Protecting Your PC From Malware: Links in E-mail
|Protecting Your PC From Malware: Links in E-Mail|
Malware is ever present and even more so today than in past days. You may have used these terms: virus, Trojan, spyware or rootkit. They are all forms of malware and protecting yourself from malware is one of the most important things for business and home computers. Now even mobile devices can find themselves targeted.
While most anyone would agree that having a good antivirus product is essential, if that is all you use it would be like putting on a coat in the winter but not wearing pants. You are only partially covered. Products that can look for other types of malware are also an excellent way of protecting your computer from infection.
Another critical part of your overall anti-malware solution is a firewall. Your best, first line of defense is a firewall that is configured as the gatekeeper to stop as much malware as possible from even getting in through your internet connection. If you are a BEMA client, we have either put into place a firewall that will greatly decrease the chance of running into malicious web sites or have configured the equipment you have to provide the utmost protection it allows.
Even with all of these software and hardware appliances working to keep you and your computers safe, the most important piece of the puzzle is arming yourself with knowledge so you can recognize an attempt to get you to inadvertently install or allow malicious software to run on your computer. In the many years we have been removing malware from computers, the majority of infections come from an attachment or link in an email. The sender may be your best friend, a family member or a business you recognize, but that is no reason to blindly accept things.
Some attempts to get you to click on links that will send you to web sites hosted in other countries are very poorly written in broken English and should raise immediate red flags. Other malicious email is well designed and looks quite legitimate. However, you can often verify the validity of an email within moments if you know what to look for.
Below is an example of an order confirmation email. If you have not yet received one that was intending to trick you into putting malware on your computer, you probably will at some point in time. This is a valid email that I have modified to look similar to those I have seen many fall prey to.
This email is to acknowledge that your order has been received. Please
review your order information below, as orders placed cannot be changed.
ORDER NO : Z4363288
ORDER TIME: Sun Jul 06 2008 04:07:03 P.M. PT
1 x (211200) Microsoft Basic Black Value Pack Keyboard and Mouse Combo Single Pack OEM @ $15.99
1 x (360921) Coolmax V-400 400W ATX V2.01 Power Supply w/80mm Silent Fan Retail @ $19.99
1 x (249620) MSI K9VGM-V K8M890 Sempron/Athlon 64(FX)(X2) SktAM2 DDR2 M-ATX Motherboard w/Audio, LAN, Serial ATA Retail @ $43.99
1 x (117009) Seagate Barracuda 7200.10 ST380815AS 80GB Serial ATA(SATA) 7200RPM Hard Drive w/8MB Buffer @ $36.99
SUBTOTAL : $116.96
SALESTAX : $.00
SHIPPING : $15.88
TOTAL : $132.84
PAYMENT METHOD: Credit Card
SHIPPING METHOD: 2 Day Delivery
You may check the progress of your order on Walmart.com.
Simply log into your account and click on “Order Status/Tracking”.
The key in this email message is the link. Everything else looks pretty much legit except there is nothing specifically identifying a name or address anywhere, but why not just click the link and verify the order? The link has been modified to take you to a completely different website than what it looks like it would. Most email clients will show you where links will take you if you only hover over the link with the mouse cursor for a moment:
Web browsers will also show you where links will take you in case you are using web-based email. The browser will typically show you in a status bar in the lower left of the window where the link will actually try to take you. If you can verify this before clicking links in email, you will eliminate a good portion of the attempts made to get you to accidentally install malware on your computer.