In the ongoing battle over your computer, life would be a lot easier for the bad guys if you would just give them permission to use your computer/name/resources. Since you are smart enough to not do that, the bad guys will try and trick you into giving permission. Usually by having you voluntary click on something that will download malicious code or on a link that will take you to a site that looks exactly like your banking/credit card/other site.
This is called phishing for emails or spoofing for the fake sites. And it just got worse.
Most malware is coded to automatically try and replicate itself and continue to look for ways to infect other machines. Such as emailing a link to all the people in your email contact list. A new twist on phishing, called spear-phishing is a more targeted attempt.
You may have seen some clever spam emails that seem to have your own address at the top. If you look closer at the real code information located in the header text, you will find that this is not the case. However, in spear-phishing, the emails seems to come from someone you know and is well formatted without the grammatical and spelling errors so common in regular spam mail.
So what can you do?
- Be a smart emailer – never just send links, always add a little personal text so they know it is from a real person.
- Keep an eye open for failed sent emails. This can often alert you that your email account has been compromised. If this happens change your password immediately and run antivirus/anti-malware such as Malwarebytes.
- Never use a link from an email unless you are 100% sure it is legit. Take the time to type in the url in a new browser window, use a bookmark, or a search engine to find the site.
Mostly, just use your brain. The bad guys are always looking for new ways to trick you and a false sense of security is dangerous. Even if you think you are a smart cookie and wouldn’t fall for such a scheme, it can happen.
It happened to the Associated Press
References
