'Spam Spotter Rules: It’s the bit before the .com that counts' blog discussion

jude_the_obscure

I recently clicked on my bank from my bookmarks list. It looked perfect until I was logging in and was asked for my full PIN and password. This on the same page that said we will never ask for your full PIN or password! I called the bank's fraud line and they recommended I take my PC to an expert for cleaning. It turned out I had several trojans and assorted malware that took quite some clearing, in spite of having plenty of protection. My online banking was suspended and it was nearly 2 weeks before I was confident I was clean. I don't follow suss links or go to dodgy sites so I've no idea how I got infected. There was no damage to my bank account or anything else but it was very inconvenient. Now I always type the URL to go to my regular sites, as the bank advised. No more bookmarks.

CJMITSystems

OK
Repeat after me:
1. Never click on email links
2. If you expect the mail then follow point 1, rather cut and paste as someone suggested
3. Never open or click on attachments
4. If you receive an attachment EVEN from family follow point 3
5. If you NEED to open or get the attachment then DO save it first to your PC and scan it with anti virus software.
6. Never open mail from un known origins, the moment you open it you might be hosed, There are exploits that will hose your PC just by looking at a Web page, and most email clients make use of web technology.
7. Be careful to "un-subscribe" from mail lists that you did not subscribe to. This could be a method of making sure the mail address THEY spam to does exist!

And so on...

Eco_Miser

CJMITSystems wrote: »

7. Be careful to "un-subscribe" from mail lists that you did not subscribe to. This could be a method of making sure the mail address THEY spam to does exist!
And so on...

I think you meant

7. Be careful not to "un-subscribe" from mail lists that you did not subscribe to.

Following the unsubscribe link is as bad as clciking on any of the other links in a dodgy email.

If you're not sure whether it's a genuine email or not, use the View Message Source (Ctrl-U in Thunderbird) to see the hidden codes. This is safe to do (if you do it right), as the display is plain text with no clickable links or autorunning code - you will see the code or the fake links if they're present, but they can't be activated from that window.

skipness

mroakley wrote: »

Just in the last couple of weeks I've been getting lots of these spoof emails - Halifax; Abbey; Tax Office; etc. I'm also getting loads from "pharmaceutcal suppliers", offering everything from Viagra to antidepressants, which look very dodgy. Should I be worried that I'm apparently, all of a sudden, being targetted? I haven't clicked on the links they send and so far, if my PC Tools anti-virus is correct, I haven't picked up any viruses. But I'm still worried - especially now I've read all this information here. I generally use the same password for everything - online banking; bingo; job sites; you name it. Should I change my password(s)? I can't even remember half the sites I'm signed up to. Jeez, I can feel a panic attack coming on!
Can anyone give some additional, very basic advice here (keeping in mind I'm relatively new and green to the internet) on what I should do to tighten up my security?
Many thanks
M

There is a very useful piece of software called "roboform" that allows you to save multiple different passwords and logon IDs. There is a free trial version for up to 10 passwords, or you can pay for a more complete version. As part of my work I deal with several Govt departments who insist on passwords that include upper case, lower case, numeric and character symbols.. and cannot be changed by the user. This avoids having to write passwords down on paper and keep in your office drawer.

Bodincus

Let's get some facts down first:

1. A URL (Uniform Resource Locator) is made by an indication of the protocol used (e.g. http for the web), a separator (:) and an address (e.g. forums(dot)moneysavingexpert(dot)com);
2. Every URL must be read right-to-left, e.g. http(colon)(dash)(dash)forums(dot)moneysavingexpert(dot)com is in the com TLD, belongs to the moneysavingexpert domain, is the forums host, and you are connecting to it via http;
3. An address is made by a host name (forums), a domain name (moneysavingexpert) and a TLD (Top Level Domain, e.g. com);
4. A TLD can be geographic (uk, de, it) or not (com, org, net);
5. In a special case for us and other countries, our TLD is composite, where our geographic TLD (uk) is preceded by an indication of the category of the domain (co for companies, org for other organizations, gov for Government sites and so on). That would result in a four-part address like www(dot)hmrc(dot)gov(dot)uk;
6. Don't get fooled by some strange looking addresses like www(dot)oddsite(dot)uk(dot)com, the uk bit must be at the end; that address is on the uk(dot)com domain name, and not an UK based site: the com TLD is from the USA.

Now that you know how a URL is made, it will hep you to spot if a site is what it purports to be, or is a phoney one. Just follow some rules:

1. NEVER click on a link in an email;
2. If you were not expecting that email, see point 1;
3. If you are a customer of the sending company, see point 1;
4. In any other case, see point 1.

And remember to keep your PC up-to-date: updates to your operating system and office suite, but also to all of your applications (especially Adobe Flash and Reader).
If you are using Windows or MacOS, an antivirus is compulsory.
I'd recommend the free version of Avast!, but other free options are available (e.g. Microsoft Security Essentials).
To keep your system in shape, give MalwareByte's Anti Malvare (Google MBAM) a spin. It's free and quite effective in eradicating many nasties from your patch.
And if you have the slightest suspicion, seek expert advice.

DB1_2

Another good Firefox add-on is Flagfox. Sticks a country flag at the end of the URL bar and mouse over gives domain, IP and Country.

So if the link you clicked on is supposed to be your UK bank - and it comes up with a Chinese flag...............

HateBanks

The bbc -itv link is spooky!
I always read the address properly re what before the . com bit, but didnt realise it could be a complete 'mislead'. Thanks:)

dralphs

Another tip

make sure your email provider offers a spam blocking filter on your email address and if it doesn't switch to another that does. You don't have to use the email provided by your broadband supplier.

I also have built my own custom start-up home page, which is saved to my hard drive. On it is links to sites i regularly visit. think of it as a custom bookmarks/favourites folder but its on your own homepage. No chance of a dodgy site adding a fictious address into my bookmarks, and as i created the links i know they are correct.

Mines built by hand, but there are plenty of tools to build simple html pages or if you must, use Word, add links to a new document and save it as web page filtered. Point your browser to the file and set it as your home page

wiganshale

albinohawk wrote: »

Thought I would share my spam strategy.

I tend to treat all mail with suspicion (guilty until proven innocent), operating on the principle that until verified its a stranger telling you to do something. Obviously there are different ways of verifying - friends talking about things you know, emails requested from forum. Anything with links to finance stuff sets off alarm bells in my head.

I also have 3 levels of email addresses. One with my handle for anyone and anything such as forum sign ups etc. A more businesslike one for shopping and banks etc, and a personal one just for friends. It keeps my personal one pretty clear and I know i can trust those emails a little more.

Finally I use Thunderbird which has a great bayesian spam filter in it and makes it very easy to tag spam. I also have an extension that moves tagged spam into a Spam folder and adds a delete all spam button. That means I only have to run my eye down a list of say 10 potential spam emails before more often than not hitting delete all.

Hope that helps

I'd like to add my own strategies:
I use a hotmail account for all sites that ask for such. That way all spam tends to go to there only and hotmail has various features that make it easier to identify and deal with spams.
I open up a second browser window to google the site name coupled with key words such as "complaint", " spam" &"scam".
Last, I use google-maps to check out any addresses given. I zoomed in on one and got a picture of a shop offering accommodation address facilities.

Eco_Miser

dralphs wrote: »

make sure your email provider offers a spam blocking filter on your email address and if it doesn't switch to another that does. You don't have to use the email provided by your broadband supplier.

I moved the other way. Before my ISP did spam blocking, and after, when it was optional, I used my own filters, on a program called Magic Mail Monitor, which deleted spam direct from the server, according to my rules, or flagged it as probable spam for me to check and delete or not, according to my rules. So I never saw most of the spam/malware, and dealt quickly with the rest.
Now my ISP has outsourced to Google, which dumps emails from my banks and even my ISP in the spam folder, so I have to keep checking it, and scan all the spam, through their horrible webmail interface. In all, a much worse experience, and the possibility of losing important notifications. So I've switched the important stuff to a 'vanity' domain of my own.

dralphs wrote: »

I also have built my own custom start-up home page, which is saved to my hard drive. On it is links to sites i regularly visit. think of it as a custom bookmarks/favourites folder but its on your own homepage. No chance of a dodgy site adding a fictious address into my bookmarks, and as i created the links i know they are correct.

I did that many years ago, and now have several sub pages to keep things organised.
As a further precaution, the page with links to my banks and utility companies is stored on an SD card, along with my budget spreadsheet and other important personal data, reducing the chance of interference by malware even further.