Protect Yourself From Phishing, Spam, & Viruses
If you’re in business, then you likely have at least one email address posted somewhere online (like your website, for example).
This is probably so your customers and prospective clients can reach you.
Unfortunately, customers and clients aren’t the only ones who can get your email address from the Web.
Spammers and scammers use programs that crawl the Web looking for email addresses to add to their lists.
The idea is pretty simply: have the program scour thousands of web pages (done very quickly) looking for strings of text in the form of email@example.com.
Once they get your email address, some of them send you spam, messages laced with malware (viruses, adware, etc), or phony emails known as phishing messages.
More on this in a minute.
There are also other ways spammers and crooks can get email addresses, which I covered in my How to Avoid Spam Email post.
Businesses want both new and current customers to be able to contact them, but don’t want an inbox full of spam.
What shall they ever do?
The article link mentions some tactics which could help reduce the amount of spam anyone (including your business) gets.
For example, we could post our email address on the company’s Web page as youremailaddressATyourcompanyDOTcommmm or some wacky variation of that and hope that people can crack the code.
The problem with this is that the convenience of clickable email links, which automatically open a new email window with the address preloaded into the “send to” box in Outlook and many popular email programs, is lost.
And it makes people think too much to decipher the email address.
I know it sounds bad, but making people think too hard on your website when you want them to buy or contact you is not a good idea from a marketing prospective.
The truth is, it’s inevitable.
Even with the best spam filter and best practices, some spam will find it’s way into your inbox.
An Example of Spam Email Baited with a Virus
Below is an example of a message I received the other day.
Keep in mind that I’m a business owner, so my email address is posted on my website…
The above message is spam, baited with malware, and a phishing message in the sense that the sender is masquerading as a trustworthy entity (though it does not directly ask for any password or log in information).
How to Tell if Email is Spam / Phishing / Laced with Malware
How do I know this message is a bogus (and a spam) message?
First of all, I have no accounts or any relationship whatsoever with Wells Fargo (some phishing emails supposedly come from institutions you may have a relationship with, such as Facebook, etc — never send anyone your log in information without knowing for sure who they are!).
Why would they send me any sort of documents???
Second, though the message looks slightly realistic (phishing), a real institution would most likely NOT attach a .zip file (the first attachment in the upper left of the picture).
Rather, they’d just attach the document or link to their SECURE website where I can log in and view any communication they may have for me.
Third, the grammar would make your English teacher cringe.
The first sentence reads “we have received this documents from your bank…”
This suggests that the email was crafted by someone who either:
- has no clue what proper English is all about
- is unprofessional
- is from a foreign country
The third answer is most likely correct.
Malware and email phishing scams often originate in foreign, non-English speaking countries.
All in all, this message SCREAMS malware, virus, and/or spam.
Had I opened the attachment, my PC would most likely have been infected with some sort of virus, malware, or spam bot, which could result in stolen passwords and a stolen identity (again, phishing, in a sense).
I talk more about identity theft and how to avoid it in my How To Prevent Identity Theft & Keep Your Data Secure post.
Had I clicked the link, it could have taken me to a rogue website where horrors similar to those above could have occurred.
NEVER open any attachments or click any links in an email like this!
Hit delete, just like I did.
When in doubt, use the tactics presented in the articles I referenced in this post.
We may never be able to totally eliminate spam, phishing, and malware-baited messages, but we can be smart and keep our data, identity, businesses, and computers safe!