Like everyone else I get a ton of SPAM in my inbox, even with all of the SPAM fighting tools I can find and use. Usually, as a last line of defense I use a product called Mailwasher to catch anything that gets past server filters, but we’ll talk about Mailwasher later. This post is the first of many I am sure where I thought I would alert folks to some pieces of mail that are especially crafty that get through and look legit but carry dangerous payloads. These messages carry viruses, or are Phishing attacks (where people try to trick you into giving them information like usernames and passwords) so I thought I would start posting about the ones that I see. I get people and customers asking me about these emails and what they are and if they are real or not, etc., so I thought some of my readers might have the same questions.
So, here we go with the first two:
- Look out for emails that appear to be from PayPal. They will look like they came from a valid PayPal address and will have a subject saying something like “You sent a payment” and in the body of the message they will tell you that you sent a payment of X number of dollars (it varies between emails but is usually anywhere from a hundred to thousands of dollars). It will then have links to click on to supposedly get information about the payment. This is where they spring the trap, when you click on the links. Most likely you will be sent to a fake PayPal login page, and when you log in you will get some kind of error or redirect, but most importantly, they now have your PayPal username and password, think about that! So be on the lookout, if you haven’t sent any payments, or don’t use PayPal even, don’t fall for these emails. Just delete them, and if you feel the need to check your PayPal account, you go to PayPal directly by typing in the address yourself so you know you are going to the right place.
- Next, we have an email carrying a virus payload called DROPPER. Your anti-virus software (you ARE using AV aren’t you???) should catch it, but just in case I’ll post the common headers below. Keep in mind that they might look slightly different, such as a different case number, but it should be similar. Keep in mind too, when have you had any contact with the Better Business Bureau? If you haven’t, which is likely, then that ought to be the first red flag with these emails! Here are the subject and from address as I have seen them:
- From: Better Business Bureau (firstname.lastname@example.org)
- Subject: BBB assistance Re: Case # 27368244
Remember, the case number may vary, and as always, keep a keen eye on your email and remember that if it looks suspicious, it probably is!