I got an email the other day from a friend, and spotted a familiar pattern. The email was sent to me and about 7 other people in her contact list. The email had no subject and no text in the body of the email, but did have a long strange looking link.
Google flagged the email as “important” based on the fact that it was directed to a core group of people (or so I was informed when I hovered my mouse over the email flag to see if there was information about it).
I knew right away that my friend’s email was hacked and the hackers were tapping into her address book and sending out these emails. If you click on the link and go to the page then your computer will likely be hacked too. Takes about 4 seconds to fall into this trap, and it’s an easy one to fall into.
So here is the rule: (1) never click on a link in an email even from a familiar person or company. Your bank or PayPal will not expect you to click on links to get to information that they send you. They’ll either tell you or ask you to log in manually. Even if they don’t tell you to log in manually; ALWAYS log in manually. Never click on links in emails that are from financial institutions that require passwords to access your account.
And if you get emails from a friend that is terse and only contains a link, or contains a short phrase introducing the link (e.g. “Look what someone is saying about you” or “this is a weird picture of you”), DO NOT CLICK on the link.
And when you send your friends emails with a link take the time to describe why it’s interesting. It’s hard for hackers to gauge how to draft a longer email. Short ones like the examples I just listed are easy, because they could apply to anyone and they have a high “tantalizing” factor.
In short, train yourself to be suspicious when you open email, and be very slow to click on links. It’s a dangerous world in your email inbox, and you need to be prepared to identify the common threats.