New Normal: Covid Phishing

It’s summertime and the living’s easy… The covid-19 weather is perfect for successful phishing expeditions, emails designed to trick you into jeopardizing your computer, your finances, or your business.

The other morning, after scanning incoming email, and doom scrolling the news (checking for new trouble on the current events horizon), I went to the kitchen for a glass of water. Ten minutes later, I returned to my desk with a dry throat. I had put the breakfast dishes in the dishwasher, taken out the trash, and watered the rose bush, but I forgot to get a glass of water. Preoccupation with the virus and the economy has turned my life into struggle to stay on subject, and from what I read, I am not alone.

I got an email yesterday from PayPal about a charge to my account. That was strange. I don’t have a PayPal account. My wife and I do use PayPal, but the account is in her name because in our marriage’s division of labor, I wash the dishes and she pays the bills. Luckily, I focused my concentration long enough to spot some clues that the email was not from PayPal. I forwarded the email to PayPal’s phishing detection email address. A few minutes later I was rewarded with a return email confirming my suspicion. I permanently deleted the phony email and breathed the sigh of relief that comes after dodging a bullet.

That was close. I could easily have missed the clues in my currently distracted state and clicked on a link in the email, starting down a path toward a hacked computer, a ton of hassle, and likely a hit on our bank account.

This evening, instead of doing the dinner dishes, I’ll sidetrack into some hints on how to detect a phishing attempt.

Rule #1 when dealing with phishing attempts: when reading any email, don’t click on anything, don’t allow images to display, don’t call phone numbers, or send messages until you are sure the email is genuine and not a phishing expedition.

Your email client, the computer application you use to view emails, should be configured not to automatically display images from untrusted sources. This is the default for most clients. If a box pops up asking if you want images displayed, take a second to think: can I trust this sender? The problem is that when your computer reads an image file, it runs a program to convert the zeroes and ones in the file into an image you can see. Hackers doctor images to run malicious code embedded in the image file. Your operating system and email client makes this difficult, but hackers are always looking for new ways to do this kind of stuff.

Here are a few points to consider:

  • Criminals know that many of us worry a lot these days and they know how to take advantage of your fraught state. If you receive an email that raises a worrisome possibility, think twice, turn up your fraud sensors. The fact that I do not have a PayPal account in my name was a whopping clue, but I could have missed it because the email brought up a disturbing possibility: it claimed someone had charged an expensive video game to my account. Exactly what would happen if a criminal script kiddy got access to my PayPal account. In my current distractible state, the haze of worry could easily draw my attention from the precautions I would ordinarily have taken.
  • Phishermen try to force your hand. Click HERE. Call THIS NUMBER. You must respond NOW. Emails that feel like frantic attempts to get a response, are suspect. My wife and I do buy video games occasionally, mostly for our grandsons. The charge could have been legitimate, but this email insisted that I click or call immediately. That is not normal. A legitimate warning would simply point out unexpected charges; not insist on immediate action. Again, cause for doubt.
  • Look at links and email addresses carefully. On most browsers, when you hover over a “live” link, the actual address will pop up somewhere, usually the lower left corner of the window. Look at those little popups. When reading internet addresses, the most significant part of the address is to the right. “support.microsoft.com” is the support division of Microsoft Corporation. “microsoft.suport.ru” is some unknown “suport” site in Russia that has nothing to do with Microsoft. Also, be on the alert for subtle typos and misspellings. If you see “mcrosoft.com” you can be pretty sure some hacker is trying to trick you.
  • When you have doubts, suspicions, or tiny qualms, you can always contact the sender and ask. But not via links, numbers, or addresses in the suspect email. I googled “PayPal phishing” and quickly found instructions for dealing with suspicious PayPal emails from the official PayPal site.

The summer of 2020 is tough. Don’t make it worse by letting some crudball take advantage of your concern for yourself and your neighbors.