The adventures of Gary, Nic, Ginger and Dolley as they navigate life in a crazy world. They love sports, reading bed-time stories and of course, the Hokies.
Me, Her, the Boy and a Dog by Gary Cope is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.
Catching Elephant is a theme by Andy Taylor
LinkedIn Scam Alert? Check out the URL in this email I got. Does it look legit to you? Yeah, didn’t think so. LinkedIn does not need to verify my account. If you get this email, do not click on the link, it’s a phishing scam designed to get your login info. At least that’s my guess.
LinkedIn Phishing Scam Warning; How to Spot Fraudulent E-mails
Last night, I got an e-mail from someone purporting to be from LinkedIn informing me that they needed to confirm and validate my account. This is clearly a phishing attempt, so if you get a similar e-mail, do not click on the link in the e-mail. Instead, forward the e-mail to phishing-report@us-cert.gov.
Remember when it was easy to spot SPAM or Phishing attempts? English was clearly not the criminals’ first language. The sentence structures were terrible and there were spelling errors throughout the e-mail. Unfortunately, that’s not the case any more. The e-mails are written well enough to pass as legitimate correspondence from reputable companies.
Despite improving their spelling and grammar, there are still dead giveaways if you pay attention. Here are some things to look for to help spot a fraudulent e-mail.
1) Look at the “From” e-mail address. If it’s not from the actual company named in the e-mail, then that’s your first hint. For example, this e-mail claiming to be from LinkedIn comes from a hotmail account. Already, I know this was not legit.
2) What are they asking you to do? In this case, “LinkedIn” wanted me to “confirm and validate” my “new profile.” As if the warning sirens weren’t already blaring, they are at deafening levels now. I set up my LinkedIn account a long time ago, so I know for a fact that I don’t have a “new” profile.
3) Online social networking sites like Facebook, LinkedIn and MySpace will never ask you to download a file in an e-mail, especially to validate your account. Stop and think for a minute - these sites are Web-based, not an application you download to your computer. There is NO reason to download a file to review and verify your account.
4) By now, I’m only still reading this fake e-mail out of curiosity. Look at the file extension they want you to download - it’s a .pif file extension. A .PIF is a program information file associated with early versions of Microsoft Windows (we’re talking Win95). According to filext.com, when you click on a .PIF file, the information in the file is used by Windows to run a program; including code that can be in the PIF file. It is a potentially dangerous file type, so never click on one received via e-mail.
Well, I hope this helps keep your computers safe. Remember, if you don’t have an updated virus detection program, it’s cheaper to buy a new licenses for $60 than it is to pay the Geek Squad at Best Buy three times that much to clean our your computer and then still have to pay $60 for virus protection software.
Lastly, when in doubt, do not click on any links or download any files. It’s better to be safe than spend a crap-load of money to fix your mistake. Happy Interwebbing!
