New Malware Scams
Oh, those hackers. Those clever, clever hackers. Forever coming up with new ways to trick us into thinking their messages and links are from trusted friends and companies we do business with. Here are some of the latest examples I’ve seen – be on the lookout for them, and don’t get suckered in to clicking those dastardly links!
Junk Phone, Phone Malware
Even though I have a very basic pay-as-you-go phone that isn’t a smart phone and doesn’t run apps, my number’s been getting caught up in the net when spammers and hackers send out their malware junk phone (like junk mail, but on your phone) messages. If you have a smartphone, be very careful about tapping on messages like the one I’m about to describe; just one stray tap and you may launch the Trojan that’s hiding behind an innocent-looking message.
These malware and junk phone text messages often come through looking as if you’re mid-conversation with someone and generally include a very common first name — a name that’s likely to match at least one of your friends, co-workers or family members) and that’s partly how they trick people into opening the message and tapping the included malware or spam links.
Another type masquerades as being from a financial institution you do business with, and these are the most dangerous since the people sending them are identity and financial account information thieves. They’re particularly sneaky and underhanded, in that they will often claim to be reporting some kind of security breach on your account; since this is something most of us fear, LOTS of people get suckered in by these types of messages.
The key to recognizing that these messages are not legitimate is that they come from a phone number you don’t recognize, typically in an area code you don’t recognize.
Always delete such messages; if it was anything important from anyone legitimate, they’ll call you back. If you suspect it may be a legitimate message from a financial company you DO have an account with, go to your latest statement from that company and call them using the customer service number listed there: DO NOT call back using any phone number provided in the suspicious text.
While Trojans and viruses that may be lurking in these messages are generally incompatible with, and therefore harmless to, non-smart phones and tablets without cell functionality, some are still capable of grabbing your contact or billing information so it’s a good idea to be vigilant about them.
Here are a few examples:
[common name] gave me your number and asked me to send you this [spam/malware link]
Have you seen this?! [common name] told me to forward it to you. [spam/malware link]
IMPORTANT INFORMATION ABOUT YOUR ACCOUNT: please contact us immediately at [phone number or spam/malware link] to prevent service interruption.
YOUR ACCOUNT MAY HAVE BEEN COMPROMISED: please contact us immediately at [phone number or spam/malware link].
SUSPICIOUS CHARGE ON YOUR CREDIT CARD ACCOUNT: please contact us immediately at [phone number or spam/malware link] to prevent service interruption.
Email Scams and Malware
As I explained in an earlier post, How To Avoid Computer Viruses: Links, the key to recognizing these kinds of messages are from hackers and scammers is to check the links. Mouse over any links in the email—BUT DON’T CLICK ON THEM!—and see where those links go. The full web address will be listed at the bottom of your browser window when you do this, unless the sender has done something to hide the address. But anyone who does that is up to no good, so the fact that no web address displays at all is a prime malware indicator.
Also view the full email address of the person who sent the email, because the Username that’s displayed can be set to anything the user wants. I could create a Hotmail account today and list myself as BankAmericard Member Support Services, and no one would stop me from emailing people under that alias.
Here are some screen shots of recent scammer / hacker emails I’ve received. Note that my email provider, Gmail, is pretty good at identifying spam and suspicious emails, but your program may not display the same kinds of indicators to you.
Notice that the return address shown in the screenshot above (listed next to the fake “Support” username) is NOT google.com. Any legitimate messages from Google will always come from the google.com domain.
When I moused over the links in the message above, here’s where they were going: www.portaldj.vsi.ru/vengeance.html. I think the page title (“vengeance”? Really?!) is pretty much a dead giveaway that nothing good is waiting for me, you, or anyone else on the other side of that link.
Notice that here too, that return address is all wrong. Anything that actually comes from PayPal should have a paypal.com return address. When I moused over the “Click here to resolve the problem” box, the web address was hidden. NEVER click on a hidden link. The only people and companies that use them have something to hide.
Again, if you have reason to believe PayPal or any other company you do business with really IS trying to contact you, contact THEM yourself, using customer service phone numbers, links and email addresses provided on your billing statements or on the business’s site, after you’ve logged in normally.