Several of our webmaster clients have reached out to us recently to ask if an email they received was a scam. Each one we examined was indeed a scam.
Today, we saw a scam in which our client’s inbound email pretends to confirm the purchase of a game. The scammer provides links to a nondescript domain (where you can “report a problem”) and inserts a thumbnail image of the game. Imgur.com hosts the image; a legitimate seller of the game Clash of Clans, Box of Gems, probably uploaded the photo.
What happens when you click a phishing (scam) email link?
Each time you click an email link, you increase your exposure to ID theft and malware infection.
If you follow a scammer’s link, as one client did today, you may still be safe, provided you don’t complete and submit their request for additional information — unless their attack was sophisticated enough to install malware on your device just by visiting their website. If visiting the site was enough to cause damage, your browser and your antivirus software will prevent most infection attempts, assuming your software is current.
Worried you may have already clicked something dangerous?
If you’d like to err on the side of caution, open your antivirus software and run a full scan.
Note: Even a full scan is not a 100% guarantee — antivirus software isn’t perfect.
Protect Yourself – Scrutinize the Sender’s Address
Going forward, scrutinize the sender’s email address before clicking links or opening attached files, and don’t proceed unless you recognize the sender. Even that’s not 100% safe because hackers can send malware from an address you trust, but your risk is far less than it is when you click without examining the sender’s address.
Taking email safety a step further
If you receive an email attachment or link you aren’t expecting from a sender you trust, but the wording is awkward, or there is no text accompanying the link/attachment, call the sender before you click. It is also safer to copy and paste the link into your browser than to click it directly from the email body.
Convenience vs. Security
Some folks refuse to open email attachments. Others refuse to follow email links to sites they don’t recognize. Ultimately, each of us must weigh risks against convenience. Be aware of the tradeoff and proceed accordingly.
