Educating one user at a time

Today I got to see the world of spam from a slightly more personal side – My uncle’s Hotmail account was hacked and sending out notices about electronics, motorcycles and other popular online items for purchase. After receiving this message (below @ bottom of post) I sent a short note back asking if this was a legit message from him (generally I get more family related emails that are a little more personalized) endorsing this site, so this was out of character. I was fairly sure about what had happened though, and my suspicions were confirmed when his vacation auto-reply returned with the identical message I had received overnight.

Within minutes he had replied back stating that he never sent that and wanted to know what he could do to fix his PC. We began walking through all the things he should look at:

  • Change your password immediately – luckily he still had control of his account (sometimes passwords get changed making it very hard to stop this type of issue)
  • Review your Auto-responders next – more people had started to reply asking about this odd message, and stopping the flow is equally important
  • Update your Virus and Anti-spy-ware tools and run a full system scan – You may not catch everything, but it’ll give you a little peace of mind

OK good we now have some feeling of control back to the account – the messages have hopefully stopped and life can go on, but there are still questions.

In your experience does his type of activity (is it called phishing?) pose any risk for the recipient if they do not open the website? . . . How about if they do open the website? Both great questions – I was excited he knew what Phishing is and used it appropriately – so here goes.

If they don’t open the link in the mail there is little risk, but the likelihood of someone you know opening it higher based on the personal feel of the message. I only caught it because I’ve seen my fair share of these already. This is a new vector in the world of spam – using a Phished account (in this case yours) to email the contact lists of the target, they call it “spear phishing” because of the targeted nature of the messages and the higher levels of trust associated with them being from a known contact.

Other type of these messages include – I’m stuck traveling over seas and have lost my wallet can you wire me some money to get home, or product reviews and endorsements.

What’s next for my uncle?

  • Once he has changed his password and disabled the vacation auto-responder, I recommended he send a quick email everyone in your address book – Don’t click that link if you got it or change your PW if you already have
  • Keep an eye on your account to make sure this doesn’t re-occur and be careful where you use it on the web (maintain different passwords and user names where possible) to avoid easily guessable access to your account.

Copy of the email – (URL broken on purpose)

Hello,
How everything going? One of my best friends has a site mainly for electronics, and price is fascinating! Laptop, I phone and motorcycles are most popular stuff, their items are fully with original quality, furthermore, if you want to do wholesale business, please do not hesitate to contact them.

On their website, they have Online Customer service, if you have any questions, they can help you. please forgive me for this email if you are not interested in anything upon them。
The website is: belefa. com

Author: Matt V - @emailkarma

Share This Post On

Trackbacks/Pingbacks

  1. Tweets that mention Educating one user at a time : : EmailKarma.net -- Topsy.com - [...] This post was mentioned on Twitter by Matthew Vernhout, Inbox Group. Inbox Group said: RT @EmailKarma: Educating one user…

Submit a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.