Timely advice from security reporter Brian Krebs. These types of scam emails requesting confirmation of online orders are prolific at the best of times but the pre-Christmas shopping spree creates an environment of exaggerated vulnerability, one which the malware purveyors are only too happy to take advantage of.
If you tend to do a lot of your shopping online, especially around this time of year, you really should read Brian’s report which is, as usual, loaded with useful background information as well as sound advice:
If you receive an email this holiday season asking you to “confirm” an online e-commerce order or package shipment, please resist the urge to click the included link or attachment: Malware purveyors and spammers are blasting these missives by the millions each day in a bid to trick people into giving up control over their computers and identities.
Seasonal scams like these are a perennial scourge of the holidays, mainly because the methods they employ are reliably successful. Crooks understand that it’s easier to catch would-be victims off-guard during the holidays. This goes even for people who generally know better than to click on links and attachments in emails that spoof trusted brands and retailers, because this is a time of year when many people are intensely focused on making sure their online orders arrive before Dec. 25…
- This is just an excerpt, you can read Brian’s article in full here: Be Wary of ‘Order Confirmation’ Emails
Hi Brian
I use gmail and I also use Mozilla Thunderbird for my desktop email client. Is it safer to preview email’s with my web browser before I use Thunderbird mail or does it make any difference? Daniel.
I have gotten this exact email. Yahoo put it right in the spam folder.
I only opened it out of curiosity, since I knew it was fake. Since I opened it in the spam folder, even if I wanted to, I couldn’t click on the link.
Most of these things have another tell-tale sign. The address will say to: Me. Not my name or email address.
Now the to: Me is NOT unique to these kinds of emails, some groups do this to avoid a long list of to:’s in the address. It still will attract my attention to it being fake more often than not.
Home Depot is probably the ONLY place I haven’t bought anything online from.