Over half of the emails I get are spam and potentially contain malware. A few CIO’s have told me that up to 80% of the email that is sent to their company’s email server is spam. Email is the most popular way for cybercriminals and cyber terrorists to get malware into your company’s IT infrastructure or your own personal computers.
I recently received an email apparently from MetLife Insurance, complete with Snoopy and the same copyright notices and disclaimers that you would expect to see on a legitimate offer from the company. But it was from Romania.
How did I know it from Romania? The “from” field in the email said “MetLife – Life Insurance”, but when I checked, the actual email address ended in “.ro”, the Internet country code for Romania. Unless you know someone in Romania or do business in Romania, never open an email from there. Romania has many quaint villages and towns, among them Râmnicu Vâlcea. The economy of the 120,000 people who live there is centered around cybercrime, specializing in ecommerce scams (like this MetLife email) or malware attacks on businesses, like yours. The economy is good: lots of expensive BMWs, Audis, and Mercedes, new apartments buildings, gated bungalows, new nightclubs and shopping centers. The US Embassy in Bucharest estimates that Romanian cybercriminals steal US$1 billion from Americans each year.
It is easy to see the actual origin of an email. In most email programs, simply click on the “from” name. Usually to the right of the name will be a triangle symbol. Click on that and you should see something like this, showing the actual email address and giving you options like “Copy Address.” In this case, the email address belongs to linkedin.com so the probability of it being legit is very high. The Met-Life email I received ended with “.ro”.
Another automatically suspect country is The Netherlands (.nl). At least 75% of my spam emails come from either .ro or .nl. If you are curious about an Internet country code, just enter it with the leading period in Wikipedia (e.g., “.no”).
One country has legitimately cashed in on its country code. Tuvalu is a Polynesian island nation midway between Hawaii and Australia that gained independence from the United Kingdom in 1978. It’s population is less than 11,000. It’s Internet country code is .TV. The domain is currently operated by dotTV, a subsidiary of Verisign. The Tuvalu government owns 20% of dotTV. The net result is that every quarter, the Tuvalu government receives US$1 million for use of the .tv domain. Verisign has been marketing the .tv top-level domain name for rich media content.
What does a very small relatively poor ($3,400 per capital GDP) country do with this predictable income? With its first quarterly payment, it paid the $100,000 it takes to join the United Nations.
But you can receive dangerous emails that look like they are from a friend and actually has your friend’s email address. If you get an email apparently from a friend that has just a link and something like “check this out” do not open it. Check first with your friend to verify that he or she really sent it.
If you are tired of receiving dozens of these emails every week, resist the temptation to respond or click on its “unsubscribe” link. If you respond you simply verify that your email address is valid, and the sender will give or sell that information to other cybercriminals. The “unsubscribe” link is likely to also be a malware installer, immediately infecting your computer. The only thing you should do with a suspect email is to delete it.
Be especially wary of business-like emails that come from generic email addresses like aol, Comcast, gmail, Verizon, or yahoo. For Verizon and Comcast, emails from the companies themselves come from Verizon.com and Comcast.com; emails from subscribers come from Verizon.net and Comcast.net.
If you get an unexpected email that seems to be from someone in your company or a partner that is asking for customer or employee personal information, financial information, or any proprietary information, verify who actually sent it. At a minimum, check the email address and make sure it came from a company email address. I recommend that you call or text the person to make sure the request is bona fide. No one will be unhappy that you “bothered” them to make sure you were not about to cause the company a serious and possibly very expensive problem.
The last word:
Remember that the IRS or Social Security will never ask you for any personal information in an email or over the phone. Unless you initiated the call, do not give Social Security numbers, account numbers, or any other personal or financially sensitive information over the phone. Never put them in an email. And never give passwords to anyone over the phone or in an email.
Keep your sense of humor.