Is this email real?


From: > Info@yahoo.com > Add to Address Book
To: (Cranberry’s email address was originally here)
Subject: Notice: Last Warning
Date: Tue, 10 May 2005 12:54:24 -0400


To safeguard your email account from possible termination, please see
the attached file.

It seems real, but it also seems weird. They want me to download something called “info_text.pif (33k).”

It is not real. The attachment is almost certainly either a virus or malware.

This is an example of phishing.

Just delete the email.

–James

I say no way. Delete! Delete!

Even though the address is from yahoo?

What is phishing?

Thanks, cousins.

It’s quite easy for criminals to “spoof” email addresses. They can send you an email that looks like it came from Yahoo, or from the FBI, or even from the President.

Phishing is the name the IT industry has come up with the describe the practice of sending fake emails from spoofed addresses, usually either for the purpose of collecting information you definitely don’t want them to have (like bank account or credit card numbers), or for the purpose of infecting your PC with a virus or malware.

As a general rule, you should never reply to such an email, and if it includes a link (either to what looks like a real site, or to a “for more info” site), you should not click it, as doing so could also allow them to infect your PC.

–James

I deleted it. Thanks so much. :slight_smile:

You mean, President Bush doesn’t really want me to assist the US Homeland Security Office in tracking down possible Canadian walrus hunters trying to infiltrate high security hunting grounds in Alaska? :astonished:

djm

I wouldn’t lay you odds either way. :sunglasses:

–James

pif is a common ending for virus files. It’s also a legitimate file ending for certain computery things, so don’t run around deleting all the pif files on your pc :smiley:

Some of the most common virus file extensions (the bit after the dot): .vbs, .bat, .exe, .pif, .scr

“The Windows operating system uses PIF [Program Information File…yes, the F is redundant] files to store startup information for DOS programs, but any executable file renamed with the PIF extension will execute when a user double-clicks on the file’s icon.” – a news.zdnet.com article

Good idea to foward such emails to spoof@yahoo.com, spoof@ebay.com, spoof@paypal.com, spoof@citibank.com etc. depending on where that email is supposed to be coming from.

The From: address means nothing.
I can send you an email from president@whitehouse.gov if I wanted :wink:
I did this for someone once, just to show them you could. This was back in the early days of the internet, and they thought such things were inviolate :slight_smile:

I’ve had lots of similar phishing letters from credit card companies, AOL, PayPal, etc. With Windows XP, you can place (not click) your cursor over a link and a little yellow box pops up showing where that link actually goes-- it’s usually not even remotely related to the supposed sender. Once in a while they do put a real link on there eg to a FAQ page of the real website just to make it more realistic. Definitely delete these things, NEVER click on the links. If you have any doubts, YOU contact the company via their real website or customer service phone #

I got a bunch of ebay official-looking memo’s, all trying to get me to give up password etc etc. They said that someone was using my account to bid on purchases, etc. A hoax.

The ones about eBay are especially well written. Same kind of deal. “Your account will be suspended if you don’t verify… yadda yadda yadda…”

I wrote the real eBay back asking why they would like all this superfluous information when all they do is provide a venue for buyer and seller to meet and transact.

They wrote me back explaining that the original message I got was a scam and it is their practice never to collect additional information or distribute user information that is originally collected to open an account. They further explained that accounts don’t expire even with several years of non-use.

It both relieved me and torqued my jaw a little that I was duped enough to chew someone’s butt about a “practice” seemed a little too probing for comfort. :roll:

Ditto, S. It was so realistic that I didn’t know who to believe!

I got exactly the same e-mail wording from Verizon, Cran.
Dump it.
Best.
Byll

If I don’t know 'em, I delete 'em. If I want something badly enough, I can find it on my own steam without the help of strange emails, thanks.

I usually follow that advice as well, but this one said my account would be deleted if I didn’t act so I had to make sure. That’s why I askt.

It was also delivered to the “bulk” folder, and almost nothing is ever sent there.

Yeah, sorry. As soon as I hit “submit” I realised that I wasn’t exactly addressing your issue. Oops.

I always report phishing to uce@ftc.gov and report spam to spam@uce.gov.

They just busted a spam ring in Boston a few days ago, by the way.

Robin