Yesterday I received a phone call from a client that said she had received an email from Fed-Ex with the subject line “Undeliverable Parcel Notification”. She happened to have recently sent a Fed-Ex shipment so was concerned that it could not be delivered so she opened the email and clicked the link. Windows immediately started popping up on her screen warning of virus infections and asking her to enable a security service. She was infected with a virus.
Many times these things can be easily resolved over the phone by instructing the client to go into safe mode with command prompt and running system restore. In this case the virus had even managed to infect safe mode and she could not run system restore. She couldn’t run anything from a USB drive or anything already installed on her computer. More research and several phone calls later I decided it was best to visit the client armed with CD’s and USB drives loaded with anti-virus weaponry.
Several hours later I managed to get her computer restored and she was able to do her job. It was one of the more difficult infections I’ve ever dealt with.
How do you protect yourself?
Obvious Visual Clues
First, you should be aware that malicious code can be in any email message. You need to be watchful for clues that the message might not be something you want to deal with. We all know to stay away from the messages advertising Viagra and Czech brides, but there are some less obvious clues. One such clue is that the subject line or message do not make sense. If you’ve never sent, or are not expecting a, Fed-Ex package then you should be very suspicious of the “Undeliverable Package” scam. The nasty message my client received came at a very bad time since she had recently sent a package by Fed-Ex so it did seem legitimate for her. If you don’t deal with a particular bank that just sent you a message about your account – send it to trash. Many times you will receive messages with jumbled text or other language that does not make sense – send it to trash. It is sad to say but these days it is necessary to train yourself to be suspicious of everything.
If there is a link in the message you should make certain that the link is valid. Many email programs will show you the URL of the link if you hover over it with your cursor. At a quick glance you might think it’s a valid link but you should study it carefully – http://fed-ex.cz/… is not the same as http://fed-ex.com/… or http://yourbank.customers.com/ is not the same as http://yourbank.com/customers. This is known as “Phishing”. You can get more information on phishing from the Wiki located here. Remember, the URL in the text of the message is not necessarily the URL that you will be taken to if you click the link. Never click a suspicious link – send it to trash. If you are unsure there is no harm in calling someone to make sure an email is legitimate.
You should be very suspicious of attachments, even if they are from someone you know. Messages can be received from a friend’s email address even though the friend did not send them. This is the result of email hijacking. Somehow the hijacker has gotten access to an email password, or is simply using that email address to to send messages. If they have your password, most likely obtained through a phishing scheme (above), they can actually use your email account to send the messages. Never open a suspicious attachment – send it to trash. If you are not sure you can create a new message to the sender of the suspicious message asking if it’s safe – don’t reply to the original message since it might not go where you think.
If you are suspicious you can always do a search for the subject line or attachment name. If a message is a scam then you will likely get lots of results. Snopes.com is a great resource for determining what is a scam and what is not.
Many businesses state that they will never send you anything asking for personal information. I checked with a friend of mine that is a Fed-Ex representative and he said that Fed-Ex will not send such messages. They even have notices on their web site listing several scam messages being sent in their name.
The big “legitimate” message I want to leave you with is “When in doubt ask someone”. I receive a few phone calls a month from clients that have received email messages that they are not sure about. Most time they were right to call.
Have a great day!
Your Digital Coach
I’d like to also congratulate my new partners – Graphically Speaking, Analytic-OR, and Black Point Marketing & Communications! We all had a hand in making the Inns of Distinction web site a “site of distinction”!
Not really Facebook Customization, but it is useful Facebook information.
I got a phone call from a friend a couple weeks ago saying she had heard about the recent addition of secure browsing to Facebook pages. She had changed her Facebook account to enable it but then discovered that the URL for her page had changed from HTTP:// to HTTPS://. She already had business cards and other marketing material with a Bit.Ly link to her page and a custom URL (Facebook.Her-Domain) printed on them. She wondered if she could change them to use the new URL.
I happen to host her site and created the custom Facebook domain so I was able to change that, but Bit.Ly links cannot be edited so she was out of luck. Because of that she decide to change her Facebook setting to turn off secure browsing.
Yesterday I discovered a couple other reasons why you might not want to use secure browsing in Facebook. This Mashable article – http://mashable.com/2011/01/27/facebook-https/ – is about Facebook’s implementation of secure browsing. The last paragraph talks about how many Facebook applications will not work with secure browsing enabled. Also, if you enable secure browsing it will slow down your pages since encrypted pages take longer to load.
Facebook’s default login process is secured by encryption to reduce the risk of someone gaining access to an account – you don’t need secure browsing for that. Secure browsing is intended for people who use Facebook from public networks like libraries or cafes.
Over the next few weeks I will be writing about my experiences customizing Facebook Business Pages. Although Facebook limits what you can do with your page there are still a few things you can do to make it stand out from the crowd. I hope these posts will help you find out what you can do and how you can do it.
My first attempt at connecting my web site to Facebook was a failure. I was using a plugin for WordPress that asked me to create a Facebook application to connect with. I did that and it created a page that “looked” like a regular business page. I eventually found out that although it acted like a business page it was not. I could not find the page anywhere in Facebook. The only way I could get to the page was through the configuration settings for the plugin – which produced a horrendous URL. If I couldn’t find it how would my clients?
After creating a Facebook Business Page for The Wing and successfully using the very same plugin to connect to it from their web site (but in a different way) I knew I had to change something with my own Facebook “page”. I dumped my old “App” page and created a proper business page. After reconfiguring my plugin my web site was reconnected and things were working much better. You can now find “Your Digital Coach” when you search in Facebook and I have a proper Facebook URL to use as a link.
ps – I found a tip to create a custom Facebook URL – http://facebook.yourdigitalcoach.ca
So, now that I have all that mess straightened out I can get on with trying out some other customizing options. Stay tuned for more of my mistakes!
Well, I am officially a Director of the Greater Summerside Chamber of Commerce. I think it will be a fun and challenging opportunity. I just hope it doesn’t get to be too much work.
What do you think?