Old Articles About Me
ALAN ZISMAN ON TECHNOLOGY
Two emails today - one is bogus, the other is real. How can you tell?
By Alan Zisman © 2022-12-08
This morning, someone I know got an email in her Yahoo Mail inbox with the title: Upgrade Yahoo Terms of Service. It was illustrated with Yahoo logos and said:
We are contacting you regarding your YAHOO! Email account, It looks like your account has been flagged due to some violated terms and agreement, as they were initially speculated.
Please verify your Mail account today 12/09/2022
To avoid any loss of data, please click below to verify your account.
NOTE: Please make sure your password is correct before Updating your Yahoo account.
YAHOO! Mail Support Team.
Before rushing to click on the VERIFY HERE link, it's useful to be able to see whether the link goes - web browsers on laptop/desktop computers have a handy option letting you hover your mouse over a link that pops up text showing where the link goes. (That's harder to do on a phone or tablet - and even on a 'real' computer, may need to be enables in the browser settings - perhaps by turning on 'View Status Bar' or similar).
In this case, hovering my mouse over VERIFY HERE, I see that the link goes to: https://vl621.webwave.dev - definitely NOT a Yahoo Mail address, and probably not somewhere I want to send my email password. (I've mis-typed the address, but don't click on it anyway!) For more on viewing links before you click on them, see: http://zisman.ca/security2017/#see_links
So throw this one away - or send it to your spam folder!
On the other hand, the same morning I got a similar-looking message, this one titled: Turn on Facebook Protect, and starting 'Your account requires advanced security from Facebook Protect... turn on Facebook Protect by Dec 24; after that you will be locked out of your account until you enable it'.
Real or bogus???
Like the proported Yahoo Mail message, this one asked me to click on a link before a time limit - and threatened to lock me out of my account if I failed to follow through by the deadline.
In this case, hovering my mouse over the Turn On Facebook Protect link showed a facebook.com address - so I clicked the link. It took me to a page that showed I had a reasonably secure password and had enabled 2-Factor Authentication for my FB account and assured me everything was OK.
You really should be using 2-Factor Authentication wherever it's supported - on your email and social media accounts, your bank, and more. Here's how to set it up for a number of popular services:
Older blog postings....