Helping people with computers... one answer at a time.
This is Leo Notenboom for askleo.info.
Like most of you I'm sure, I get a fair amount of spam including a healthy share of virus-laden messages and attachments as well as phishing scams.
Most of these messages work by trying to trick you into doing something - perhaps buying something, opening up an attachment, visiting a web site, or at its worst, visiting a web site and entering your personal information.
Phishing absolutely amazed me on several levels.
For one thing, so many of them are absolute junk! Broken English, horrible formatting, even broken HTML in many cases - links that are obviously fake.
A good 90% of the spam I get falls into that "so obviously fake, why do they even try?" category.
Hence my second point of amazement: they work. As bad as those emails are, people fall for them every day. Even after all this time. And it's not an issue of stupidity, through I'm sure there's some of that out there, it's more about ignorance and education. What's "obvious" junk to you and me isn't so obvious to many.
But that leads me to my third point, which I find kind of scary: a phisher who would take the time to craft a proper message and write proper English could rule the day. With so many phishing, virus and other spam messages being so horribly, obviously broken, either in form or in language, a message that wasn't would stand out. Or rather, it wouldn't stand out as being so obviously bogus. And that would increase the chances of its success.
They are out there. I almost fell for one a few months ago. The timing was right - I was involved in transaction inquiry with my credit card company, and sure enough I got email that looked like it was from a credit card company and looked fairly legitimate. The phisher had taken the time to craft an appropriate lure. As a result of the coincidence of my expecting email from my credit card company, and the good imitation done by the phisher ... well, I almost clicked through. But I've trained myself. I always look at where the link really goes by hovering over it before I click. Sure enough - it was a total fraud.
And just to be clear, depending on your mail program, that "hovering over" I did can also be spoofed. Really, the only totally safe thing to do is simply never click on links in email unless you're totally certain that you trust the source.
Like I said, right now most spam is laughably bogus. But if more malware and phishing authors ever get a clue, it's going to get a lot more difficult to tell what's real from what's fake.
I'd love to hear what you think. Visit askleo.info and enter 12058 in the go to article number box to access the show notes, the transcript and to leave me a comment. While you're there, browse the hundreds of technical questions and answers on the site.
Till next time, I'm Leo Notenboom, for askleo.info.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.