ทนายความโจอี้



LAW CORNER WITH JC 25 พฤษภาคม 2562

EMAIL SPAM, PHISHING SCAMS, AND OTHER INTERNET-RELATED DANGERS

In this week's article, I will be covering email spam, "phishing" and other types of internet-related scams. Although this topic might seem different than all of my other previous articles, the purpose remains the same: to protect you from falling victim to things you may not know much about. The world can be cruel, harsh and downright dirty sometimes. It seems like everyone is out to get someone. With that thinking in mind, you need to protect yourself. I've always believed that the best way to protect yourself is to educate yourself. May this article be a warning for you to be more suspicious, and to question things that just "sound to good to be true". Because in the end, it most likely isn't true.

What is Email Spam?

If you search the word "spam" on the internet, you'll probably get a number of search returns, including the food type that comes in small tin boxes and comprised mostly of pork. That's not the spam that I am talking about. The "spam" that I am referring to in this article is much more dangerous than that. Spam, or what many refer to as "junk mail" is usually defined as unsolicited electronic messages, especially advertising, that is usually sent in bulk. We've all see it: it's usually those advertising emails you get in your inbox. They are unsolicited, usually numerous, and always annoying. In the early stages of spam, it was a commercial advertisers way for you to visit their website, go to their business or view one of their products. As time went by, spam artists became more savvy and more devious. So, although many types of spam still target you for commercial purposes (i.e., to visit their store, view something they are selling), many now have nefarious and malicious intent. Read on.

What is Phishing Email?

"Phishing" email messages are a form of email spam, yet, they go further in their evil intent. Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. They are sent by cyber criminals in order for you to reveal your personal information by responding to their questions, or by installing malicious software once you click a link that is embedded in the actual email.

You might not think you could ever fall for this trick, but guess again. There have been so many that thought the same, and yet, hundreds and even thousands fall victim to phishing schemes every year. Doctors, lawyers, even politicians have fallen victim to these crafty cyber criminals. An example of a recent high-profile victim: Hillary Clinton's own campaign aide, as well as the DNC were victims of phishing emails! So, think again if you don't think it could happen to you. It can happen to the best of us.

How does Phishing Work? What does it look like?

Phishing works because those spam/junk mail that you receive, look incredibly legit. The cyber criminals that create the spam use social engineering in order to make their fake emails look like the real deal. In addition to the appearance of the email itself (color, logos, etc), these cyber criminals use other social cues to convince you to either install malicious software or hand over your personal information under false pretenses. Some common examples include emails that supposedly were emailed to you from your bank, a charitable foundation, and even department of the federal government. Don't let any of these fool you!

EXAMPLES OF EMAIL SCAMS

Example #1: Emails from Credit Card Companies, Charitable Foundations, the IRS, etc

Here is an example of a phishing attempt that I often receive:

I log on to my email and in my inbox, I notice an email supposedly sent from my bank as follows:

"BofA: Please Update Your Profile"

I click on it to open and read it. At first glance, I think it's an actual message from my bank. There's the red, white and blue flag logo used by Bank of America, and other indicators leading one to believe it really is from the bank. However, upon further inspection, I read the following:

Dear Sir/Mademoiselle:

We value your business and take every opportunity to protect your identificasion. To ensure continued quality service, please update your profile at the following: www.bankofamerica.com

Okay, so let's examine why I know this email is spam, i.e., fake:

1st: The use of "mademoiselle" makes me curious. This is not an English word, it is a French word, equivalent to "miss" in English. Bank of America is a U.S. company, headquartered in Charlotte, North Carolina, and by my location, it is catering to a customer here in the U.S. It doesn't make sense to me that a U.S. company would use French references.

2nd: The author of this bogus email misspelled "identificasion". It should have been spelled with a "t", not an "s", as in "INDENTIFICATION". I'm assuming a large, multi-billion-dollar company like Bank of America would have not have misspelled something so simple. Such a large corporation and they don't use spell check? Hmmmm....

3rd: (WARNING: Never click on links or anything in an email if you are not 100% sure of its' source!) Making sure that I do not click on it, I hover my mouse over the link that is provided in the email (www.bankofamerica.com). What it reveals is telling. The address bar for the link indicates a totally different URL address*. If this were an actual email from Bank of America, the link should show a URL for the BofA website at: www.bankofamerica.com, not www.bankofamerica.net-silver-bruh!!!

*Note: Whenever you hover over a link on any web page, a URL address box will pop up. This shows you the where the site will take you if you click that particular link. It will usually look like this: "http://www.....".

So after inspection, I know this email is spam. The author is trying to get me to click on the link they provided me. This link will either (1) take me to another site designed to get personal information about me, or (2) download a virus to my computer. The only button you should click after determining an email is fake is the "DELETE" button!

Example #2: The "Dear Angel" Letter

I call these emails the "Dear Angel" Letter because if you read the letter, the author is trying to get you to help them by doing something. There is always some sad story about how their husband, wife, child, grandparent died, and they received a million dollar inheritance. Or maybe they're a retired U.S. soldier who just came back from overseas duty, and while they were there, they discovered hidden treasure worth over a billion dollars!...but they need your help . And you'll be an angel if you help them. Of course, in return, they promise you will get a 10 percent (or more) "reward". So you're thinking - 'Oh, wonderful! If I just help them, I can possible get 10% of that 5 million dollar inheritance!' NO! Don't fall for it - its' most likely a scam! They want you to respond so they can further engage you, to find out more information, and milk you for money. They want you to reveal your bank account number, social security, etc, so that they can "mail you your 10%". Yeah right! (If you refer to my Spam Attachment #2, notice that they are promising me $18.6 Million!!!) - WOW!

I don't know about you, but I get these types of emails all the time. My junk filter is set to extremely high so many of these don't pass my security test, but I do see them when I check my junk mail folder.

Example #3: Spam Emails in Thai!!!

Spam has been around since nearly the beginning of the internet and email. Since I've had an email account (probably 25 - 30 years), I've always received spam and phishing attempts. However, they were all in English...until a month ago! This past June, I received my first spam email that was in Thai. It was shocking, because I never expected it. I thought it was just another person sending me a question about their case. So this is a warning that just goes to show the lengths that these spammers and cyber criminals are going to in order to harm you. Please be careful.

What Should You Do?

First of all, every computer you use should have some sort of internet security protection. Many of the better ones will also have spam, phishing filters and spyware. Second, you should always keep protection software updated, as well as your operating system updates. Set them to automatic to save you time and effort. Third, never click on anything you are not sure about. Trust your intuition.

The best way to verify the source of any email or web page link is to contact the source. For example, in the spam email that I received from the fake Bank of America, I could just have easily called my bank manager or visited them at any branch. For emails with attachments that are supposedly from a friend but you weren't expecting an attachment - call them and ask them if they sent you an email with an attachment. Verify that they really did send you something.

If you have questions, need assistance if you have been a victim of an internet scam, or some other legal issue, please contact my office at (818) 846-5639, or my Thai direct line at (818) 505-4921. Also, if you have any questions that you would like to be answered in future articles, please email me at: JC4LAW@HOTMAIL.COM or visit my website at: WWW.JC4LAW.COM for general information regarding this and many other topics in Business, Property and Family Law.

Also be sure to check us out on the web at: WWW.JC4LAW.COM, and now on FACEBOOK at: https://www.facebook.com/ThaiAttorney Be sure to follow (and "like") me for the most recent updates in the law!


Disclaimer: The information contained herein have been prepared for informational purposes only and are not to be considered legal advice unless otherwise specified. If you have a specific question regarding your personal case, please contact the Law Offices of Joseph Chitmongran for a full consultation.