Friend’s Email Faked

email-from-friend-scam-example-screenshotFriend’s Email Faked: a reader asks…

Hi Chris, I received an email from someone I know, but the email was strange, just a few words and then a website address with a lot of characters. I clicked on the link which took me to a Microsoft website with a warning on it that said my computer was infected and to call a number. So I called the number and this guy said he was from Microsoft Tech Support, confirmed that my computer was infected and wanted me to give him ‘remote access’ to my computer so he could fix it for me. He said if I didn’t my computer would shut down and stop working. I got suspicious and hung up on him, but now I’m worried my computer is infected, even though I have your recommended internet security program installed and that seems to be working fine. What should I do?

The first thing you should do is send an email to your friend and tell them it’s possible their email account has been hacked. I say ‘possible’ because it’s so easy to fake emails that it’s absurd. I routinely get emails ‘from myself’ that look similar to what you describe. My email hasn’t been hacked, it’s just some hacker out there who’s impersonating me. Email was invented before anyone really thought about identity theft, and so there were no real safeguards put into place in the email protocols to prevent someone from sending an email with whatever From address they want.

But it is possible, and slightly more probable since you got the email from someone you know – it’s likely their addressbook has been copied by the same hackers, so they know who to send fake emails to. At the very least, your friend should change their email account password.

It’s unlikely that your computer was affected just by clicking the link, but to be safe you should scan your system with your internet security program(s). You might also want to use a separate online scanner, such as this one http://www.bitdefender.com/scanner/online/free.html or this one http://www.eset.com/us/online-scanner/.

incoming-call-from-scammer-image-from-shutterstockNow as to the warning – it’s a scam. I get phone calls from ‘Microsoft Tech Support’ monthly and it’s always a scammer, Microsoft would never do that. Hackers are constantly dreaming up new ways to fool unsuspecting people. In your case, the fake email you received contained a link to a fake website. By the way, it’s also easy to create a near-perfect duplicate of any website, the only give-away is that the website address (e.g., URL like https://positek.net) isn’t quite the same as the actual company’s. So the website may have looked like a Microsoft site, but if you look in the address bar it probably said something other than microsoft.com. And of course, that website had a phone number that went to the scammer so they could reel you in.

Advertisement

I’m glad you didn’t follow through on letting that scammer gain access to your computer. If you’d let him, he’d have probably infected your computer, surreptitiously disabled your protection programs, and turned your computer into a ‘zombie’ that he could access anytime to do more nefarious deeds (like sending spam to other unsuspecting victims).

If you (or any reader) receives an email from someone they know, and it has some weird-looking link in it to some website, please don’t click the link! Instead, you could send me an email to support@positek.net and attach that email to the message you send me. In the body of your message to me, just ask me if you think the email is fake. I’ll take a look at the email (both the hyperlink and the hidden message headers that tell where the email really comes from), and add it to my growing list of articles on this problem.

fakeemailamazonAnd please tell your friends and anyone you know that they need to be suspicious of pretty much all unexpected emails, whether from strangers or people you know. Did you know that 90% of all email rolling around the internet at any micro-instant is either fake, scams, junk, spam, worthless advertising, or worse?

If you hover your mouse over a hyperlink in an email, you should see a popup that tells you where that link will take you if you click on it. For example, a fake message from Amazon has a link in it that takes you to some fake website (uspalrob dot com) and not to Amazon.com. You can do the same thing with websites, hover your mouse over a link and you’ll see where the link really takes you to (you might not see a popup, but look at the bottom-left of your browser window). Give it a try on these examples:

You’ll notice the actual links are reversed for these two hyperlinks. It’s that easy to create a fake link. So please be careful.

This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via:

Click or tap to open a new browser tab or your Venmo app and send money via Venmo to @positek
(@PosiTek)

Click or tap to open a new browser tab or your Paypal app to send money via your Paypal account to support@positek.net
(Support@PosiTek.net)

Click or tap to open a new browser tab or your Paypal app to send money using your credit card to support@positek.net (no Paypal account required)
(using any credit card)

or by mailing a check/cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thanks!

One Comment

  1. Jeremiah Weaver

    Hey Chris I have had this problem about 4 years. Need help think Ivan on fake web page and not the internet. Have % redirect _,# and ? Show up when going to sites. And my life is all screwed up now. Bank accounts all kinds of things.

Leave a Comment

Your email address will not be published. Required fields are marked *

For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

This site uses Akismet to reduce spam. Learn how your comment data is processed.