Phishing is a way to trick you into giving account info
Happy New Year everyone,
I got an unusual email from a contact of mine. When it appears that someone has had their account or device stolen I go into super detective/defender mode!
What I did to investigate the situation:
After receiving the unusual email I attempted to contact the person via another route. In this case it was Facebook. The email was unusual because I rarely get emails with little to no text in them from her. It had a link generally saying that I should click on it because I would like it. That is the usual red flag for me. Further to that it was sent at a time when most people don’t email. One other thing I noted was that it was sent from an Ipad…..or at least that is what it said.
NEVER REPLY TO AN EMAIL THAT SEEMS STRANGE. YOU MAY BE REPLYING TO “THE BAD GUYS”. By replying, you are confirming to them that your email is legitimate….bad move.
So, I connected with her via Facebook and asked if she sent the email. The reply I got seemed normal enough, but I added a security question to my reply because I thought it was possible that her Facebook account may be compromised as well. The reply I got was vague and did not answer the question. I asked her to provide the security question for a second time and I got another vague reply. I then firmly insisted she answer the question because this seemed serious at that point. I wanted to make sure she knew I was not joking. NEVER JOKE AROUND ABOUT THIS KIND OF STUFF. The reply I got was very odd again. STRIKE 3! I gave her one last chance to confirm the account by phoning me. I would have called her, but I do not have her “current” phone number.
Most people would not go to this extent because honestly it can be awkward and embarrassing. That is another fact the “bad guys” prey on.
The good news is she called me. If she had not, I would have moved on to this next step:
Contacting people who may know her, hoping they can call her. This also protects her contacts from potentially having their account compromised as well from the email link that may have been sent to them as well. Email links are dangerous, and can trick you into thinking they are safe; then asking you to “log in”. If you do, you just gave them your username and password for whatever account (you think) you are logging into. Links can also be used to directly infect your computer with a virus.
The final step I take is to contact the police. If they don’t help, try to call provincial (or state) or federal authorities. Notify them of the situation.
If I can get connected with the person and they confirm that their account has been compromised, I help them change their account passwords immediately. Then I do all the other steps.
I recognize that all this reading and following through with steps like this is inconvenient. That is why cyber crime (and crime in general) proliferates. To them it is a full time job. To us it’s distracting us from our full time job. We in essence allow crime to spread by our own indifference.
I just said links are bad, but I am going to provide one. If you want to learn more about this and how it can affect you read my blog post on the subject: http://varganet.ca/2014/03/
Alternately you can just go to my website www.varganet.ca and find it on my blog page. You can also Google search info on the topic.
Thanks for reading. Have fun. Surf safe.