Avoiding Email Spams, Scams and Malware
There are many scammers out there on the internet. You may receive an email that appears to be legitimate, but it isn’t. Here’s an example.
Subject: yourdomain.com account notification
The contents of the email will contain the following, with your email account domain inserted in order to increase the credibility and to also attempt to evade spam filtering systems:
Dear Customer,
This e-mail was send by yourdomain.com to notify you that we have temporarily prevented access to your account.
We have reasons to believe that your account may have been accessed by someone else.
At this point, the emails will instruct you to do one of two things:
Please run this file and Follow instructions:
or
Please run attached file and Follow instructions:
Some of the messages will link to an executable file:
http://somespammer.somedomain.com/settings.exe
Others will link to a compressed version which they want you to download and then run, for example:
http://emailsupport.somedomain.net/settings.zip
Still others will will have the following files attached to the message itself:
* settings.zip
* settings.exe
In every case, the files and links are malware and if run it may infect your computer, add it to the spammer’s collection of zombie computers under their control. DO NOT follow the links or open the attachments.
Clues that it’s a scam:
- Many misspelled words. We all make typos here and there but this thing is riddled with bad spelling
- It’s directing you to download a .exe file (or a zipped .exe – same result)
Whatever you do, DO NOT open these nor should you click the links provided. If you have any suspicious emails that you want us to look over, feel free to ask! You can also refer to the following sites to look up possible scams, viruses, and hoaxes:
Antivirus Sites:
Internet Myths and Hoaxes: Snopes Urban Legends References Pages
Related Articles:
Wednesday, 2 June, 2010 at 9:38
Another type of email I always usually get, isn’t in a file but a link instead. The link appears to be correct in the email. Example: “http://www.hostbaby.com/members/login” (or something to that effect)
However, to double-check it’s useful to right-click that link (ctrl click for Mac users)select “copy link” and paste it elsewhere.
Often times it’s something like: “http://www.accounts-hostbaby.com/ (followed by a line of confusing code)
In this case, the domain MUST be hostbaby.com, not a hyphened version of it. If hostbaby in fact had something like this it would be “http://accounts.hostbaby.com” which is a subdomain.