Why not to click on links in unexpected email

This is a quick explanation you can send to folks who are a little too trusting of what ends up in their inbox.

  1. Notify a spammer that your email address is real and that you can be tricked, increasing the amount of spam and scams you receive.
  2. Land you on a virus-laden page, infecting your computer.

But the email is from a site I trust!

Really? How can you be sure? It's easy to fake an address or a link.

  1. Just because the "sender" address is "abuse@paypal.com" doesn't mean the email is from paypal.com. It is trivial, for example, to send an email that appears to be from bill.gates@microsoft.com.
  2. Those links don't necessarily go where you think they go. A well-crafted spammer can have a link display one thing and go somewhere else.

But the link goes to a domain I trust!

Even a link to a safe domain is not always safe.

  1. Many sites have "redirect scripts": http://www.google.com/url?sa=D&q=http://www.example.net/ redirects to example.net.
  2. Change your settings on that website (CSRF). For example, clicking here will change your Google language preferences to Pig Latin.
  3. XSS (Cross-site scripting) is a nasty little technique wherein a well-designed link to a poorly-designed site can do all sorts of things in your name on that site.
  4. Look-alike domain names are common. Depending on your font, you may not be able to see the difference between paypal.com and paypaI.com.

So, what is safe, anyway?

Just don't click on links in unexpected emails, or open ANY attachments without running them through a virus scanner first.

  • Go to the site like you would normally (not using any information form the email). For example, if you get what appears to be a notice from PayPal that something has happened to your account, type paypal.com into the browser's address bar and log into your account. If they have anything to tell you, they'll tell you there.

It's as simple as that to be safe.

Responses: 6 so far Feed icon

  1. TrvlnMn says:

    tongue in cheek

    "But hey.. I like looking at por.. err.. adult material. It's a risk I'm willing to take."


  2. Sally Carson says:

    Hey, thanks for this write-up. I'm glad that you used PayPal as an example, because that's a really common piece of spam that I get -- an email insisting that my PayPal account has been compromised and I need to click on this-here link to go to the PayPal site and change my password.

  3. Tim McCormack says:

    @TrvLnMan: Yes, so in your case you can go ahead and type FreeLlamaPix.com directly into the address bar, instead of clicking the handy link.


  4. Tim McCormack says:

    @Sally: Yeah, I've decided to start writing these nutshell explanations, starting with my Javascript namespacing mini-article. They're fun (and hopefully helpful).

  5. Neosamurai85 says:

    "Yeah, I've decided to start writing these nutshell explanations, starting with my Javascript namespacing mini-article. They're fun (and hopefully helpful)."

    RE: Yeah, it's fun to help people with things you know about. One of my favorite past times is helping uninformed parents (the internet has mostly done away with this) not rent japanese porn for their eight-year-olds. Not to mention The Plague Dogs... which, though a good cartoon about animal testing... will mess you up at five... which is when I saw it... thus I rest my case.

    Ok some of that sounded wrong. You see I have a big catalog of anime and it lists thousands of films from kids stuff to adult... so I used to look things up for people. I ain't no guide to pettin' zoos! Zero llamas be a-spitting on my clock!

    Anyway. Yeah, I love using my super geek powers to help people find movies they'll like and keeping them away from movies they probably won't.

    Much like you like keeping peopel away from duh virus. Which was my point... I stop hogging your comments board now and e-mail my parents a link to this. Thanks!


  6. Tim McCormack says:

    Neosamurai85: Maybe you could write a nutshell guide on raising opossums.

Commenting is not yet reimplemented after the Wordpress migration, sorry! For now, you can email me and I can manually add comments.