Thursday, April 15, 2010

Look inside your emails

I have never claimed to be a internet or computer know it all, so I have learned to do some research and look to those who do know more on the "technical" side of how things work when I need to. When I decided I wanted to talk to my readers about the information inside of an email, spoofing, hacking and IP addresses I knew I was entering into a world that I am not comfortable with . . . seriously, all of the technical talk starts to sound like "blah, blah, blah" to me. So that is when I contact my friend and fellow scam fighter at

Ironically, he wrote an article just this month about a LOT of the things that I wanted to touch on. Here is a sample . . .

Some of you reading this article may have seen news reports of people getting alarming email messages from their friends.
Tales such as "Help, I'm stranded in Nigeria and need money" have come to many people as a surprise in recent months, and the trend seems to getting more widespread. The messages are coming directly from the email accounts of someone you know, and at first glance it may seem real. The truth, once discovered, is that the email account has been taken over (hacked [link]) by a fraudster, and the solicitations for money being sent out are a simple fraud. One question that seems lost in all of these news reports is "how did this happen?" -- Let's investigate this a little further and shed some light into this dark corner.
From Hack To Phish
Hacking covers a wide range of techniques, such as Security exploit; Vulnerability scanner; Packet Sniffer; Spoofing attack; Rootkit; Social engineering; Trojan horse; Virus; Worm and Key loggers; but for the purpose of this article we will concentrate on only one of these, social engineering.
"Social engineering is the act of manipulating people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud or computer system access; in most cases the attacker never comes face-to-face with the victim." (Source Wikipedia: [link])
Phishing [link] of course, comes under the general umbrella of social engineering and is a technique of fraudulently obtaining private information. People may associate Phishing with financial institutions (banks, credit cards and credit unions), eBay, PayPal and others due to a great many reports in press. However, one form of this phishing hides in relative obscurity, and asks not for banking details, but for your email account login credentials. If you get one of these emails, it may actually look very real indeed.
To read the rest of this article, go to

No comments:

Post a Comment