Saturday, April 14, 2007
Computer Tip: Don't click links in emails
I got an email this morning that is a perfect example of BAD spam. I know that if I clicked on the link in this email something bad would happen to my computer. Most spam is just annoying, but some are actually dangerous. And, the dangerous ones are getting trickier all the time at making it look not only legitimate, but important for you to click on them. Here's the email I got: Looks like something I need to take care of, doesn't it? After all, 'guldsystems.com' is one of my email addresses. If it was suspended I would be very upset. However, since Guldsystems.com is our own domain, and I am the administrator of that domain, I happen to know that there is no such "Guld Systems Abuse Department". (Although Jim has applied for the job. He loves to give abuse! :-) On that count alone, I know this email is bogus. But, what makes it dangerous? If you hover your mouse over the link, you will see a little popup window that displays the 'REAL' link. This is how it works in Outlook anyway - it may not be the same in your email program. What the popup tells me is that, if I click on this link, I will be downloading a file called 'Confirmation_Sheet.pif'. PIF files are 'program information files'. They can hide all sorts of nasties. I don't know exactly what this would do ... and I don't *want* to know! ... but, the most likely possibility is that it would install software on my computer that allows some stranger to use my computer as a 'zombie'. Then, unbeknownst to me, my computer and my Internet connection could be used to send out thousands of spams. It might start by sending itself to everyone in my address book. Not all links in emails are bad. I often send links in my emails as a convenient way for friends to look at something on the web that I'm recommending. It's ok to click on those links. But, if there is *anything* at all suspicious, make sure to hover your mouse over the link and check the *real* link before you click. If in doubt, just go to the web and type in the address yourself rather than using the link. As for the email I received, I'm just going to press the Delete key! If you want to read more, try the Federal Trade Commission, on Zombies, or Wikipedia on zombies , or Wikipedia on Phishing or this recent article in Computer World.