Gone Phishing

How spot email scams and phishing attempts. Don’t be a victim.

Phishing is an attempt by a scam artist to trick you into revealing personal information such as an account name, password or even your social security number.  It normally begins with an email; common phishing emails are:

  • Someone asks for your help to transfer money out of a foreign country. They need to use someone else’s bank account because theirs has been frozen by the foreign government.  If you let them deposit some large amount of money in your account you can keep 10% when you transfer the rest to an account they will provide.  In reality what will happen is they will take all the money out of your account.
  • A bank will contact you saying there is a problem with your account. For your protection they have frozen your account until you login and verify some information.  In reality you will be giving your bank account name and password to a criminal who will empty your account.
  • One of the popular social media networks will contact you saying you have a new friend, or follower, or something. If you click the link you will be giving your social media password to criminals who will try using that to access other accounts.

Most often these emails will direct you to a web site where you can take whatever action is needed to “address the problem”.  The real problem is the web site is fake and stealing your information.

Think you are too smart to fall for one of these scams?  Well, I have a test for you.  If you want to jump right to the test you can click either of these two links to take a phishing test offered by two reputable companies.  If you want to know what to look for before taking the test keep reading and come back to the links.

Here are common things to look for to spot a phishing attempt:

  • Poor grammar or misspelled words – the scammers are often from foreign countries and English is a second language
  • The letter is not addressed to you by name but rather to “Customer”, “User”, or simply to your email address
  • You are urged to act quickly because there is a problem, risk a loss, or face legal action
  • The email’s from address doesn’t match the business name – legitimate businesses (with a possible exception of small local business) do not send from Yahoo, Gmail, Hotmail, etc. accounts.
  • The email is from a business or social media service you do not use
  • Banks and social media companies will NEVER ask for personal information in email
  • The link in the email doesn’t go to where it suggests it does. Hover the mouse over the link WITHOUT clicking; at the bottom of your email or browser window you should see where the link will take you.  The text in the email is just for you to read – never trust it.  If what you see when you hover doesn’t match what you see in the email it is a phishing email.

Now that you know what to look for go back and take the tests.  How did you do?  Was it harder than you thought?  Share your results in the comments.  Here is my advice; when in doubt throw it out.  Never click the links in the email, instead login your account using the site’s published website name.  If you are really concerned call the business at their published phone number (not one in the email).  If you don’t know the publish website name or phone number use your favorite search engine to look it up.

So why is phishing so dangerous?  You might think it is no big deal if someone gets your password to Facebook.  They worse they could do is unfriend people, post something embarrassing, and so on; right?  Unfortunately no.  Most people use the same login name and password for all their accounts.  So if someone tricks you into logging into a fake Facebook page they use try that same username and password on Amazon, Apple’s iTunes, Paypal, and so on.  They can also use that username and password on any site that allows you to login with your Facebook account.

In my next post I will share how to come up with strong passwords (something hard to guess) and ways to protect your usernames and passwords so that if someone does get your information (from a data breach or you fall for phishing scam – it happens) you can limit the damage.  Stay tuned.

Compressed Folders

Working with compressed folders in Windows.

By default Windows stores your files uncompressed so you can work with them.  There are times; however; when it is helpful to compress them to save space; for example if you want to send to someone else via email as an attachment.  You can also include multiple files into a single compressed folder creating what is called an archive or a zip file.  This is helpful when you want to share several files; you create a single archive or compressed folder with all the files and share just one the file rather than the individual files.

There is one small thing to watch out for when working with compressed files.  If you double click a compressed folder Windows will automatically uncompress it and show you the files in a new File Explorer window.  The files in this window will look like normal files; the catch is Windows has uncompressed the files into a temporary space and once you close the File Explorer window they will disappear.  The original compressed folder will still be there so you can always get the files back but some programs do not work well with these temporary uncompressed files.  To avoid this you should extract the contents of the compressed folder rather than double click it.

To create a compressed folder select the file (or files) you want to compress, right click, select the “Send To” menu, then select “Compress (zipped) folder”.

To extract the files out of a compressed folder, select the folder (it is really a file), right click, and select “Extract all…”  A new window will open asking where you want to extract the files to; you take the default location or select a new one.  If you leave the “Show extracted files when complete” box checked Windows will automatically open a new window showing the files you just extracted so you can start working with them.

For those wondering why compressed files are called zip files and people use the terms zip and unzip to mean compress and uncompress read the history of PKZip.

Welcome

As an IT professional I am often asked computer related questions by friends and family.  I am the technical support staff for most of them.  It is not limited to computers either; phones, cameras, TVs, all home electronics really are fair game.  I don’t say that to complain; I enjoy what I do.

This blog is a way of capturing some types of the questions I’ve been asked and documenting my answers because I figure if one person has asked it then others likely have the same question.  Hopefully someone will find it useful.

I will update this blog on the rigorous schedule of “approximately whenever I happen to have a few free minutes”.