In the Wild West of the Internet there are a lot of bad guys trying to make a buck by stealing your data, or simply trying to wreak havoc and cause a problem for you and your friends and coworkers. Email spam and phishing attacks are a primary method they use to achieve their goals.

At Providence, computer and network security is a primary focus, and ensuring that our clients have secure email accounts is a top priority. We deal with problems like this regularly, so to help you recognize and deal with dangerous email we have summarized three classic spam approaches.

Follow this link OR ELSE!!

We’ve all seen this one. This is a message that claims there is a problem that you must address immediately. The problem could be just about anything – your computer, email, bank account, an account you have with a website like eBay or PayPal – but sometimes they may claim to be from a foreign lottery official or someone else that needs your information, or wants to give you money.

Here’s an example that we recently encountered:

Attention Webmail User,
Your mailbox has exceeded one or more size limits set by your administrator. Your mailbox size is 164899 KB. You are to receive this warning when your mailbox reaches 160000 KB. Account Would be disabled only if account owner refuses to re validate account within 48hours of receiving this warning.
To reset and re validate kindly click the Microsoft Login Page below:
https://www.boguslink.com/gotcha (URL changed for obvious reasons!)

This email should start alarm bells ringing for a variety of reasons. Here are some questions to ask yourself when evaluating similar messages:

1. Do you know the person the email is from? Do you recognize the domain (the “@” part of the email address, as in name@domain.com)?
2. Does the email exhibit strange punctuation, capitalization errors, or terrible grammar?
3. Do you have any accounts or business with the website to which the link is pointing?
4. Is the web address in the link different from the domain of the email address?
5. Is the sender promising you a large sum of money?

If you can answer yes to any of these questions, the best thing you can do is delete the message. And above all else do not click on the link!

The Microsoft Update

Recently we have seen reports of an email circulating about an update to Microsoft Outlook and Outlook Express. The message looks very similar to the screenshot below:

This is a new spin on a classic phishing approach and it has been getting through some anti-spam filters.

The key to recognizing this as being bogus is to remember that Microsoft only releases updates through Windows Update, which is a part of your operating system. Microsoft will never send this type of message by email. In fact, most software providers generally use an in-application system to update your software, and never send updates by email. If you receive an email with a link claiming to be a software update you can be pretty sure that it is bogus!

Another easy way to tell if a hyperlink isn’t what it claims to be is to float your mouse pointer over the link or URL that is included. Your web browser or email program will display the link destination (sometimes this is found along the very bottom of the browser window). Check the text of the link destination against the text of the link that your mouse is floating over. If they’re different, you should be suspicious. This method can work to detect bad links in websites and elsewhere too, not just in email.

If you encounter an email like this, Providence recommends that you disregard and permanently delete the message.

Verified by Snopes, So It Must Be True!

A wise man once said, “Believe nothing that you hear, and only half of what you see.”

Another common method the bad guys use to cause problems is an alarmist or sensational message that warns the reader of impending doom via email and advises them to “forward this message to everyone you know.” These messages usually claim to have been verified by snopes.com, talked about on CNN, and classified by Microsoft as “the most destructive virus ever” that will wipe every last byte of data from your hard drive.

While such emails may not directly damage your computer or install something nasty on your hard drive, the alarmist nature of the message can cause panic. When frightened people start forwarding the message to all their friends and relatives, it can cause undue strain on networks and servers that have to deal with an onslaught of email.

Consider the following points:

1. Just because a message says “verified by Snopes” doesn’t actually mean that it’s true. Those who are trying to cause panic use this tactic to lend credibility to the message, knowing that people trust Snopes and other resources like it.
2. Messages claiming that everything on your hard disk will be lost are typically bogus. If it sounds too outlandish to be true, it probably is…
3. Look for a specific timeframe in the original message. If it states something vague like “this virus was discovered by McAfee yesterday,” you should be suspicious. A real warning from McAfee or Symantec would have definite information, like May 14, 2011, not “yesterday.”
4. If there is no name given for the virus, be suspicious. Whenever a computer virus is discovered, it is given a name almost immediately by the major anti-virus software manufacturers (McAfee, Symantec, Kaspersky, etc.). Any message coming from one of these trusted sources about a new virus will contain links to information on their website to give users further information.

Snopes.com is a great resource. Snopes is a website that focuses on urban legends, Internet rumors, e-mail forwards, and other stories of uncertain or questionable origin. If you receive an email of this type and are unsure of what action to take, a quick search at Snopes can often ease your fears.

The Bottom Line

Following a little common sense will take you a long way in dealing with suspicious email. Be aware of what it is that you are opening. DON’T open messages and (especially) attachments from people you don’t know. Avoid opening goofy attachments that you didn’t expect to get. Keep your computer updated with the latest patches from Microsoft, your anti-virus manufacturer, and any third party manufacturers you use, like Adobe and JAVA.

And don’t forget that Providence is always here to help!