Don’t Panic – and Don’t Click!
Every once in awhile, the evil people who run phishing scams and spread viruses figure out a way to get an email past your spam filter and into your InBox. They can be very tricky and scary. For example, look at this email:
It’s confusing. Did someone just take $760 from my PayPal account? It sure looks like it.
If it’s a virus attack, clicking on anything in this email will execute code that says “You have my permission to install nasty stuff on my computer.” You need to take those words very seriously. Assuming you have a decent virus scanner installed, viruses cannot attack your computer unless you give them permission to do so. When you Yes or No or an email link or anything, you give them permission.
So when this kind of thing shows up, there’s only one thing you should do: Delete it. Move it to the deleted items folder and then empty that folder from time to time. Never click on anything like this.
Phishing scams work this way: You get an email like this and your first response is, “I didn’t authorize that.” So you want to log into PayPal and check it out. You click on the link, enter your username and password. Now the bad guys have your PayPal account information!
At that point, one or two things happen most commonly. One is that you are redirected to your real PayPal account and logged on with the credentials you just gave. The other is that you get an error message. The kind you normally ignore. That might prompt you to go log into PayPal, which you do successfully. You don’t realize that you’ve just given away your credentials.
There’s an easy way to check fake links. Just hold your mouse cursor over the link. Geeky computer code link will pop up showing you where it REALLY will take you. If it does not match where it says in the text or seems at all odd don’t click it. Don’t be curious. Don’t even get angry. Just delete it.
One of the common questions we IT Consultants ask each other is “Do you charge managed service clients to fix viruses?” (Managed service means you pay a flat monthly fee for the maintenance of your computer systems. It can’t include everything, but it normally includes almost everything.)
My answer is: We will fix one for free. But if the same person infects her machine three times, then she’s not really trying very hard to avoid viruses.
Technically, by clicking on that link, you give the bad guys permission to attack your computer. Once you know that and continue to do it, then fixing your computer becomes a billable event. So in addition to costing you downtime, give access to your PayPal account, and potentially opening a security hole in your entire network, you might get a bill from your tech support people.
All in all, it is very easy to avoid these scams. Just make sure everyone in your office knows what to do.