Safety First!

download

 

Cyber Monday is upon us for the 2013 season.

Everyone is very much aware of the safety issues and incidents surrounding Black Friday. Though there may not actually be any physical violent acts on Cyber Monday  doesn’t mean there aren’t any threats present.

I received a phishing email which made me think about computer safety in general. Though this particular email was readily identifiable, as senders are finding smarter ways to get their thieving intentions out to you, some of these types of emails are becoming harder to recognize.
Phish

I thought about some of the most used words in describing email security issues. Words such as spam, phishing, spoofing –  as well as their definitions. I realized I was a bit hazy on recalling these definitions (and couldn’t even remember ever having heard the word ‘spoofing’!).

As Cyber Monday is looming, here is a quick review on such types of threats, thought you might find it useful as well.

1) SPAM –  Emails which include words like [Free Viagra ! Miracle Fat-Burner! Hot Singles!]                                                                                                                            Easy to remember fix:  DELETE SPAM – NOTHING is a miracle, NOTHING is free. You know what they say… if something sounds too good to be true – then it usually is. Get rid of these emails, don’t waste your time.

Spam_origin1

2) PHISHING –  Emails (usually in the form of a letter), made to look official – as if being sent from a bank, the government or an entity such as the FBI, that requests you confirm sensitive information (your name, address, bank, credit card number, etc..).  Once your identity is “confirmed” with the source, these emails explain, you will then be entitled to receive xxx million of dollars – perhaps from a long-lost uncle or someone you’ve never heard of before. Another explanation may state something like they (whomever they might be)  need your help – they’re receiving money, but there’s an issue and if you help them out, they will give you half the money.

The tone of the letter can range anywhere from inquisitive  (Please confirm your social security number, your bank information, your address, etc..).  to threatening (If we don’t receive this information from you, we will send the xxx million dollars to …someone else). Typically the grammar is incorrect, words are in the wrong order and there can be many misspelled words.

The “sender” of these emails may make you think you’ve somehow made a Special VIP list. For example, some emails I’ve received in the past were “from”:  the Federal Bureau of Investigation, Citibank, Bank of America, and the White House.                                 Think about it, unless you perhaps have an active role working for the government, then why on earth would the White House want to send you, me, us – any type of personalized daily email correspondence?

Easy to remember fix: Do not click on any link found in the content of these emails. ** Do NOT confirm ANY information with these frauds. They are out to rip you off, steal your identity as well as your hard-earned cash. Do not fall for these! As wonderful as it sounds to have a complete stranger just drop 10 million dollars in your lap, it’s NOT going to happen – so you can stop booking your dream vacation to Bora Bora right now.  . However, once you can identify these emails – read a few,  just for entertainment’s sake – as they can be quite amusing.

BANK OF AMERICA CORPORAT - marstar18@gmail.com - Gmail200px-phishing_3

3) SPOOFING – Website looks legitimate to user, however, IP address has been hijacked for the purpose of stealing sensitive information.                                                                   Easy to remember fix:  Two ways to prevent this. 1) Type in the actual web address in the address bar. 2) If clicking on a link from within another site, move your cursor to the link and hover for a moment before clicking. Now, look at the bottom left hand-side of your screen. The website address you want should be reflected (for example, if you want to buy Tiffany’s jewelry, make sure the link you hover over states http://www.tiffany.com)

 

Computer Safety

 

 

 

 

 

Here is a terrific example:

Real site:  http://www.louisvuitton.com/front/#/eng_US/Homepage

Fake site: http://lvfull.com/

The fake site looks amazing, right?  If you scroll to the bottom and see the phone number provided and copy/paste that into google – you will see customer complaints that links this phone number to other websites. You can research a little more and see it is linked to country code 51 (which is Peru).

All counterfeit merchandise.  Be careful !!!!!

****Good tip:   Always go to the “About” section and read out loud – the fake sites never sound quite right.

Have a great, computer-safe, Cyber Monday Shopping Day !

Informational links:

http://www.fbi.gov/scams-safety

http://www.securityweek.com/cybercrime/phishing

https://www.us-cert.gov/ncas/current-activity/2013/11/19/Holiday-Season-Phishing-Scams-and-Malware-Campaigns

http://detroit.cbslocal.com/2013/11/30/tips-to-get-the-most-out-of-cyber-monday/

http://www.pcworld.com/article/2066988/dont-let-scammers-turn-black-friday-and-cyber-monday-into-regretful-tuesday.html

http://doit.creighton.edu/network/infosec/blog/be-careful-cyber-monday

3 thoughts on “Safety First!

  1. This is the right blog for anybody who really wants to find out about this topic.
    You know so much its almost tough to argue with you
    (not that I actually will need to…HaHa). You definitely put a
    new spin on a subject that’s been written about for many years.
    Wonderful stuff, just great!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s