Written: August 10, 2016
In my previous corporate job as a Product Marketing Manager I used to fly around the world for business and so I signed up for the United Airlines mileage program in order to earn free tickets and other perks. This morning I received an email from the MileagePlus United program, or so I thought. Just to be safe I did some quick checking on this email to determine if it was legitimate or just another phishing scheme to steal my identity and mileage points.
First up on the scrutiny list is just the heading of the email message itself:
This header showed the correct last four digits of my account number, and they also personalized the email by using my first name in the message. These are both excellent signs that the email is legitimate, because the bad guys typically don’t have this level of information about you, maybe they would know my first name but certainly not my account numbers unless United had been hacked.
Next up is the actual link that they want me to click on:
That link address appears when I hover my mouse over the sign in, and it clearly shows a trusted address of: news.united.com
Near the bottom of the email is a button, so I check out the link address for Learn more.
Once again, this link is OK because it contains: news.united.com. This is a trusted address that United Airlines does own.
United is a big company, so they always have a lot of legal text in the footer:
The final check is looking at the From address in this email:
That address of news.united.com is also OK, because it contains united.com, a trusted web address.
I also noted that the message itself was written in American English, and that the spelling was proper, the grammar was correct, and that the message made sense instead of being computer generated gibberish.
Well, there you have it, doing a little extra checking on official-looking email messages is worth the effort to validate that this was a legitimate email from United Airlines.Tags: phishing, United Airlines
Written: July 30, 2016
A few years back I organized my business as an LLC and one task is the annual renewal payment of $100.00, so I decided to venture online and make my payment at www.FilingInOregon.com/renew. Sure, it took more time than opening up my checkbook, filling it out, sealing the envelope, and placing in the mailbox. I didn’t expect the Oregon online form to ask so many questions, but I forged ahead, at least until the payment screen came up and I filled out my Visa credit card information and clicked Submit. Then I waited and waited, until after 30 seconds the page timed out.
Uh oh, that can’t be a good sign. Oh well, when I clicked the Refresh button on my browser I got an error page:
Oh well, how about going back to the beginning link and trying all over again? Nope, the system doesn’t like that approach:
So now I’m stuck in no-man’s land, where I’m pretty sure that they didn’t receive the $100.00 credit card payment, but they won’t let me even try again. This is a classic Catch-22 scenario, which is another reason that I cringe when the Oregon Secretary of State web site cannot process a simple renewal payment. Had I coded such a poor web site I wouldn’t even be paid, I’d probably be sued for breach of contract or something like it.
I’ll let you know if this story has a happy ending, but be assured that I’m frowning big time right now, wondering why the folks working for the state of Oregon cannot put together an online system that works, saves me time, and saves the state time.Tags: llc.license renewal, oregon, Secretary of state
Written: July 15, 2016
I signed up years ago for PayPal because it was an easy way to make and accept payments online at sites like eBay, so when I get an email from PayPal I do pay attention. At first glance this email appears to be legitimate because of the layout, PayPal logo, and boilerplate footer content.
My first suspicion came about because this email didn’t have my First and Last name included, and I know that PayPal always uses that information when they communicate with me. Secondly, when I hover my mouse over the link for try again it goes to some other website not related in any way to the real PayPal:
Same problem with the second link for send us an email, it doesn’t go to a PayPal site.
The final detail to reveal that this is really just a phishing scheme designed to steal my credentials is the Login button:
Double check any email supposedly coming from PayPal, and if the links don’t have paypal.com in them, then it’s just another phishing scheme to steal your identity.
There is a new site called Fubar that is supposed to be an online bar and Happy Hour, and I started to receive emails claiming to be from Fubar that looked rather plain:
Since there were no graphics, no logos and not much formatting I decided to check out the links by hovering my mouse over fubar.com:
Sure enough, yet another phishing scam because the link has nothing to do with fubar.com. Besides, my drinking and dating days are long gone as I am 27 years sober and married 33 years.Tags: Fubar.com, PayPal, phishing
Written: May 11, 2016
Each morning after breakfast I start my work day by reading email messages to see what needs my attention or is urgent. This security message from Facebook stood out right away as something that I should look into right away:
The return address was from firstname.lastname@example.org, they knew my first name, the English was proper, the message made sense, and the link they wanted me to click was legitimate, https://www.facebook.com/login/. I certainly didn’t try to login to Facebook at 3:24AM using the Firefox browser on Windows 8, because my default browser is Google Chrome on Mac OS X.
Once I visited the login page I was greeted with a dialog telling me that my Facebook account was temporarily locked:
The next dialog asked if I had tried to login on Facebook from South Korea, so I replied No. The third dialog let me know that my account needed to be kept secure:
They asked me to provide a new password:
New password accepted, so now I’m all set:
The security folks at Facebook automatically noticed that someone was trying to login to my account from South Korea, which they blocked, and then for added security Facebook locked my account until I could respond to their email request to login and answer questions about my login history. I feel protected by Facebook and am quite happy to reset my password and continue using Facebook today. I did quickly look at my Facebook feed to double check that nothing had been posted as me by another person, and found the feed to be all safe. What a happy ending to the story.Tags: Facebook, security