Not all spam is equally threatening. Some forms are more dangerous than others. While spam selling pornography, pills, and get-rich-quick schemes are annoying, there are other forms which try to trick you into sharing personal information.
This form of spam, known as “phishing” attempts to trick you by impersonating your contacts or companies which you trust. The goal is to gain access to your computer or steal your identity for fraudulent purposes. You’ve probably received phishing spam in the past. Some of the recent versions include fake messages from friends traveling overseas (asking for emergency money) and messages from the “anti-fraud department” of your bank / credit card, etc.
Recently, however, there has been a rise in phishing spam which imitates a wide range of ecommerce sites such as Amazon.com, UPS.com, and PayPal.com. Usually these messages pretend to be an order confirmation or “transaction receipt” from an online purchase or transfer which you don’t remember making.
Here’s how it works: Since you’re sure you haven’t make a purchase or a transfer, you immediately click on the links in the email to see the supposed transaction. After all, it’s either a mistake or fraud, right? This leads you to a malicious web page which either attempts to install spyware or fools you into entering username and password information.
While your spam filter should catch the majority of these (Gmail has some of the best spam filters), you may still receive them from time to time in your inbox. Here are samples of the fraudulent subjects:
- “Your UPS shipment tracking number”
- “Track your UPS shipment online”
- “American Airlines Order N483-49933″
- “Your Flight Order A994284″
- “Your Ebay.com purchase receipt”
- “Your Paypal.com transaction confirmation”
- “Your Amazon.com order receipt”
You’ll notice that these sound very legitimate. In fact, the messages may even contain logos, layouts, and information which seem like the real thing.
Don’t be fooled. Use common sense. If you know you haven’t made any purchases, don’t fall for these tricks. Be sure you…
- Don’t click on the links in the email messages.
- Don’t open any attachments to the email.
- Visit the websites manually by typing in the address yourself to check out your account order / transfer history.
- If you don’t see any recent transactions, you can reasonably assume the notification is fraudulent.
- Report the suspicious email to the website/business in question.
Stay safe and remain skeptical of those “confirmation” emails!