“You may be eligible to receive some of the education stimulus bill!” “Did you suffer a Gallbladder injury while using Birth Control?” “We want to buy your home for Christmas! Sell Your Home Today!” “Make $10000 for Christmas!” “Bounci36D sent you a Holiday picture!”
As the holiday season moves on, many people have noticed a huge increase in the amount of unwanted email they have received. The message subjects listed above are a very small example of the spam email that I’ve recently received. The Internet bad guys make a huge effort every holiday season to scam as many people as possible, and this year is no exception. While some spam is from legitimate marketers, most of it is not.
Many spam emails will have subject lines that simply read, “Christmas.” Upon opening the message, the reader finds a link leading to a shopping website that has unbelievably good deals on all sorts of fabulous merchandise. This is where things start to go downhill. The website is probably bogus, and you’ll never get anything out of the deal other than a big, fat credit card bill and the displeasure knowing that you have become a victim of identity theft.
Some dangerous spam emails contain links to alleged shopping websites, but when you click on the link, a message pops up telling you that you need to install a special “viewer” or some other file in order to see all of the good deals on the website. When you install the viewer, guess what you’ve really installed? A virus, of course. This tactic led to the huge success of the Storm virus in the holiday season of 2008.
Another way that spam emails sucker in their victims is the promise of E-cards, or electronic greeting cards. You may receive an email claiming that “a friend” has sent a Hallmark holiday greeting card. Click on the greeting card attachment, and, bam, your computer is infected with a virus. My rule for opening email attachments is as follows: the email has to be from someone I know, and the email itself has to say something like, “Hey, Dave. I am sending you an attachment. Here’s what it is (include description). The attachment’s file name is (include file name).” If I do not have that information, then the email and its attachment go in the trash. Even so, I will still scan the attachment for viruses before opening it. If I’m really suspicious, I will reply to the email and say, “Dear ‘whoever.’ Did you really send me an email attachment? What was it?”
It also pays to be wary of emails coming from unknown, but official-sounding sources. Just a few days ago, Pennsylvania State University issued an alert stating that bogus emails were being sent to students and faculty from email addresses such as administrator@psu.edu, webmail@psu.edu. and helpdesk@psu.edu. The official-looking emails were asking students and faculty to provide their user IDs and passwords, but the messages were fraudulent. They were also warned against holiday spam messages selling fake Rolex watches, offers to win gift cards or bogus electronic greeting cards. After all, what student could resist an email that said, “The Dean of the School of Architecture has sent you a greeting card?”
Most holiday spam scams can be thwarted by using a little common sense. Keep your antivirus/antispyware programs updated and running. More than anything, though, be suspicious of everything and be careful what you click on. Have a safe and Merry Christmas.