We're seeing a LOT of phishing emails pretending to be from Dropbox.
The general rule is this: The email heading begins: "(name) sent you an invitation"
The body of the email contains a link (to sign up to Dropbox, but as you would (hopefully) guess, it's a bogus link.
Please be aware.
Please do NOT click on links in emails.
Be safe......
Just as a little simple reminder, if you ever receive an email from a courier company, a financial institution, PayPal, Bank, Tax refund, and it starts with the phrase "Dear User" or " Dear Account Holder" ALWAYS be suspicious.
These companies will ONLY ever use your full name, and thus anything else must not be trusted.
That's also not to say you should immediately trust an email from your bank that uses your full name. You should always be suspicious first, because in general, these people will not write to you via email very often, and certainly not for updating your account details by clicking a link.
If you believe the email to be real, the safest option is to go directly to their website by manually typing in their URL into your browser. That way you know for sure it's taking you to the website you expect to be going to.
As ever, be very wary about emails with links embedded that asked to be clicked on.
ALWAYS BE SUSPICIOUS OF EMAILS ARRIVING IN YOUR INBOX
Here's a new one on us. An email pretending to be from Discover.com
Nicely, (or stupidly) they've included a real link to Discover, if you were lucky enough to click that, but every other link re-directs you to a bogus website.
You can see from the tooltip below.
NEVER click links in emails especially from banking and financial institutions.
Be aware....
There are a ton of bogus emails doing the rounds right now designed to appear to come from Santander.
Do not click any links within these emails.
Here are 2 examples:
It seems like there's been a number of Twitter accounts hacked in the last few days.
If you've received a password reset request from Twitter via email, we urge you to change your password immediately, BUT, as ever, go direct to the website through your browser, rather than clicking a link in an email....just in case.
It's also worth reminding you of the importance of not using the same password for Twitter as you do for your online banking or any other sensitive website.
As in this case, if your password is stolen, it can potentially be used wherever else you log in, if you use the same password.
Even if you haven't had a recent password reset request, it might just be worth thinking about changing yours anyway. Think of it as a bit of house-keeping.
Also consider adding something to your password that is particular to that site, that you can easily remember, and that will make it different to your other passwords.
Don't delay - do it today!
There's been so many of these over the years.
The basic premise being that it's hilarious to forward the email to 7/10/15 of your friends to see what happens.
Guess what? Nothing happens EXCEPT, all of your emails are harvested and sent to spammers as live email addresses.
The purpose of these chain emails is to bypass spam filters. They get sent out by your friends, therefore arrive in your inbox un-impeded.
Often they will contain hidden maliious code which harvests everybody's emails addresses and sends them to the spammers.
Do everybody a favour, and just delete these emails when they arrive, and reply to the sender with a polite comment about how bad they are.
Educate your friends!
Best of luck....
We've just received 2 seperate emails purporting to be from Google about YouTube
Don't click on any of the links, otherwise you'll be re-dirceted to a malicious site.
Here's a screen shot showing the real URL links (images were prevented from being downloaded for security)
There's a large number of emails doing the rounds that appear to come from YouTube.
They appear to have been sent from service@youtube.com and tell you to click a link.
If you've been on this site at all, you'll no that you must never click links in emails, especially from service providers.
This is a bogus email so delete it.
This one seems to still be doing the rounds.
Basically, and email pretending to be from American Airlines arrives telling you about either a refund, or a new ticket you have purchased.
If you click on the link, your PC will immediately be infected by a Trojan that is very difficult to remove.
So the best bet is to not be suckered in by curiosity!
There's a link here that we've not tested, but may help. Failing that, honestly, the best course of action after an infection is to wipe clean your hard drive, re-formatting, and do a fresh re-install of Windows.
However, you will lose ALL your data, so you must have had a good backup before doing this.
THREE RULES TO ALWAYS FOLLOW:
Backup all the data you wouldn't want to lose (documents, photos, music, videos etc)
Run a good anti-virus
NEVER click links in emails or social network sites
Good luck!
We have received a growing number of emails pretending to be from Linkedin.
These look like Inbox messages, if you're a Linkedin user, but if you click on the link, it re-directs you to a suspicious site. It is not yet clear whether there are nasties downloaded to your computer, but the rule as ever: DO NOT CLICK LINKS IN EMAILS
Best of luck for your safety and security in 2012
There's a cool little website that can check if your email address has been compromised.
It seems to be legitimate, so possibly worth checking out in light of all the recent security breaches by hackers.
Enter your password into the text box and click to see if it has been collected by hackers. If you're unliky enough to have had your email address hacked or harvested, change your password immediately.
We just received a new phishing email today allegedly from the Alliance & Leicester. The worrying thing about this email is that it mentions Trusteer rapport which is a legitimate browser security plug-in designed to work with online banking.
The scammers are clearly across this idea and have included what appears to be a link to download the security plug-in to make your browsing safer.
If you look at the tool tip for the link the mouse over generates, you can clearly see it's not legitimate. Chances are this would download some malware that would allow access to your computer without your knowledge.
Please always exercise caution when receiving emails. The best rule is NEVER trust an email from a bank until you have thoroughly checked it out.
NEVER CLICK LINKS IN EMAILS
Here's another example of a phishing scam received via email.
First and foremost, the biggest clue is the 'Dear Valued Customer' bit.
The next clue, as is the case on almost all of these scams is the mass cc mailing list in the clear.
Finally, the give-away tooltip of the real URL. It looks ok at first glance, but notice the 139689.net bit at the end. That's the actual domain (which is clearly not A&L). Anything before that, i.e the A&L bit with dot whatever can be made up by anybody. It's the ending domain in the URL that is the actual domain it points to.
Hopefully this all helps to keep you alert and easily spot the scams.
Here's a great post over at the Malware Diaries about a recent phishing attempt involving an email reporting that you are due a tax refund:
There are reports of a new email scam pretending to be from Facebook, asking users to check their password enclosed in an attachment, because their password has 'been reset' due to a security flaw.
This plays on the current problem of accounts being hacked, meaning the recipients of such emails are more inclined to believe it.
Please alert all your friends on Facebook and help spread the word.
The scam email contains a zipped file that supposedly contains your new password.
What you're clicking on is actually a password stealer program that could steal not only the username and password of your Facebook account, but also details to other accounts such as online banking.
Please remember that Facebook would never send users such emails.
As ever, please be extremely wary of things arriving in your inbox asking you to open an attachment or click on a link.
Be even more suspicious if the grammar isn't right, which thankfully, it often isn't.
