Rogue Email Claiming To Be From LinkedIn Contains Malware

After receiving a rogue email that contained malware here are some safety tips to help keep your email inbox safe.

Rogue Email Claiming To Be From LinkedIn Contains Malware

After receiving a rogue email that contained malware here are some safety tips to help keep your email inbox safe.

5 Email Safety TipsThis evening I was checking my emails when I noticed one supposedly from LinkedIn with the subject “Aryana is now part of your network. Keep connecting…”. I was immediately suspicious as I do not know anybody named Aryana. I was careful not to open the email on my PC but did do some investigating. At first glance it does look like the email is from LinkedIn but there were subtle indicators that it was not. The most obvious one was the fact that for my name they had simply picked up the part of my email address before the @ sign and then displayed it at the beginning of the message without capitalising the first letter.

The message read “Congratulations! You and Aryana are now connected”. There was then a link attached to the name of my good friend Aryana Crisp. When clicked the link attempts to redirect you to a site in Russia. Whatever the site does when it loads I am sure that it will not do your PC, or you, any good at all.

This email highlights one of the biggest problems on the Internet, namely trust. Seeing an email from LinkedIn many users would just open it and click on the malicious link and not realise what they had done until it was way too late. So I thought I would just detail some simple tips to help keep your mailbox a safe place.

  1. If you do not know who an email is from do not open it. Why would somebody want to randomly email you? Further, if you cannot see why the email was sent to you in the first place i.e.it refers to some action that the email claims you have taken that in reality you know you have not then ignore the email.
  2. If you use an email link on your website for people to use to contact you then remove it. Use a contact form with javascript client side validation and also server side validation to prevent malicious code being uploaded to your server. This will allow you to set a subject title so that you know it is an enquiry from your website. This will also help you to gauge how useful your website is and how many leads it generates.
  3. If an email contains an attachment do not open it unless it is from a trusted source. Attachments are one of the most common ways of spreading malware.
  4. Do not respond to spam, you simply confirm to the sender that your email address is active and is likely to be sold on to other spammers Mark it as spam and then delete it. When you mark an email as spam it does more than just stop you seeing further emails from that address cluttering up your inbox. There is also an email sent back to your ISP and the address is added to a potential spammers list, when the ISP has received enough messages to say that a particular domain or IP has sent spam emails then the ISP will block emails from the domain or IP address.
  5. Ensure that you keep your security software updated. Having last years version an anti virus software program is about as much use as having software that is 10 years old.

 

I hope this helps you to keep safe when you are online.