It used to be that viruses and other malware were always delivered through email attachments - as long as you didn't open the file included with the email message you could be reasonably sure that your computer remained safe. But now that HTML emails are the norm - making emails look just like web pages - any email can potentially carry malicious code, even one with no attachment.

The first step is winnowing out the junk, unsolicited emails, and common sense is your best tool here. Despite what you'd like to believe, no one from Africa is going to offer you, a stranger, $1 million to help them with a minor bank transaction (in an unsolicited email, yet). Just as unlikely is the email from Arizona offering a more modest amount to help with a simple divorce procedure. At best, these types of emails are sent by Internet scavengers looking to harvest email addresses: responding means you can become deluged with more of these emails in the future. At worst, you can become part of a scam costing you hundreds or thousands of dollars.

Other extremely unlikely email scenarios: an email from the Internal Revenue Service announcing your surprise tax refund (or any email from the IRS, since this agency never initiates any official business via email); an email from your bank, PayPal, credit card company, or any other financial institution announcing that your password has been reset, unless YOU first initiated the procedure; or any email suggesting you login to your online account, especially where the email helpfully provides the link to the login page.

To test a suspicious link in an email, hover your mouse over it (you may have to try a couple of times). The actual web link (where you will be taken if you click on the link) should appear. If the text of the link (what appears in the email) shows, for example www.yourbank.com, but the actual web link shows something different, be very suspicious. Remember that www.yourbank.com and www.yourbank.mybank.com are totally different sites - the name closest to the '.com' determines the actual site - so don't be mislead by similar looking websites.

As another test, bring up a web browser and perform an Internet search using some of the phrases contained in the email. If the results show numerous examples of the entire email, well.....

It's getting much harder to tell the difference between legitimate and junk emails. Sometimes, even computer and virus software can't tell the difference, which is why good emails end up in your Junk folder and junk winds up in your Inbox. Still, common sense and a little bit of diligence can help you to avoid the bad or malicious email.

Erie County Bar Association
www.eriebar.com
Tips provided by Richard D. Vasil, Vasil Consulting, Inc.
© 2012 Vasil Consulting, Inc.