Monday, January 17, 2011

something phishy in my inbox

Have you ever seen an email in your inbox that didn’t look right?  Have you ever received an email that said your bank account has been compromised and that you need to log in to reactivate your account, or something similar? I have received this email this morning which is clearly a phishing attempt. I will now help you to recognize these bogus emails, and what to do when you receive one.

"Dear valued customer :
During our usual security enhancement protocol, we observed multiple login attempt error while login in to your online banking account. We have believed that someone other than you is trying to access your account for security reasons, we have temporarily suspend your account and your access to online banking and will be restricted if you fail to update.
confirm your update by clicking the link below:
 Log on to www.bankofamerica.com/update
Please Note:
If we do no receive the appropriate account verification within 48 hours, then we will assume this Bank account is fraudulent and will be suspended. The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud from our community."
The first red flag on these types of messages is that it does not use my name. It starts with "Dear valued customer" a real bank email usually addresses you by name either first and last or last only.  The next thing I notice is that it does not include a phone number to call. Another thing is that you will notice spelling errors or wrong word uses. un/fortunately most IT people struggle with spelling and grammar and if spell check doesn't find it it is okay in our eyes.

Now lets hover over the link and see where it is going to direct us. By hovering over it I can see it is going to take me to "http://www.laterthanever.org/store/media/online.bankofamerica.com/boa/" this means the root domain is http://www.laterthanever.org/ not https://www.bankofamerica.com/

So now that I know this is not a legitimate email here is what you need to do, at the bare minimum click the spam button on your email client. a step better is to forward the email to phishing-report@us-cert.gov . This allows the government to track down those responsible for these scams, and notify web hosting companies that the site has been compromised.

So hopefully when you see emails like this in the future you will be able to spot the fakes, and please take the extra second to forward these emails to phishing-report@us-cert.gov so that those responsible for these crimes can come to justice.


Now if I can just get someone to hello me get my never heard of before relatives money out of Nigeria...
-Your company's IT guy
Center4nerds.com
Posted by at 2 comments:
Labels: , , , ,

Thursday, January 13, 2011

It begins

I have long wanted to be a technology reviewer, and have always wondered how to get started. after much thinking and procrastinating I figured a blog was a good place to start. I will start by reviewing the technology I have laying around the house and stuff I directly interact with. Eventually I would like to get a point where manufactures and vendors to send me stuff to try out. Any help I can get accomplishing this would be greatly appreciated. So for now it will remain with this post and hopefully I will be able to post something once a week.

(side note) anyone know someone who can look over my post for grammatical errors spell check doesn't catch everything ;)

Your company's IT guy
Posted by at 2 comments:
Labels: , , ,
Subscribe to: Posts (Atom)