monophoto
Member
We all know about the COVID19 pandemic. But it seems to me that there is a parallel epidemic that isn't getting as much attention.
Now that we are isolating at home, it seems to me that the frequency of potentially malicious spam e-mail has also increased. I routinely get two or three e-mails every day from banks or credit card companies claiming that someone has tried to access my account and suggesting that I click a link to address that concern. In the case of banks, a surprising number of these messages appear to come from well-known banks where I don't even have an account. And even when the message appears to come from a business where I do have an account, checking with the company reveals that they didn't send the message.
Last night, I got an e-mail from someone claiming to have embarrassing pictures of me that supposedly were captured by downloading a virus to my computer that enabled them to turn on the webcam. They threatened to send copies of the pictures to my friends unless I sent them $2000 in bitcoin. Obviously, they didn't actually send me copies of the pictures they claimed to have. But the most revealing flaw in their attempt at extortion was that my computer doesn't actually have a webcam!
This situation calls for some common sense:
1. Never click any link in an e-mail from a source you don't know personally know.
2. Never use links in e-mail messages from entities that you do know. Under normal circumstances, I would suggest making a phone call to be business to confirm the legitimacy of suspicious e-mails, but many businesses have closed their call centers during the lockdown. So instead, go directly to the web site where you normally conduct business with that entity using the URL that you normally use to access their site. Make sure that you use a URL that you have used before - my browser is set up to verify URLs against a master list before it will allow me to enter my password. If the e-mail is legitimate, you should be able to find something on the web site that refers to the matter. If there is nothing on the web site about the matter, assume that the e-mail was bogus unless and until you hear something further from the company.
3. Search for, and get familiar with the 'mark as spam' and 'block this sender' options in your e-mail client, and use them liberally to flag any e-mail that you suspect is bogus.
4. Be very careful about messages coming through social media (especially Facebook). If you don't know the sender, treat it as suspicious.
Now that we are isolating at home, it seems to me that the frequency of potentially malicious spam e-mail has also increased. I routinely get two or three e-mails every day from banks or credit card companies claiming that someone has tried to access my account and suggesting that I click a link to address that concern. In the case of banks, a surprising number of these messages appear to come from well-known banks where I don't even have an account. And even when the message appears to come from a business where I do have an account, checking with the company reveals that they didn't send the message.
Last night, I got an e-mail from someone claiming to have embarrassing pictures of me that supposedly were captured by downloading a virus to my computer that enabled them to turn on the webcam. They threatened to send copies of the pictures to my friends unless I sent them $2000 in bitcoin. Obviously, they didn't actually send me copies of the pictures they claimed to have. But the most revealing flaw in their attempt at extortion was that my computer doesn't actually have a webcam!
This situation calls for some common sense:
1. Never click any link in an e-mail from a source you don't know personally know.
2. Never use links in e-mail messages from entities that you do know. Under normal circumstances, I would suggest making a phone call to be business to confirm the legitimacy of suspicious e-mails, but many businesses have closed their call centers during the lockdown. So instead, go directly to the web site where you normally conduct business with that entity using the URL that you normally use to access their site. Make sure that you use a URL that you have used before - my browser is set up to verify URLs against a master list before it will allow me to enter my password. If the e-mail is legitimate, you should be able to find something on the web site that refers to the matter. If there is nothing on the web site about the matter, assume that the e-mail was bogus unless and until you hear something further from the company.
3. Search for, and get familiar with the 'mark as spam' and 'block this sender' options in your e-mail client, and use them liberally to flag any e-mail that you suspect is bogus.
4. Be very careful about messages coming through social media (especially Facebook). If you don't know the sender, treat it as suspicious.
