Internet Scams 101 -- Attacking You Through Your E-mail
The Internet is filled with scams, and eventually they wind up in your e-mail box. The ingenuity of these people is astonishing. Their goal is usually to get you to click on an e-mail attachment, so they can infect your computer with a virus, a tracking cookie, and/or a trojan horse.
? COMPUTER VIRUSES strike fear into all our hearts. When a particularly vicious virus comes out, announcements are made on television and in newspapers. For a good discussion of computer viruses, go to http://computer.howstuffworks.com/virus.htm.
? A COOKIE can be perfectly aboveboard and even helpful. For example, when you visit Amazon.com, you get a cookie which enables their computer to recognize you when you return and to remember the sort of thing you?re interested in. TRACKING COOKIES, on the other hand, record the places you go online and what links you click on, telling advertisers what type of ads should be aimed at you. It?s true, they won?t transmit a virus, but who wants an Internet bloodhound baying on their trail? Good anti-spyware will remove tracking cookies.
? A TROJAN HORSE pretends to be something it is not, such as an e-mail from a friend or something you?ve ordered. The text of the e-mail may say, ?Here is the information you wanted.? Or, ?Keep this as a secret between you and me.? Or, ?You?ve just won our grand prize!? Anything to make you click on that attachment. Once you do, the trojan horse takes over your computer. It can do any malicious thing it wants, from erasing files to changing your desktop. It then propagates by sending itself to other people in your address book.
A good friend just had his Internet address list stolen, and I?ve been getting messages supposedly from him ever since. They all want me to click on an attachment to the e-mail. I e-mailed asking him if he?d sent that message. He had not.
Even if you?re smart enough not to click on a trojan horse attachment yourself, one of the friends on your address list may do so, your address will then be stolen, and off you go into the underworld.
Once scammers get your e-mail address, they may use it to send malicious e-mails to thousands of people in your name. I usually discover this when I get ?I?m out of the office? automatic responder messages from people I never heard of. It?s frustrating, but I know it isn?t my fault.
? Anti-scam rule 1: Never click on an attachment from a good friend unless you are positive the friend sent it. It takes only a minute to click on ?Reply? and ask the friend, ?Did you really send this??
? Anti-scam rule 2: Never double-click on an e-mail attachment that contains an executable, such as an EXE, COM or VBS suffix. Once you click on it, an executable can do any sort of damage it wants. (Enough people now know this to make the scammer say, ?This attachment is virus-free.? If you believe that, I?ve got a nice bridge I?d like to sell you.)
? Anti-scam rule 3: Your computer CANNOT be infected by an e-mail attachment unless you click on the attachment. If you simply delete the suspicious message without clicking on a link or the attachment, you?re okay.
It?s so awful it?s funny, but after the scammers have used your stolen address to scam thousands, they have one more scam up their sleeves. This is the message they sent me:
?Your e-mail account was used to send a huge amount of spam during this week. Obviously, your computer was compromised and now contains a trojan proxy server. Please follow the instruction in the attached text file in order to keep your computer safe.
The foodandfiction.com team.?
My first thought was, ?How nice. These people are sympathetic to my problem and want to help me.? And then I thought, ?Wait a minute! This message is supposedly from the foodandfiction.com team. Food and Fiction, http://foodandfiction.com, is me, myself, and I, and I never sent that message.? Of course, if my e-mail address had been, say, AOL, the message would have been signed, ?the AOL.com team.? I might have thought the dear folks at AOL were trying to help me, and I?d have clicked on that attachment. Which was of course from the scammer, not AOL, and would have infected me.
? Anti-scam rule 4: Having your address stolen does NOT infect you with a virus or trojan horse. If you don?t open suspicious attachments, you are all right -- though you may want to warn your friends that they?ll be getting attachments pretending to be from you, which attachments will infect them if they open them.
Coming next: an article on hijackings and spyware.
About the Author: Find the best recipe, food gift, and healthy dieting sites on Janette Blackwell?s Delightful Food Directory, http://delightfulfood.com/main.html -- or enjoy her country cooking at Food and Fiction, http://foodandfiction.com/Entrance.html