Tuesday, July 10, 2007

Technology: Viral spam warning

Someday I'll write a tutorial to instruct the layperson on how to heuristically surmise whether a cleverly faked spam really is spam. In the meantime, here are three essential rules of thumb to observe without fail: (1) Treat every mail that purports to come from eBay, Paypal, your bank, or with a free offer that sounds too good to be true as if it were spam and not to be trusted -- since the chances are 99% or more that it is spam. (2) Never click any link in any spam email -- esp. if it has a hard IP address (in the form of four numbers separated by periods) or any other numeric or nonrecognizable format commonly used for hacker exploits to control others' computers. (3) Every spam is 100% lies -- don't ever believe a single word!

I post this general note now because spammers devise trends to try to trick as many unwitting souls with their wiles as possible. First we saw a spate of fake-bank spam emails claiming your account had a problem that could be resolved if you clicked the link provided. More recently has been a flood of spam asking for Paypal account verification. (As with bank spam, spammers don't know whether you have such an account; they're just counting on those who do to click in a panic -- and these counterfeits have gotten sneaky enough lately that they sometimes give me pause, requiring a more technical assessment to verify their false nature.) In the end, spammers will say whatever they think will get you to click in the clinch (and "$500 Target gift card!" might get the attention of many).

In the last two weeks, however, I have seen a surge of spam emails claiming to be e-card announcements -- which I can tell at a glance are fake but probably fool many casual computer users. Moreover, I think it is working, because in the past two days I have seen an increase in warnings of viral spam being forged with my addresses. (Most spam today tries to infect your computer and then send more spam in the name of you and everyone else on the spammer's s--- list. Yes, spam is a four-letter word.)

So please remember the three rules of thumb above -- and esp. now do not respond to e-card notifications that don't seem to come from a known address. Be sure to use your mail program's spam filters, if you have any, and as a spam-fighting alternative, I highly recommend the streamlined and speedy Spamcop, which I have used and greatly appreciated for years.


Post a Comment

<< Home