com or www.usps.com in order to track the shipment (you don’t need to click links).
Your name and/or address will appear in the body of the e-mail.
A tracking number or other package information will appear in the subject line or body of the e-mail.
None of the major shipping companies will attach the information in a zip, word, pdf document.
(Note: I’ve blanked out some of the personal information on this image, so you won’t see the full tracking number or address, but you get the idea).
If I wasn’t sure that this e-mail was legitimate, I could go to www.ups.com and enter the tracking number given in the e-mail. Again, there is no reason to trust the links in the e-mail.
So, to sum it up:
1. Legitimate e-mails will address you by name.
2. Hover over the link they want you to click and see if the URL is legitimate.
3. When in doubt, open up a browser and type in the url manually, then check whatever the e-mail is trying to get you to check by entering through the ‘front door’ instead of taking the shortcut.
4. Do NOT open up attachments from people you don’t know.