Spam and Phishing E-mails, What you can do.

Ok, I hate spam, and I get loads of it. I hate phishing E-mails, and I get them too. Now truth is with the increase in the use of the internet came the increase in fraud and identity theft. So what can you do to protect yourself. Well for starters, it is you that needs to protect yourself, don’t trust software on your pc to do it for you, be alert, as it’s far too easy to walk into a trap.

Lets start with SPAM. Spam is a nuisance and we all get spam E-mails. Many people wonder how their E-mail address ended up being on a spamming list. Well, it can happen a number of ways, sometimes your E-mail address is sold (maybe you didn’t tick THAT box, or maybe they just give your details away). Sometimes you might put your email address on the net, maybe in a forum/blog post, maybe in a web form that your submitted, if in plain text on a page then a spam bot (a piece of software crawling the net looking for plain text email addresses) will find it, add it to a list and you will get spam. These spam lists are generally distributed out to many different spamming machines (or zombie/slave PCs which will send the spam e-mails without the user realising). Avoiding SPAM is done in a couple of ways, firstly do not reply or click anything in a spam e-mail (it makes things worse, it confirms that your e-mail address is valid) just delete them, if you use an e-mail client with SPAM/Junk filtering, set it up and get used to using it, (if using Hotmail/Gmail, etc then use the junk tools on there). More of a preventative method, use two E-mail addresses, perhaps one purely for personal correspondence and one for internet use, the one for personal correspondence will not get any spam because it will never be given out on the net (if you put it anywhere on the net it will get spammed, fact).

Phishing is really bad, but can be spotted if you look out for certain things. Phishing refers to an attempt to steal your Login details.  Phishing e-mails are often caused by the same things that cause SPAM, there are also general targeting methods which involve sending an e-mail to many different variants of an e-mail address, maybe the same first part (before the @) and then different domains (after the @). I tend to get those quite a bit, easily spotted because the “TO:” or “BCC:” fields will have lots of e-mails listed, all similar to yours, but with the variants above. DO NOT CLICK ANYTHING IN THESE E-MAILS. The “FROM:” field will usually be a fake address (looks genuine, can be convincing, but really really isn’t). The contents of the E-mail may well sound legitimate, but check all hyperlinks (don’t click them). This is one reason I recommend Mozilla Thunderbird, holding your mouse over a hyperlink will tell you url (website) the link actually goes to. Phishing E-mails have links that say one thing and do another, so always check. Thunderbird will also warn you if it suspects the message is a scam.

Phishing websites/webpages are easy to spot too. Always check the address bar of the browser, if the address isn’t what it should be then stay away. You can also check the hyperlinks on that page, following the same rules as for the E-mails, if the link doesn’t point where you think it should, don’t use it.

There are different levels of phishing. Many people use social networking sites, e.g. Facebook or Myspace, and put their information on there. However, there are many phishing sites trying to steal user login details. Trust me, I’ve seen them with my own eyes, and if you don’t think about it you will get caught out. They can be quite convincing, and with many younger people using these sites, having their login details can be quite worrying, and can cause problems. So keep your eyes peeled. I CANNOT STRESS THIS ENOUGH. YOU need to be alert.

Bank details are obviously more sought after. Generally a bank will not e-mail you asking to provide them with details, or to log in to your account. If they do they do not give you a link to do so. If a link is provided then use the secure method of going to the bank’s website yourself. If you are worried or concerned about a possible phishing attempt, or just want to check if an e-mail is legitimate, then you may be better off phoning the bank. Banks take phishing and fraud very seriously so do not be afraid to check with them.

Parents should be monitoring their children when they use the internet. If you can secure your pc, and make sure that you use some site filtering software, and block certain websites. Make sure you know what your child uses regularly, and check it out for yourself. If they use social networking sites, talk to them about the information they put on their pages, and explain about why putting information about yourself on the internet is not always a good thing.

I hope that covers all of that. Leave comments about your views, or if you have any questions.