This
page is a continuation of the Consumer Protection page, and it teaches
you more about what an email message source is, especially in regard to
the anti-spam and phishing-related article you were reading, and a few
ways you use it to learn more about the sender, and protect
yourself. (More to come in the future about this important
subject.)
Dear Readers:
This
is a sample of a SPAM email I recently received that shows you what
kind of
really valuable information you can get by viewing the source (in the
header) of the email you received. If
any spam (or any email from unknown
senders) contains
an attachment, DO NOT EVER OPEN those!
Better to delete it, and not bother trying to recover the message
source to send to the government to investigate, unless you are VERY
experienced in computer usage AND you have a
great antivirus program running! Avast
AntiVirus is free. There are several others. Search
Google right from this page for more.
I have changed my email address in the sample
below so that I won't receive even MORE
stupid spam (from the harvesting software that abounds on the net these
days) but I wanted to leave it in place, so you can see how the
email headers work. I have changed it to the following: my*address@mydomain.com in the
SPAM EXAMPLE message source sample below.
All of the maroon colored part was inside the
message source, and easy
for you to find and copy if you just know how. (Later, when I get
more time, I'll write a page on how to do that, too.)
This is the sample
spam email
(below) that I received which was, in essence, trying to steal banking
information from me and the rest of their phishing episode's
recipients! This type of email is called "phishing"
because they are fishing for information to use to obtain
someone's login and password to their online bank, along with other
valuable information that could lead to identity theft!
Here is what it looks like in
the "raw message" format found in your message source:
---------------------------------------------------------------------------------------------------
Return-path:
<root@pointi.com>
Envelope-to: my*address@mydomain.com
Delivery-date: Thu, 29 Jul 2004 10:30:16 -0400
Received: from [211.174.58.68] (helo=pointi.com)
by star.deerfieldhosting.net with esmtp (Exim 4.34
(FreeBSD))
id 1BqBvD-000D14-TV
for my*address@mydomain.com; Thu, 29 Jul 2004
10:30:16 -0400
Received: from pointi.com (localhost [127.0.0.1])
by pointi.com (8.12.11/8.12.11) with ESMTP id
i6TEUN5T021884
for
<my*address@mydomain.com>; Thu, 29 Jul 2004 23:30:24 +0900
Received: (from root@localhost)
by pointi.com (8.12.11/8.12.11/Submit) id
i6TEUNPB021882;
Thu, 29 Jul 2004 23:30:23 +0900
Date: Thu, 29 Jul 2004 23:30:23 +0900
Message-Id: <200407291430.i6TEUNPB021882@pointi.com>
To: my*address@mydomain.com
Subject: ***Renew Your Records***
From: "renew@USBank.com"<renew@USBank.com>
Content-Type: text/html
<FONT face="Courier New"
color=#000000 size=2>
<DIV><B>
</B><FONT
size=3><B>Dear U.S. Bank valued
membe</B>r,</FONT></DIV>
<DIV>
Due to concerns, for the safety and
integrity of the Internet Banking community we have</DIV>
<DIV>issued this warning message.</DIV>
<DIV> </DIV>
<DIV>
It has come to our attention that your
account information needs to be updated due to</DIV>
<DIV>inactive accounts, frauds and spoof reports. If you could
please take 5-10
minutes out of</DIV>
<DIV>your online experience and
renew your records you will not run into any future
problems</DIV>
<DIV>with the online service. However, failure to update your
records will result in
account</DIV>
<DIV>deletation. </DIV>
<DIV> </DIV>
<DIV>
Once you have updated your account records
your online banking account will not be</DIV>
<DIV>interrupted and will continue as normal.</DIV>
<DIV> </DIV>
<DIV>
Please
follow the link below and renew your account information.</DIV>
<DIV>
<A
href="http://www.akhlesh.com/stats/.access/requestCmdId/USBank/internet
Banking/DisplayLoginPage/RequestRouter/"><FONT
color=#0000ff><U>http://www.usbank.com/cgi_w/cfm/personal/account_access/
account_access.cfm</U></FONT></A></DIV>
<DIV>
</DIV>
<DIV><FONT
size=3>
&n
bsp;
<U><B>U.S. Bank Internet
Banking</B></U></FONT></DIV>
<DIV> </DIV>
</FONT>
--------------------------------------------------------------------------------------------------------------------
Please read blue and red
cautionary notes first:
***********************************************************************
First,
you will notice how "genuine" it looks! (And,
will you notice the
misspelled word? That is one of the better clues that a SPAM
email is NOT official... although there are many more.) (Of
course you do NOT want to click that "official-looking phishing link"
in the SPAM email sample below, as it will take you straight to their
EVIL phishing site!!)
So, just look, but DON'T CLICK their
up-to-no-good-links in the inbox sample below!
***********************************************************************
And, here is what that
same strange-looking email source code above would look like when it
appeared inside your inbox:
|
Dear U.S.Bank valued member,
Due to concerns, for the safety
and
integrity of the Internet Banking community we have issued this warning
message.
It has come
to our attention that your
account information needs to be updated due to inactive
accounts, frauds and spoof reports. If you could please take 5-10
minutes out of your online experience and renew your records you will
not run into any future problems with the online service. However,
failure to update your records will result in account deletation.
Once you have updated your account
records
your online banking account will not be interrupted and will continue
as normal.
Please
follow the link below and renew your account information.
U.S. Bank Internet
Banking
|
***********************************************************************
(CAUTION:
You truly do NOT want to click the "fake banking link" above, as it
will take you straight to their evil phishing site!! JUST
HOVER YOUR MOUSE over the usbank.com link above and notice that it is
DIFFERENT from the words you see when you look at it!) See detailed explanation below:
As
you can see, there is a LOT of valuable
information inside that header, even though you and I may not be able
to decipher it. :-) Someone else CAN.
What I find interesting, and it fully explains
the reason why you are always asked to TYPE IN THE URL whenever
visiting a secure website is noted below:
The link "says" that it is to usbank.com....
(And it appears
to be a "regular" link to your banking institution)
http://www.usbank.com/cgi_w/cfm/personal/account_access/account_acce
ss.cfm
...but
HERE BELOW (as you noticed when you hovered your mouse over the sample
inbox email above) is where the link really leads you:
(But, this is
the actual spam phishing link where they are REDIRECTING you so
they can steal from you!)
http://www.akhlesh.com/stats/.access/requestCmdId/USBank/internetBanking/
DisplayLoginPage/RequestRouter/
<<*>><<*>><<*>><<*>><<*>><<*>>
I will continue updating this
page, but for now, it should help a little, anyway. I hope it
stops some of the online BS that unsuspecting folks are being subjected
to. Applied knowledge is power, so apply it to your own life and
business, and you can help to stop those who would hurt us all.
Submit your full email source headers like the above example to spam@uce.gov
Remember, you will stay more secure and safe
online by learning all that you can about spam, phishing and other
nefarious scamming themes! And please remember to NEVER open
attachments (no matter how interesting they look or sound) and NEVER
click banking or financial links from within your emails, unless you
are absolutely, beyond a shadow of a doubt CERTAIN that the email
originated from your trusted resource.
To be totally secure, it's just better to
always manually type the URL into your browser to be sure you will get
to the site where you really want to go. Then, also check your
browser for the little "locked" symbol in the lower right hand side of
the status bar. That's another good sign you are at the secure
"https" website where you belong.
I hope you have enjoyed reading and learning
from this web page, as it was my intention to teach and help anyone who
doesn't understand the process (or the danger) of phishing emails and
spam. The internet has the potential to be such a wonderful
medium, but like anything, it has it's downsides if you aren't cautious
and remaining alert to the ways that dishonest netizens would use to
deceive and scam you.
Respectfully yours,
Donna Maher RN
P.S. If you want to keep this kind of trash
OUT of your mailbox in the first place, take a look at Mail Box Filter and see
what it might be able to do for your peace of mind.
<<*>><<*>><<*>><<*>><<*>><<*>>
More To Come!
|
Use my
*favorite search engine* to find whatever you need! :-) Donna
<<*>><<*>><<*>><<*>><<*>><<*>>
|
|
::Free Resource::
Free Anti
Spam Email Software
Email Remover is a useful anti spam tool that
allows you to view your emails from POP3 server by showing you headers.
You can remove unwanted
emails in seconds without downloading them - if you receive
unwanted mail like huge attachments or spam (or worse... a virus or
worm).
Note from Donna about EmailRemover:
"I have downloaded and I use this great free product, and it really
does
work well. Sure beats downloading all that trash onto your hard
drive
and then having to delete it."
Donna also
recommends this amazing tool which you can also use FREE:
Are you trying to market online?
Can't afford to buy a list?
How about building one for free with a community of caring
folks?
Look no further,
visit ListGenesis and
see what you've been missing. It's a real viral list builder with
support and a forum for help when you need it.
::Resources::
|
I've met Armand Morin in person and anything he gets
involved in is
BIG, and it's honest and it's good for everyone
concerned. If you have
a ClickBank
ID (if you don't just click the
underlined words ClickBank ID) you will NEED this
program to GO totally VIRAL starting today!
Then...
Watch your earnings soar with CBClicks,
and if you want another cool ClickBank™
related program, join Affiliate Sensor
while you're at it! I love them both, and I think you will,
too.
Thanks, Donna :-)
|
|
