Who is not inundated with e-mail commercials and other solicitations who should never have known your e-mail address. Thanks to the determination of hackers downloading the Contact Lists of people with poor passwords, The Bad Guys list continues to grow at our expense.
While phishing attacks against people is not new and commercials and solicitations are not new, one group has launched a package offering free product if you are interested. They also offer links to do other things including unsubscribing you. There is one little gotcha: all the links are the same link.
There are some clear "tells" The Bad Guys use in their hurry to get their hook into people to inflict pain or loss. Some of the "tells" from this attack included:
- The e-mail address including your e-mail address to help "personalize" the e-mail yet they never address you by name or include anything else about you. Your first "red flag".
- Marketing companies identify themselves. Here you only receive a generic PO Box address in Boston which includes a "sub number" on the PO Box. Why the secrecy with their address if this is a legitimate company? Your second "red flag".
- The e-mail is somewhat crude for something promoting an expensive product. Some text in different colors, a photo possibly captured from Google, an image of "a related product" which may have had the product name Photoshopped into the image. Your third "red flag"!
- Companies carefully review their copy before sending it to the public. Yet this "company" in the first paragraph refered to their product as "ECIGS" yet referenced "E-Cig", "E-CIG", "E-Cigs" and "E-CIGS" elsewhere. Consistency is critical in advertising. This would never have left someone's desk at a real company. Your fourth "red flag"!
- Proofing errors is also noted where they list "tars , tobacco" in the description. A good intern could catch this mistake quickly before it went out the door. Your fifth "red flag"!
- Pro Vapor is listed in this solicitation. Pro Vapor has a warehouse and offices based in Florida and not a contact point listed at a mail box with a sub number in a Boston location. Yes, you had to do a little homework but this is your sixth "red flag"!
- Finally, a security review of allowing your mouse to "hover" over pictures, buttons and link to see what the link is you might be clicking on. In this case ALL the links are the same whether you want to order, unsubscribe or get more information.
This alone is enough to delete the e-mail!
The Bad Guys are getting smarter, learning more English, and using new approaches to lure us into opening an attachment or clicking a link or image all of which may trigger unwanted code to start inside your computer and cause damage or steal information despite your anti-virus and firewalls.
Why? Because you told your computer you approved these things to happen by clicking the item!