When I’ve seen some interesting computer viruses – I know you all like hearing about this and particularly how to avoid them. This one posed a threat to both a Mac and a Windows customer, but sadly only the Windows customer was severely afflicted.
Both customers were expecting packages to be delivered, either just before Christmas or shortly after. Most of us were, right? They received e-mails from Fed Ex saying that tracking information was being provided on their packages. The fact that it was Fed Ex was not important, it could have very well been UPS. There was a link in the e-mail that said to “click here for your tracking receipt’. However, all was not what it seemed.
1) The e-mail was not really from FedEx. One customer printed the e-mail for me and the From section clearly showed a sender that was NOT _____@fedex(dot)com.
2) The link for the tracking receipt was actually a link to a malicious website or a link to a a malicious file that placed a very nasty fake anti-virus program on the Windows computer. This is the kind of program that looks real, but then says — give us $60 to fix your computer. They aren’t after your $60. They want to clone your credit card number off in eastern europe, Nigeria or Jamaica and go on a spending spree. Yes, if you have a legitimate bank — you will not have to pay for those charges BUT the crooks will have already gotten their stolen goods through those purchases. Whether you lose or a store owner in Negril loses also — money was sucked out of the economy by these pirates. One of my customers got hit for $2500 (eventually refunded) by a similar scam in 2011.
3) When you shop at Amazon, ebay or (name the website), they don’t share your e-mail address with UPS or Fedex. Never! The only way you would get an e-mail with UPS or Fedex with tracking information would be if you took the initiative to sign up at their website and register for such notifications.
4) The virus / malware attack was not written for Mac computers, that is why only my Windows customer got infected. Furthermore, my Mac customer didn’t click on the link to get her tracking receipt. Simply opening the email, in this scenario — did not — trigger an attack.
Two key lessons from this:
A) If e-mail is in your SPAM folder – don’t wonder why. Unless you really know and trust the sender, don’t move it back to your inbox and then decide to open it up. Most of your e-mail programs have a button to delete all SPAM / Junk with a click of a button. Do it. Unless it deletes your junk mail for you automatically.
B) Update your Address Books / Contacts list every now and then. Make sure the people who send you emails regularly are in there. This will all but guarantee that their messages won’t be placed in your Junk folder.
Stay tuned for part 2 of this Daily Double from me — Computer Pricing Math.