Dec 01 2009
Think before you click!
People are probably going to get tired of reading this, but it is one of the most important lessons you can learn to protect yourself online. Whenever you receive an e-mail with a link or visit a new website, think carefully before clicking! So many of the viruses and other malware being spread today only succeed because the cyber-crimimals are able to persuade users to click on a link that launches the attack.
A reader sent me an e-mail they had received about a potential virus, and wanted to know if it was real or a hoax:
Skip,
There is an email going around with the info below; have you seen it? Is it real?:
“I felt this was worth passing along. With Christmas coming up, I can see where this could be a real problem.
The newest virus circulating is the UPS/Fed Ex/DHL Delivery Failure. You will receive an email from UPS or Fed Ex or DHL Service along with a packet number. It will say that they were unable to deliver a package sent to you on such-and-such a date. It then asks you to print out the invoice copy attached. DON’T TRY TO PRINT THIS. IT LAUNCHES THE VIRUS! Pass this warning on to all your PC operators at work and home. This virus has caused millions of dollars in damage in the past few days. “
Snopes confirms that it is real http://www.snopes.com/computer/virus/ups.asp
So I did a little checking, and yes, there is a real virus that was being spread in this manner. This particular one goes back to 2008. However, the fact that it occurred so long ago does not mean that someone could not resurrect the idea for the holiday season. After all, they usually only need a very small percentage of the recipients to click on the link for it to be profitable for them.
Just think before you click. Do you know who this e-mail comes from? Did you order or ship anything recently? Does the e-mail use proper spelling and grammar? If you hover your mouse over the link, does the URL in the status bar match the link? Can you go into your web browser and go directly to the company’s web site rather than click on the link?
These attacks often rely on the user going to a site and downloading or executing a file to deliver the virus. However, more are being delivered by “drive-by” infections. That means that the virus is downloaded and executed in the background when you visit the site – no further action is needed. So that single click could be all that is necessary to have your personal and financial information stolen.
(H/T to Lemont Kelsey for brining this to my attention.)