Welcome to the first in a series of beginners computer guides. Over the next few articles I will be covering PC purchasing, setup, security and every day use. I hope these guides will help the newcomers among you to get more out of your= new purchase while also being useful to the more experienced user. So let’s get started with the first guide.
Over the past few days I’ve been considering which topic to cover in this first guide and was intending to start with the obvious, basic PC setup, but then a kind person sent me an email and I decided that security is where I must begin. The email in question arrived a few days ago and informed me that I had won the British National Lottery and only had to reply to the email in order to receive my £1,000,000. I’m quoting the email here with the addresses removed:
NATIONAL LOTTERY HEADQUATERS
CUSTOMER SERVICE,
LONDON
UNITED KINGDOM
Ref: ******
Batch:*******
WINNING NOTIFICATION.
We are pleased to inform you of the final announcement of 15th April
2008 of winners of the National Lottery Promo International program.
You were entered as dependent clients with: Reference NUMBER: *****
and Batch number *****. Your email address attached to the ticket
number:******* that drew the lucky winning numbers
02,03,23,33,40,46 and bonus ball 30 which consequently won the Jackpot
in the first category,in four parts.
You have been approved for a payment of One Million Great British
Pounds in cash credited to file reference number:*********.
Congratulations!!!
Please contact the under listed claims release office for immediate pay
out of your winning fund:
Name: *****
Email:*****@googlemail.com
To avoid unnecessary delay and complications, Please quote your
Reference /batch numbers in any correspondences with us or our
designated agent.
Congratulations once more from all members of staffs, management team
and directors of this program.
Yours faithfully
This email might seem reasonable at first glance but there are at least 6 things in it that should raise suspicions.
- I didn’t buy a lottery ticket and I didn’t attach my email address to anything even remotely connected to the lottery. This is a good first indication that this may not be a legitimate email.
- The email was sent from a Gmail account, @googlemail.com, and the reply was to be made to a Gmail account. The National Lottery website states that a= ny email communications are from addresses ending in @national-lottery.co.uk.
- The amount of money won is stated in the email. Again, the National Lottery site states that it does not inform players how much they’ve won in an email.
- The title of the email is WINNING NOTIFICATION. The National Lottery does not send any emails with this title.
- The lottery headquarters postal address at the top of the email does not contain any specifics like a Post Code.
- Finally, notice that my name never appears anywhere in the email.
As you can see there are a number of issues with this email making it suspicious and certainly not something you want to reply to. For more information on how to spot National Lottery fraudulent emails please visit www.national-lottery.co.uk/player/information.do?info=commonscams.
OK so that’s a specific email but what about the rest. Well there are some guidelines on how to spot potentially fraudulent emails:
- Look at the URL being used in the email. On the web a URL is simply the address of a website such as http://www.22hundred.net/ or http://www.microsoft.com/. These are legitimate websites. Scammers will sometimes place URL’s in emails that have typos in them, such as www.micosoft.com. For more information I recommend reading http://blogs.msdn.com/securitytipstalk/archive/2007/11/06/approach-links-in-e-mail-with-caution.aspx.
- If the email is offering something that seems too good to be true then a good general rule is that it normally is. Approach these emails with extreme caution.
- Look at the senders email address. The address will end in @<something>.<something>, e.g. @22hundred.net or @national-lottery.co.uk. If the email is claiming to be from a legitimate company then expect the address to end with the company’s website address. If it doesn’t then treat it with caution.
- Scams are often listed on sites like http://www.snopes.com/. You can go there and search for information on a suspicious offer, such as "fee for Hotmail".
That’s fraudulent emails but what other dangers can emails have. The biggest threat to your computer coming from emails is that of the attachment. Attachments are great if you know who the email is from and what it is. However if you do not know who sent the email then you should never open the attachment. From the wrong person an attachment can be a virus or similar piece of malware. Malware is the type of software that can cause damage to your computer and/or steal private information. If you do now know who sent you an email or if you're suspicious about an attachment that was sent to you by a friend then do not open it. It’s better to say that you didn’t see the picture he or she sent than to have your information, such as bank details, stolen. If you are not sure how to tell if you have an attachment then look at the little envelope icon beside the email in your Inbox. If it has a little paperclip on top of it then the email has an attachment.
So to recap on everything covered so far. If an email arrives into your Inbox and you do not know who the sender was then treat it with caution from the beginning. Do not open any attachments and under no circumstances reply to the email with personal information. Remember you have probably not won the Spanish/British/American lottery.
Labels: Email Security, Fraud, Guides, Security
