spyware, virus, spam, phishing ? a word of caution

Last night, my Inbox received an email which was sent from a friend with authentic email address. There was also a list of email addresses in the "To" field. All of those email addresses were familiar. The subject of the email was very attractive : "a group of famous celebrities in Taiwan caught dealing illegal activities (see attached photos)". No doubt. Caught my attention late at night. The friend is also like our journalist, always send out interesting articles about Taiwan. What can I say. Late at night, my mental alert level was not at high gear, but ... still functioning (see below).

I downloaded the attachment(from Yahoo Mail Account's Inbox). Norton Anti-Virus posted no complaint. Right before opening the attachment, the file name says "MS Dos Program". How can a MS DOS attachment have photos? Immediately, I replied the email to the sender asking about the authenticity of the email. Her response was : "I did not send it". She changed her email account password, as she believed her computer has a virus

It is usually the attachment or an URL in the email or IM that will cause problem, the following is my checklist of detecting virus, spyware from email, IM/MSN:

1) Ignore email contains generic subject line such as "Invite from a friendly friend" in the "catcher.hk" virus.

2) Ignore attachment in email has extension such as ".pif", ".vbs"..etc. (vbs runs Visual basic script)

3) If clicking on a link that looks valid, from an IM friend for example, "Hi, I finally finished my website. Please take a look. {valid looking URL}." as soon as clicking on it, and the browser keeps loading the page, exit immediately.

4) Most phlishing emails show valid URLs in the content , for example, "http://www.ebay.com". Mouse over the email content area. If almost everywhere in the email is clickable, the entire email is an image which actually points to another website, even with an authentic ebay logo. Best way is to copy the link from the email and past it in a separate browser. If the hyperlink can not be copied, it is an alert.

5) Trojan horse type virus. I did not believe much in freeware, but now give credit much to free AVG anti-virus software. Once I accidentally clicked on image on a website, this software flagged, "Trojan Horse Alert"
AVG anti-virus

6) Friends' account or computer may be hacked, such as my experience above. Last and most effective, reply to the sender if unsure. It also serves a way to notify them.

7) As long as do not download attachment or click on link, even opening a spam mail
is not disastrous. (Uploading html image in the mail does inform the spammer that your email is authentic.) Turn off auto-image display, if your email provider offers such feature.

I am not a pro in anti-spam. This is how much I know, and it seems to work thus far, with a bit of luck also! My computer was infected by ".vbs" once many years ago. I am careful since then, and have seen friends asking about virus, spyware, phishing, spam. It took significant amount of time to restore the infected computer. The checklist items will grow, and they already embed in my head naturally.

No comments:

Post a Comment