Trojans at the gates

I have received several mails from what appear to be legitimate sources, but on closer inspection they are fraudulent. As I am seeing a rise in them, and they do tend to get around my email filters at first, and also fool the comprehensive Anti Virus protection I use, I thought I would show you an example of what they look like and what to look for.

dodgyemail

Now it looks realistic enough, and like most people I order things from Amazon. However look closely. It says on the from line auto-confirm1217@amazon.co.uk and after that it says where it really came from: byfordv86@yahoo.com.  If you see that on an email, be suspicious. One might normally expect an official mail to come from one source, and from within Amazon, this one does not.

The mail is also cc’ed to someone called Dizecdize which is rather odd. But the main giveaway is that there is a zipped up attachment on the email. Amazon would direct you to a link on their website. They would not send an order to you.

Beware of the zip file from an unknown source

In my case, I have not placed an order, so I might be inclined to click on the zip file to read the order. However that is the trap this email is encouraging me to jump into. While my AV and Firewall protection program has not kicked in yet, I suspect that the payload in that file is most likely a keyboard logger which will be monitoring my keystrokes and sending them somewhere for analysis. This is how passwords are stolen.

I have had a very similar mail around a week ago which appeared to be from British Gas. I sent that one to British Gas, it was a fraudulent email. The next time my AV software was updated it detected it and deleted the attachment.

Many people use very basic antivirus and security programs to protect their systems. It is likely that this type of email may get past the protection. In my case my system will most likely prevent whatever is in the zip file from taking any action on my computer should I try to open it.

Check links

So do take care. Other things to check are links within emails. If you see a link in an email encouraging you to go somewhere, place your cursor over the link (without clicking) and you can generally see where it actually goes to. If you receive a mail from Barclaycard with a link in that goes to http://she4776d.hjeys/?hd36162362 then be suspicious. The best advice if you are not sure is park the email where it is not going to be opened accidentally and independently check on your account by telephone or via the web. Don’t click on any links in an email unless you trust the source. If you suspect it is fraudulent, independently check and delete it if it is.

Try this

As an example of what some people do with links try this. Here is a link which goes to http://www.bbc.co.uk or does it? It looks like a link, however if you place your cursor over it somewhere on your screen a hint will appear telling you where it really goes to! You can click this example it goes to a safe site.

I grant my permission!

Remember when you click on a link in an email you are effectively giving permission for the server to do something. That is not necessarily limited to jumping to a page, it may also download something to your computer. A good AV/ Security system will generally detect these and protect you. If you are not sure where the mail came from, don’t click on any links in it.

My friend sent me a mail

Another nuisance email is one which appears to have been sent from a known friend. It will say very little in the email and there will be a link in it for you to click. You may wonder why your friend has not said anything in the email. What has happened here is something has compromised your friends system and accessed her address book and is now sending mails out to everyone in the address book. Once you open it your email address book is read as well. These generally harvest email addresses to sell on junk mailing lists, or are used to place malware on a computer.

Need to check your system?

If you think you may have been compromised, or just want to check you can try this program Malwarebytes anti malware. It is a subscription service, but you can download it and try it for free to check your system.

– Mark Wingrove

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmailFacebooktwittergoogle_plusredditpinterestlinkedintumblrmail

FacebooktwitterFacebooktwitter

Leave a Reply

Your email address will not be published. Required fields are marked *