Blog    Tutorials    Old Articles    About Me

ALAN ZISMAN ON TECHNOLOGY

Two emails today - one is bogus, the other is real. How can you tell?   
 
By Alan Zisman 2022-12-08



This morning, someone I know got an email in her Yahoo Mail inbox with the title: Upgrade Yahoo Terms of Service. It was illustrated with Yahoo logos and said:

Yahoo message

Dear user
We are contacting you regarding your YAHOO! Email account, It looks like your account has been flagged due to some violated terms and agreement, as they were initially speculated.
 
Please verify your Mail account today 12/09/2022
 
To avoid any loss of data, please click below to verify your account.
NOTE: Please make sure your password is correct before Updating your Yahoo account.

VERIFY HERE
 
Thanks
YAHOO! Mail Support Team.

Before rushing to click on the VERIFY HERE link, it's useful to be able to see whether the link goes - web browsers on laptop/desktop computers have a handy option letting you hover your mouse over a link that pops up text showing where the link goes. (That's harder to do on a phone or tablet - and even on a 'real' computer, may need to be enables in the browser settings - perhaps by turning on 'View Status Bar' or similar).

In this case, hovering my mouse over VERIFY HERE, I see that the link goes to: https://vl621.webwave.dev - definitely NOT a Yahoo Mail address, and probably not somewhere I want to send my email password. (I've mis-typed the address, but don't click on it anyway!) For more on viewing links before you click on them, see: http://zisman.ca/security2017/#see_links

So throw this one away - or send it to your spam folder!

On the other hand, the same morning I got a similar-looking message, this one titled: Turn on Facebook Protect, and starting 'Your account requires advanced security from Facebook Protect... turn on Facebook Protect by Dec 24; after that you will be locked out of your account until you enable it'.

Facebook Protect

Real or bogus???

Like the proported Yahoo Mail message, this one asked me to click on a link before a time limit - and threatened to lock me out of my account if I failed to follow through by the deadline.

In this case, hovering my mouse over the Turn On Facebook Protect link showed a facebook.com address - so I clicked the link. It took me to a page that showed I had a reasonably secure password and had enabled 2-Factor Authentication for my FB account and assured me everything was OK.

You really should be using 2-Factor Authentication wherever it's supported - on your email and social media accounts, your bank, and more. Here's how to set it up for a number of popular services:
So some of these sorts of email messages are bogus, others are real - check where links go before clicking on them!

Stay safe!




Older blog postings....


About This Blog...

I've been writing about computers, software, Internet and the rest of technology since 1992, including a 17 year (1995-2012) stint as 'High Tech Office' columnist for Business in Vancouver. This blog includes thoughts on technology, society, and anything else that might interest me. Comments, emailed to alan@zisman.ca are welcome - and may be published in whole or part. You can follow me on Twitter or Google + for notice of new blog postings.
AZ Dog Baby