Spoof and fake e-mails are today sent out at an alarming rate. Some of these fakes are actually becoming very authentic in their appearance, although it amazes me that these obviously fairly sophisticated spammers cannot always get their spelling and punctuation right! Many virus related problems I am called to resolve here in France originate from an e-mail attachment or from a click on a link in an e-mail to an executable program, so I thought it would be useful to draw attention to the types of fake e-mails currently doing the rounds on the Internet.
Many Internet security packages come with an anti-spam feature. You can also block individual addresses with most e-mail programs. However, anti-spam measures are not infallible and you should exercise caution when faced with a suspicious looking e-mail.
French Internet users often have a head start in dealing with spoof e-mails – they are often written in English, so alarm bells would start ringing straightaway for a French person checking his boîte de réception (inbox). However, Anglophones in France will not find it unusual to receive an e-mail in English, and so can easily get tricked.
A common trick at the moment is for the spoofers to ask for your account details (password and login) for a particular site or for your bank details. No reputable company would ever need to solicit you for these details, and they would certainly not ask you to e-mail such details (remember, any bank details you submit over secure sites are encrypted, which would not be the case with details submitted via an e-mail).
In order to check whether an e-mail is fake, there are a few things to look out for. If you know that you have no account of any description with whoever is writing to you, you can therefore assume that this is a spoof e-mail. However, if you have any type of account or history with the supposed “company” writing to you, it is easy to get drawn in and start reading the message. The sender address may look fairly authentic too. Any requests for account or personal information should ring alarm bells. Be careful with links in an e-mail. If you hover the mouse over a suspicious link, you can see in the bottom left hand corner of your browser where that click might take you. It may look like a load of rubbish to the untrained eye, but you will probably (although not always) see a discrepancy with the link in the e-mail. Clicking on these links can cause an executable program to run which can get you into a mess or could take you to a fake website. So if you have any doubts about the validity of the e-mail and its link, delete immediately.
Look out for spelling mistakes, dodgy punctuation and poor grammar. Spoof e-mailers are working on these, but still can’t master the apostrophe. The e-mail may have a slightly harassing tone to it, urging you to take such and such action as soon as possible or your account will be closed. Be aware if you are receiving orders via e-mail of this nature.
You have done all these checks, the e-mail looks authentic, and so you are concerned about your account status. Refrain, however, from actioning anything through the e-mail – go to the site itself and check your account status. You will probably find that everything is in order and that e-mail was a well-disguised spoof.
E-mail attachments can also cause problems – there are some great toolbars on the Internet that can add tailored functionality to your browser (such as Yahoo! and Google), but beware of ones that are foisted upon you via an e-mail. These are generally laden with spyware and will definitely not enhance your enjoyment of the Internet.