No matter how careful you are with security and virus protection on your computer, you might still fall victim to unscrupulous individuals who attempt to use your email account to send spam or steal data. There is no ironclad method of avoiding these problems, but there are some steps you can take to protect yourself.
Email spoofing has become the most common form of email scams. A type of high-tech forging, spoofing occurs when someone sends an email and pretends it is originating from another source – one the recipient would assume is legitimate. Spammers write programs that allow them to send emails en masse from one server that appears to the recipient to be from a completely different source. The intent is almost always to gain access to sensitive data – passwords, usernames or other personal information. Unlike hijacking, which happens when a spammer actually breaks into your email account to get to your address book, spoofing doesn’t involve breaking into your account. It is more insidious – and harder for the unsuspecting to detect.
Spotting Spoofs
Spoofed emails can look very convincing – just like the reliable source you know – and often include links to websites that look legitimate. Common spoofed sites include financial institutions, retail sites, well-known spyware program sites and other websites that you might use. These spoofed emails almost always request user information, passwords and other confidential data. If something shows up in your inbox from a source that doesn’t usually email requests like this, be suspicious. As a general rule, it is a good idea not to click on links embedded in emails just in case the senders are not who you think they are.
Watch out for urgent alerts that pop up while you’re online, informing you that your system has been invaded by malware. Don’t fall for it. If you are on a website and a window suddenly opens up on the screen exhorting you to use it to run an anti-virus program immediately to save your system, don’t do it.
Getting out of the situation safely without activating the program can be tricky. Avoid clicking on anything at all in the virus/infected system window that just appeared – don’t even hit the X in the window to close it. You must get offline completely. If you are using Microsoft Windows, the safest escape is to hit ALT F4. Once offline, run your spyware/virus protection programs plus any spybot programs you have.
If Your Business is Breached
Bad as it might be to receive a spammed or spoofed email, matters can be even worse if your website or email become the unwitting source of problems for your clients. For a business owner, a hijacked or spoofed website or email address can seriously damage your business operations. If your systems are breached in any way, you must be proactive. Contact your clients, business associates, friends and family by email and phone immediately to alert them and let them know what the bogus emails might look like. Tell them the problem is being resolved and ask them not to send any confidential data in response to any requests from your email address. Send a copy of your alert via snail mail, too, as well as follow-up information when the issue is resolved. Let clients know when the crisis is over and update them on your new security procedures and programs.
Keep security basics in mind at all times. Choose passwords that are complicated, and don’t use the same combination for all your online accounts. Keep security and antivirus programs current and update them often. Don’t expose your computer system to unnecessary risk. Be cautious about third-party applications that are associated with social media sites – don’t give anyone access without considering the implications.
