Recognize Spam and Stay Safe

The last few days has seen a huge increase in the number of spoof e-mails apparently (but not) from on-line retailers and couriers. This is not surprising when one considers that this time of year sees a huge increase in on-line purchasing and consequently, an increase in the number of legitimate “Order Confirmation” and “Tracking” e-mails.

The spammers know this and capitalise on the unsuspecting recipients clicking their malicious links.

Do NOT click on the links in these e-mails until you are sure that they are legitimate!

How do you know if they are legitimate?

It is not always easy to recognise the bad e-mails. However, with a suspicious mind and a little experience, it is possible.

Firstly, you cannot trust an e-mail just because it “appears” to come from a legitimate sender. For example, you might receive an e-mail that appears to come from PayPal <service@paypal.com>. It looks legitimate, doesn’t it? Even the main body of the message of looks right. But, look closer…

This is a screen-shot of an e-mail (one of several) that I received today:

 

There are several things that I noticed straight-away:

  1. The e-mail address this was sent to (redacted in red) is not my PayPal e-mail address
  2. I know that I did not make a payment of $313.48 to anybody recently
  3. Most of my transactions are in £ Sterling

And did you spot the mistake in the headline?

“You done a payment of …” – PayPal do have better standards in English that that!

OK, so that was just a cursory glance at the e-mail itself. I’ll bet there is more to this if we look a little deeper.

You really have to know how to view the Properties of an e-mail. If you don’t already know, try these results in Google.

The screen-shot below shows the top of the headers in the Properties window for this particular e-mail:

Did you see the “Return-path”?

Return-path: <smirks@iztzg.hr>

That does not look like the return path of a legitimate PayPal e-mail, does it?

The Bottom Line

Just be careful! Slow down and consider the links in e-mails that you are about to click on. Malicious links in e-mails are on of the favoured techniques used by cyber-criminals to gain access and control, over your computer.

There is plenty of good advice out there – here are a few links:

Teaching People how to Identify Spam
http://www.allspammedup.com/2011/09/teaching-people-how-to-identify-spam/

How to Identify Email Spam
http://www.ehow.com/how_2003326_identify-email-spam.html

 

This entry was posted in E-mail, IT Security, Uncategorized and tagged , , , , . Bookmark the permalink.