11.20.08

Read before Clicking

Posted in Computers & Technology at 8:47 am by Marion

TECH THURSDAY

Just this morning I almost sabotaged myself by trying to open a strange zip file message … I thought it was from the US Post Office, where I’d sent a letter last week and requested a delivery confirmation. I had a tracking number to check, but caught up in the whirl of the pat few days, I lost the scrap of paper recording the information. I just presumed the email was about my letter.

Silly me!! I broke every rule in the email Rulebook. I was a sitting duck. First of all, the message wasn’t even addressed to me. Second, if I’d looked closely, I would have seen the message was from UPS and not USPS.

The email message said my package could not be delivered because the address was incorrect. I needed to pick it up at their office within 10 days or I would be charged $10 a day. I needed to open the attached receipt. Which was a .zip file, a form of compressed file.

When I tried to open it, I was asked if I wanted to use an executable, or program file, such as Internet Explorer to open it. I said yes, without even thinking.

As we all know … hello!! … the most dangerous thing you can ever do is open an .exe file from someone you don’t know.

Fortunately, it wouldn’t open. I tried all sorts of programs to read the file … Word 2007 even a spreadsheet program … but nothing.

I checked the original address and it looked correct. Throughout, I’m asking myself, Did I give the Post Office my email address? I use it so often I just assumed I had.

Finally, I realized the sender was UPS — not USPS — and the message was addressed to mpseare. In a flash, it became obvious I was just a click away from doom and disaster.

I exited out of the attachment, deleted the .zip files from my hard drive and trashed the email.

Turns out UPS has posted a special alert about this virus. You can read about it on their Web site. I’ll also try to forward the email to them.

How many basic rules did I break?

1. Never open attachments from people you don’t know or recognize

2. Never try to open executable files from sources you don’t recognize

3. Don’t open messages with fake return addresses. The sender, supposedly info@ups.com, did not match the reply-to line, which was kej(at) bobgoldpr.com

4. Pay attention. I should have recognized that UPS is not the same as USPS.

5. Pay attention. The message made reference to a package I sent Nov. 1. I should have instantly remembered I sent the package much later than that.

The final rule? Count your blessings. Sometimes you can do something stupid and somehow avoid disaster. The computer gods must be looking out for you.

UPDATE: Trend Micro, my antivirus program, cleaned the virus out of the message before I downloaded it to my hard drive. Sing the praises of Trend Micro.

1 Comment

  1. Gene-o said,

    November 20, 2008 at 8:59 am

    In some cases, you’re not even safe opening attachments from someone you know. My first virus came via an attachment to a friend’s outgoing e-mails; she did not know the virus was attaching itself or that her computer was infected. So unless the individual specifically refers to the attachment in the body of his or her message, do not open.