Just finished talking with one of my colleagues about a quite legitimate looking spam email one of our clients received prompting them to download an important security patch.
All you have to do is just to click the link provided, to save the patch file and then to run it from your computer location. That’s all.
Because this email was using a spoofed from address at the client’s domain and the link to the ‘patch’ file was at a subdomain that included the client’s name it certainly looked real. (The second ‘That’s all’ was pushing it a bit though)
Then an SMS beeped in on my mobile…
Free msg *** Tyres. Purchase 4 *** types by 31 Oct & get a free tomtom One valued at…
Last week, like most weeks, I threw out a fake domain registration ‘invoice’ which was really an invitation to transfer my domain to a dodgy domain registrar at an inflated price. These guys have been doing this for years with different business names.
My kids know how to recognise the telemarketers when they call the home phone. Within about 3 seconds.
Did I mention Email Spam?
And I’m not even going to start on spam proper – email spam. After what is filtered out at server level I get around 50 of these a day.