Some things we can’t protect you from
While we do our best to make sure your computers are covered by anti-virus protection, and we recommend adding a further layer of “malware” protection on top of that, users still must remain vigilant to avoid clicking on links from e-mail that could compromise their account or even their network.
What I’m talking about are phishing e-mails — messages that are designed to trick you into revealing personal information, whether it’s your name, address, social security number, bank account number, or your e-mail password. On its face, a phishing e-mail may look legitimate enough, even appearing to have come from someone you know; it may even have legitimate-looking logos from Google or Adobe Acrobat or Word, etc. Taking only one second to confirm the legitimacy of any link you’re asked to click on, and even to verify the “To” address of the e-mail, will help you avoid what your anti-virus software or browser may be slow to catch on to.
Here’s an example of what happened recently to one of our clients: A user got this e-mail, clicked through to a web site that appeared to be a legitimate login to her Google account (but wasn’t), and every one of her contacts got the same e-mail appearing to have come from her, luring them into clicking the link. Here’s the e-mail as I received it “from” that user:
Two things tipped me off that this was not a legitimate e-mail: 1) the “To” address read “undisclosed recipients;” and 2) when hovering my mouse over the link in the body of the e-mail, the true destination link is revealed in the pop-up, and it didn’t have anything to do with Google Drive. So while the e-mail was telling me that I had a secure document waiting for me at Google Drive, the link actually pointed to a different site. NOTE: By the time I sat down to write this article, the site had been flagged by my browser, so here’s a screen shot posted by Symantec to illustrate how convincing the bogus site is to those who aren’t exercising vigilance:
And that’s the point of this article, that attackers are getting very sophisticated in luring people into clicking when they shouldn’t. Good anti-virus software will — and even your web browser may — have a component that warns you if you try to visit a web site that has a confirmed threat reputation. New phishing sites are constantly being created, and it takes time before a threat reputation materializes. However quickly that detection happens, people can get caught during that brief window when it hasn’t yet been detected, and that’s what happened to this user. This is why users should still exercise caution before blindly clicking links in e-mail — yes, even from people they know.