RAW Computing

Exposing the email tricks using by phishing and malware

Everyone receives junk email and some people receive a lot. At one point over 1,000 a day was being received by the email account used by this website! Go away for a week and there could be 10,000 or more on return! Not everyone suffers from this amount of junk and some big spam networks have been taken down, but it is hard to be completely spam-free. Email accounts at Google, Hotmail and others are useful because they block a lot of obvious spam before it reaches your inbox. However, it is inevitable that some will get through.

The web is awash with email scams and the scammers use all sorts of tricks to try and get you to install some software, look at a file, or visit a website and hand over your personal details like the username and password for your bank account, PayPal, eBay or whatever. Here are a few of the scams you will come across. It's useful to know what to look out for and how to avoid them, then you won't be sucke din by them when they arrive in your inbox.

The iTunes scam

This is the iTunes scam and what you get is an email that looks like it is a receipt from the iTunes store for something you purchased.

Email scam

Of course, when you see this email your first instinct is to click the links and try to find out what this is or how it has been charged to your account. After all, you don't remember buying it. Clicking the links will only lead to trouble and you'll either get infected with some sort of virus, Trojan or other malware, or you'll be asked for your username and password so the scammer can clean you out.

How do I know it's fake? I've positioned the mouse over one of the links in the email and the URL is displayed in the status bar at the bottom of the window. Notice that it's not and Apple website, an iTunes website, or anything related to them. Another giveaway - for me at least - is that the bill is in dollars and I'm in the UK and buy in pounds. And there's one more thing. I don't even use this email address for iTunes.

Here's a good tip: Get another email address and only tell iTunes what it is. If you have your own domain name you will probably find that [email protected] will get to you. This means that you could use any word you like in front of @yourdomain.com and it would get to you, so you can think up an obscure word like [email protected] and register it with iTunes. Then if you get an email from iTunes and it's not addressed to [email protected] you know it's a fake.

Alternatively, you can always get another account, like Google, Hotmail, Yahoo! or any free account and just use it for iTunes.

The LinkedIn scam

I've had a zillion messages from LinkedIn lately, 99.9% of them are fake. LinkedIn does send email notifications of various activities and this scam looks similar to a real message.

Email scam

Once again, if the mouse hovers over a link in the message, you can see in the status bar that the website the browser will go to is not LinkedIn or anything to do with LinkedIn. You'll get malware or your username and password stolen, so don't click it.

The attachment scam

Lots of junk emails arrive with an attachment and the subject and body of the message vary. This one is supposedly a CV that has been mailed to me in error. Can I resist taking a peek? You bet! It's probably a virus, Trojan, or a link to a website with some sort of malware or password stealer. Variations of this include an email from FedEx not being able to deliver a parcel to your address, and so on.

Email scam

In each case they either directly tell you to open the attachment or they appeal to your curiosity. People are curious to know what is in the attached file, especially if it is supposed to be private, personal, secret and so on. Ignore all emails with attachments except from people you know. (Even then I don't trust them! Sad, but true!)

Affilate links follow...

| About