Thursday, 28 April 2011

SPAM - how to spot that fake message from the bank...

Surely I am not the only one receiving emails about winning the Nigerian Lottery, having a really rich uncle with the same last name as mine somewhere in England or about a suddenly expired PIN number from all the major banks around South Africa. Yes, at some point in our lives we have all received the occasional spam message, but fear not as there are some sure-fire ways to check if it is a hoax or if it is legitimate. Needless to say any mails telling you that you have won a lottery or that you have inherited money from England is a scam, but the emails from the banks are getting increasingly crafty. Take a look at this recent example:
example phishing email with authentic branding and no grammatical errors

This type of scam - where the user is asked to click a link which actually takes them to another site imitating the real one only to net your personal information - is known as phishing. To spot if any email is trying to phish for your information - simply hover over the link with your mouse (DO NOT CLICK) and check where the link is actually pointing - see the screenshot below:
check the link you are directed to when hovering over "CLICK HERE TO STOP DEBIT ORDER" link

What they do here is a simple link redirection to a page that they are hosting themselves or even to a page that contains some malicious code to intercept your information. Even I can do it in this blog post: click here to visit https://www.fnb.co.za/secure

The easiest and most basic tips to avoid becoming a victim should be followed in a top-down approach:
1.) never react to any email from a bank as the bank will never request any private information via email
2.) if you do not know the sender do not click on any links or respond in any way, nevermind opening the attachment!!!
3.) if it sounds to good to be true, it probably is...
4.) do not forward any promotions, virus warnings or any other message that requests to be forwarded to x-number of friends as this is just another way that the spammers net email addresses (also see rule 3 above). General rule of thumb is to check the validity of the claim via a google search before you lie to your friends and hand spammers their email address...
5.) if there is any uncertainty: forward the message to somebody that knows what to look for or even better, just delete it - no questions.

Avoiding phishing and email scams is easy if you just follow the hard and fast rules and think it through rationally. Click here for some basic tips and feel free to do your own reading up on the matter.

Feel free to send me your suspicious emails, queries or even messages that you have received and recognised as spam.Who knows, through my blog you might save somebody a lot of trouble!

Be safe,

WarBrad.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)