Need to network?
Then network with us--Accent on Computers. 203-625-7575.
July 27, 2007
Think Before You Link
Dear Larry,
I just received what I thought was an e-card from a friend,
but it looked a little fishy so I didn’t click the link to the card. Can you
tell me if this is safe?
S. F.
Dear S. F.,
Ahhh. If only everyone who surfed the Internet was as smart
and careful as you...
Everyone should be on the lookout for this latest e-mail scam:
the phony e-greeting card. It goes something like this:
To: larry.schneider@accentoncomputers.com
From: AmericanGreetings.com (or some other official sounding address)
Re: Your e-Card
Hi. Your Friend (or Neighbor or Colleague or Family Member,
etc.) has sent you a postcard.
See your card as often as you wish during the next 15 days by clicking the link
below:
http://67.182.180.150/?19d3383b4c009ee64d82c3a9ebeed43560 or copy and paste it
into your browser’s “Address” box (where Internet addresses go).
We hope you enjoy your awesome card.
Wishing you the best,
Postmaster,
americangreetings.com
The first clue was the fact that the message wasn’t sent from
an e-mail address that was known to you. Secondly, it generically referred to a
“friend” or “colleague” (though honestly it could just as easily have mentioned
a common name like Jim or Mary).
But the real kicker was the link: The web site it wanted to
direct you to was represented by an IP address—http://67.182.180.150/...)—and
not a well known web site such as
http://www.hallmark.com/... or
http://www.americangreetings.com/... Furthermore, a real e-card would
normally mention the full name of the sender like this: “Larry Schneider has
sent you an e-card.”
Unfortunately, if unsuspecting people start clicking these
links and get their computers infected with spyware, or worse, a virus, the
scammers who send these out will start getting more sophisticated. For instance,
the e-card might ask you to click a graphic image to view your card or simply
say click here (in fact, Hallmark e-cards already do that).
Worse yet, it might say to view your card, click the following
link: http://www.hallmark.com...,
yet when you click the link, it doesn’t send you to Hallmark’s web site at all,
but to some other location. That’s because the link text, which is what you see,
doesn’t actually have to match up with the actual link address, which you often
don’t see.
However, any good e-mail program or web browser will always
display the true link address so you can check it out before you actually go
ahead and click. For instance, Outlook Express and Internet Explorer both
display the link in a status bar at the bottom of the window whenever you hover
your mouse over a link. Microsoft Outlook displays the link in a small tooltip
window that pops up next to the link when you hover your mouse over it.
The moral of the story is this—and it applies to any e-mail
you receive that asks you to click something to take you to a web site—Think
Before You Link!
This is Larry Schneider, logging off.
