| |||||||||
EMAIL SPOOF INFORMATION This is both a WARNING about a Phishing (or possibly worse) attempt AND a short Primer in email faking, or 'spoofing' I received an email that is a blatant faking attempt - for what purpose, I do not know. (and shall not) The subject email is PICTURED below - it is not the email itself, but a scree-shot of the email. NOTE that it looks very much like something that would come from apple. It even shows “Apple” in the ‘from’ block; but that is NOT an Apple email address! <tihwrg@helpdiskservice.com> IT DID NOT come from Apple! DO NOT BE FOOLED! NOTE the From: and Reply To; address - it is NOT on the Apple domain; it is from someone that set up the domain “helpdiskservice.com” AND HERE is a TRICK that everyone should know - HOLD your MOUSE-OVER (do NOT click!!) a LINK and after a short delay, the linked address will show up in a box at the mouse-cursor; shown below, the linked destination is NOT anything to do with Apple (nor anything to do with the FROM address) - it will go to http://www.umanginfotech.com/admin'images/help/ This works well for links in emails AND on web pages. This particular link points to a DIRECTORY somewhere on a web server on the internet - inside the final (‘help’) directory, there is a page - and i have no idea from this information what that page is - but that page can be almost anything - and it can RUN CODE on your computer - say if it is an ASP page, PHP page - even a ‘regular’ HTML page can have JavaScript and/or VBScript code (and more) on the page that can execute on your computer. Another interesting thing to note - the /admin/images/help LOOKS to be ‘helpul’ - benign - another way they ‘ease’ you into feeling comfortable. It could even have the word “Apple” in the link - would not mean a thing - the DOMAIN itself is still “www.umanginfotech.com” - anything that FOLLOWS that domain name is ON THAT DOMAIN! As an added bit of information - in case you are interested - anything that PRECEDES a Domain - as long as it is separated from that domain with a “dot” - is a SUB-DOMAIN of that Domain. Hope this helps someone avoid an encounter with malware - either simple phishing, or malicious code run on your machine - this email could do any of it, if the link were clicked by you…. And remember, it might be Apple, Google, MasterCard - just about ANYTHING - can be embedded into a domain to make you THINK it has to do with something it does not. questions: email me at: KenDay@DayComSolutions.com - /<en Screenshot of subject email:
|
|||||||||
| Home | Software Development | Web Development | Web Process | Experience | Web Site Links | |
|||||||||
|