This time, I can’t blame Mercury…
This one was strictly between me and my computer…with a little help from the phishers.
Most of you know that I’ve been having computer issues all week. I could get online easily enough, but pages took forever to load (try seven minutes) if they loaded at all. Because of this, my ability to communicate with you effectively has been somewhat limited!
I’m no IT tech, but I know my way around my computers pretty well. I spent days trying every little basic trick in my arsenal, to no avail. I was about to call my internet company and lay the blame squarely at their feet, until I saw my husband surfing the internet on his (Stone Age) laptop with little trouble. Considering that he is the most computer illiterate person I know, I had to re-evaluate my own problem.
Then I remembered the email….
Rewind to one day last week, when I received the phishing email. (Those of you who are familiar with this type of email can skip to the next bolded section, but I’m going to take a minute or two to explain this terminology for some of my other friends.)
What is a phishing email? Basically, it is a fraudulent email designed to steal your personal information. I get them quite frequently, as, I would assume, does anyone who spends a significant amount of time running about the world wide web. I’ve come to be able to recognize the most common type of them, but let me give you an example:
In your inbox, you see a customer service email from a company you know and use. Let’s say PayPal, because I’ve gotten several of these, and it’s a service a lot of us use. The subject line says something about “security alert” or “verification required”. Most of us are going to open that email.
You may or may not notice that it’s somehow “different” from your usual emails from this company. Many are missing the company logo, for instance. The PayPal ones have been known to display a logo, however, as such things are not difficult to steal. Tell me you haven’t hit your right mouse button and selected “Save picture as…”. But that’s a different topic.
Even if a logo is there, there are usually other red flags. Look at the sender’s address. I’ll bet it’s not an official one. But most of us aren’t looking at that, are we? Or we don’t know what might be considered “official”.
Pay attention to the wording, too. Many of these are written with poor spelling and grammar, or a poor grasp of language. Of course, I’ve seen plenty of real web pages that could use a good proofreading. So again, this is not fail-safe.
The point is, this email will direct you to click on a link and re-enter your login credentials. And that’s how they get you. Because that link is not directing you to PayPal, but somewhere else. And once that other place has your login information, they are able to access your account directly. So do not click those links!
It is much safer to leave the window, access your account directly, and see if you have any security warnings directly from the company. Odds are that you don’t. And most of them are pretty good at letting you know. Any time that you receive one of these suspect emails, you can forward it to the company being misrepresented. They can track and block these malicious sites.
So back to my problem. Because this one was a little different. The email was ostensibly from my mortgage company. When I opened it to read it, it informed me that my online account had been compromised and locked. There was an attachment, which I was instructed to download. There was no company logo, no “letterhead”, and no contact information provided. Enough to set off my warning bells right there.
Naturally, the first thing I did was attempt to access my “locked” account. I could. It wasn’t locked, and there were no security emails in my message center. But we’re talking about my mortgage here, so I wasn’t quite ready to just delete it and be done with it. I decided to call them.
The “first line” customer service representative seemed totally befuddled by my question, simple though it was. (ie; “Is this a legitimate communication from you?”) She said to me, (imagine my expression on this one), “So just click it and see what happens.” I declined, not so politely, although I did refrain from calling her a moron, and asked to speak to someone in a department more experienced at handling such issues.
She complied with my request. I think she was relieved by it. The next representative, in the Online Services department, was much more helpful. I read her the sending address, and she immediately confirmed that it was not legitimate. She provided me with instructions for forwarding it to the company, so they could follow up on it. Still somewhat annoyed (it’s a thing that lingers with me), I told her that she should instruct other representatives against telling people to “just click on” such things. In a full, arrogant uproar, I went on to say that, had I just clicked on it, I would likely have infected my computer with some sort of malware or spyware.
Which is when she told me the part I hadn’t known.
She said that I should scan my computer, anyway, because just opening the email, without even clicking on an embedded link or downloading an attachment, could allow malware to access my system. Let me repeat that. Simply opening the email (which many of us do by allowing the next email to open automatically when one is deleted) can infect the computer.
Me being me, (no comments on that, please), ignored her wise advice. My computers are well secured, with sufficient anti-virus and malware protection. And I hadn’t clicked on anything.
I always have to learn the hard way….
So back to the point. My husband’s ability to browse the internet without cussing led me to believe that my issues were not with my connection, but within my computers. No point calling the internet company then, as much as I enjoy complaining to them. So I did what I should have done a week ago, had I been a more humble (and less hard-headed) person. I scanned for malware.
Since my own programs hadn’t alerted me to anything, I used a different program to run this scan. It was AVG, actually, which is a free download and works very well. It took practically all night to download, since my computer was beyond uncooperative, but it did, indeed, find malware. That, and about five thousand other registry and browsing issues.
Things are back to normal speed now, thank goodness, because I was truly ready to pull out my hair. I highly recommend this download to anyone who is having issues with computer speed. In this day and age, our computers accumulate all sorts of junk that we’re barely even aware is there. We surf the net, joyfully clicking on links our friends have shared to Facebook, including YouTube videos and “news” articles. We hoard photographs from Pinterest and Instagram and get tons of junk mail (I average 800 a day that get past my filters and into my junk folder).
So it’s not a bad idea to periodically scan for malware. These are programs that run silently in the background. You don’t even know they’re there, but they can have a huge impact on your computer’s performance. And there’s no reason to tolerate it. There are many free tools to handle this issue. If you choose to use one other than the one I mentioned, just do a quick search for reviews of that product. Some of them, like any other download, come “packaged” with the very malware you’re trying to avoid. So fact check any product that you’re considering first. If you want to use the one that I used, here’s the link for your convenience!