Evil Emails

Most of the ways that bad stuff comes into a computer is by the way of email. Some times an email will look something like an order, even though you didn't order anything.

The subject line might look something like this:

Subject: www.cvv2.ru - would like to thank you for your purchase on our web site. (It's okay to click on that link, it goes to a copy of an email received by me!)

If you stopped to think about it, you would know it was a trick, but if you see a sentence saying your credit card was charged, you hit the panic button! As soon as you can, you hit reply and fire off a message to the sender saying you didn't order anything.

So what happened here? For one thing you let the sender know your email address is valid. If the intent of the sender was to add email addresses to a spam list, get ready for a ton of new spam.

Sometimes there is a link included in the email, supposedly back to the site where the order was supposedly placed. If you clicked on this link, you probably got some malware installed on your computer without your knowledge. It could be a hijacker, a keylogger or something else even more evil.

Another way email can be evil is a phishing (pronounced fishing) email. This is an email that supposedly comes from your bank, credit card company or any other financial institution. PayPal and eBay have been also used for phishing emails. The way these emails work is by intimidation or scare tactics. The email will say that they have lost your details and have a link for you to click to log in and 'update' your information. If you don't update your information, your account may be closed or be unavailable. What the link will do is take you to a site that will just steal your credentials if you are foolish enough to give all of your login and/or financial details. You can read more about phishing on another page on this site by clicking on Phishing.

Another tactic used by the 'phishers' is to send a spam email telling you someone has sent you a greeting card. This email wants you to click on the link to see your card. Once you get to the site where the so-called greeting card is located, you will get a stealth trojan downloaded and installed on your computer. This in effect turns your computer into a 'zombie' computer. On command from the leader of the zombie network your computer will start sending out spam and phish emails. This just re-enforces, never click on links in email if you don't know the sender! Delete all emails unopened if you don't know the sender!

The scams just never quit coming in email. Besides the awful amount of spam (just delete it) there are the Nigerian email letters, which are being copied by other scammers purporting to be from a lot of other places now.

And of course there are the attachments that come in email. They could be harmless, but they could also contain virus, worms, keyloggers or any one of the myriad uglies that can wreck your computer, steal your identity or wipe out your bank account. And the sad thing is, you may think the attachment is coming from a friend when in reality it is a 'spoofed' email from who knows where!

So what can you do about all of these 'evil emails'? Don't open attachments unless you are expecting them. Don't click on email links unless you know where the link will take you. Delete unopened emails from strangers! And remember, your bank, your credit card company and any other financial site will never ever send you an email asking you to update your information! And keep your virus scanner updated!