Scams and Safety

On this page:
  •  Why You Should Always Use the BCC Option when sending email.
  •  Recognizing and Avoiding Some Scams 
  • Trusted Sites for Alerts and Information about Scams
..............................................................................................................................

BCC


~ What is BCC?
BCC, which stands for blind carbon copy, allows you to hide recipients in email messages. Addresses in the To: field and the CC: (carbon copy) field appear in messages, but users cannot see addresses of anyone you included in the BCC: field.

~ Why would you want to use BCC?
Security - People often forward email messages without removing the addresses of previous recipients. As a result, messages that are repeatedly sent to many recipients may contain long lists of email addresses. Spammers and email-borne viruses may collect and target those addresses.

Privacy –Sometimes it's beneficial, even necessary, for you to let recipients know who else is receiving your email message. However, there may be instances when you want to send the same message to multiple recipients without letting them know who else is receiving the message. If you are sending email on behalf of a business or organization, it may be especially important to keep lists of clients, members, or associates confidential. You may also want to avoid listing an internal email address on a message being sent to external recipients. How would you feel when a message addressed to you might also have reached a number of other people, but you did not know who? Another point to remember is that if any of the recipients use the "reply to all" feature to reply to your messages, all of the recipients listed in the To: and CC: fields will receive the reply. If there is potential for a response that is not appropriate for all recipients, consider using BCC.

Tracking - Maybe you want to access or archive the email message you are sending at another email account. Or maybe you want to make someone, such as a supervisor or team member, aware of the email without actually involving them in the exchange. BCC allows you to accomplish these goals without advertising that you are doing it.

To reduce the risk, encourage people who forward messages to you to use BCC so that your email address is less likely to appear in other people's inboxes and be susceptible to being harvested. To avoid becoming part of the problem, in addition to using BCC if you forward messages, take time to remove all existing email addresses within the message. The additional benefit is that the people you're sending the message to will appreciate not having to scroll through large sections of irrelevant information to get to the actual message.

~ How do you use BCC in an email message?
Most email clients (programs) have the option to BCC listed a few lines below the To: field. However, sometimes it is a separate option that is not listed by default. If you cannot locate it, check the help menu or the software's documentation.

If you want to BCC all recipients and your email client will not send a message without something in the To: field, consider using your own email address in that field. In addition to hiding the identity of other recipients,this option will enable e you to confirm that the message was sent successfully.

This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the Department of Homeland Security (DHS)."
http://www.us-cert.gov/privacy.html

                                      
To add Bcc: recipients in your email program follow these links:
°       GmailAdd Bcc Recipients
°       Windows Live HotmailAdd a Bcc: Recipient to a Message
°       Yahoo! MailAdd Bcc: recipients to an email
°       IncrediMail: How to Add Bcc Recipients  (NOT a recommended program.)

Suggested Reading
Email Etiquette and Proper Email Usage
Send an Email to Undisclosed Recipients


Recognizing SCAMS
This scam involves using slight misspellings of a search term to lead you to a sight 

primed to infect any PC that visits via drive-by downloads.
Yes, you can get infected just by visiting an infected site - whether you download or click on any links on that site. 

I advise you to always use one search engine. I prefer Google. 
That way you will become acquainted with the features and behavior of the search.
and  always search within the same box, (for Google, that's the top right hand corner of Internet Explorer.)


Be aware of any new toolbars appearing at the top of your browser window. 
Know how to manage your addons, and be sure that you know what is supposed to be installed in your pc.


"Typosquat" websites  are used by malicious hackers to grab personal information or to infect your pc with malware when you misspell the name of a real site and inadvertently click on the bogus site address from a search page. These are becoming more common recently. To avoid becoming a victim- aleays check the spelling of the site you choose and  - especially notice the ending of the address. That's the .com or .net or whatever - if you suspect anything is not quite right,


It is not uncommon for you to receive an e-mail from a person or entity that, although may seem legitimate on the surface, is an attempt to get your personal information. Emails like this have a few things in common.  The most important thing to remember is: If it sounds too good to be true; it probably is... Read through the 5 types of email scams below and learn how to recognize each kind, and help protect yourself! 

Email Scam #1: Verify your account now to avoid it being closed! 
This is a scam email circulating that several Hotmail users have received asking them to verify their Hotmail account. This is a scam designed to gain access to your  account so spammers can use it to send out spam. 


Sample:
From: someone@hotmail.com
Subject: Hotmail Warning (Verify Your Hotmail Account now To Avoid It Closed)
Date: Sun, 10 Aug 2008 19:28:54 +0000
Dear Account User 

This Email is from Hotmail Customer Care and we are sending it to every account owner for safety. we are having congestions due to the anonymous registration of Hotmail accounts so we are shutting down some Hotmail accounts and your account was among those to be deleted. We are sending you this email to so that you can verify and let us know if you still want to use this account. If you are still interested please confirm your account by filling the space below.Your User name, password, date of birth and your country information would be needed to verify your account. 
Due to the congestion in all Hotmail users and removal of all unused Hotmail Accounts, Hotmail would be shutting down all unused AccountsYou will have to confirm your E-mail by filling out your Login Information below after clicking the reply button, or your account will be suspended within 24 hours for security reasons. 
Username: ..............................
Password: ................................
Date of Birth: ............................
Country Or Territory: ................ 

After following the instructions in the sheet, your account will not be interrupted and will continue as normal. Thanks for your attention to this request. We apologize for any inconveniences.
Warning!!! Account owner that refuses to update his/her account after two weeks of receiving this warning will lose his or her account permanently. 

How to tell it’s a scam? 
· It asks for your personal information. No legitimate company, especially Microsoft, will ever ask you to provide you username, password, date of birth and/or country, credit card information, etc via email. 
The email is generally unprofessional or unpolished looking, including: 
Random words are capitalized in the email, including: Email, Email User Accounts Owner,  User, Accounts and others. 
In the second sentence, the first word of the sentence, “we” is not capitalized. 
There is poor grammar throughout, but especially in the final statement, “Warning!!! Account owner that refuses to update…” 
There is an urgency of response time. This pressures you to feel like you need to make a decision more quickly and do not have time to research the legitimacy of it. 

Two other similar scam emails that we have seen come to Hotmail accounts: 

· Ebay account suspension notices that ask you to verify your account information. 
· Paypal needs you to resubmit your credit card and bank account information.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Email Scam #2:
A large sum of money is due to you if you just give us your personal information

This is actual text from a scam e-mail received, promising $7M to provide personal information. “The outcome of the summit has prompted the Federal Government to empower only our Bank; First Bank of Nigeria PLC to Identify the owners of these funds and pay them outright with no delay. We have been asked to start the payment of US$7,000,000.00 (SEVEN MILLION US DOLLAR) as compensation to all affected Persons(Entities)i.e: Individuals Companies and organizations. 
You are one of the Beneficiaries on our list submitted to us so please reply to our mail for confirmation so that we can begin forwarding all other necessary evidences, facts and needed information to you

The Federal Government has earlier approved the release and payment of the accumulated funds in the Bank belonging to the Foreigners, but my boss Mr Jacobs Ajekigbe and the Former Governor of the Central Bank of Nigeria(CBN) collaborated together and refused to notify and tell you the truth on how to claim your fund. My Boss and the Governor are using the accumulative-interest to enrich themselves without the knowledge of the owners including you.
Confirm to me your: 

Personal Information; 
Phone and Fax Number; 
Banking Information” 

How to tell it’s a scam? 
· Reference to “First Bank of Nigeria” 

 (or any other international sounding bank name),  a common trick in scam emails. 
· Odd capitalizations throughout the email. 
· How did this government employee find my email address? 
· Why are they randomly giving people $7 M? 
· Why are they airing the dirty laundry of a conspiracy to not tell me?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Email Scam #3: You won something 
Scammers commonly impersonate/use large companies that it’s likely you do business with. This next example appears to be from Microsoft, but it’s not. Read through the email below, to see if you can spot all the ways to tell it’s a scam, and then read through my list of things that tipped me off. 

Subject: ELECTRONIC MAIL WINNING NOTIFICATION
From: Microsoft Promotion Team. (Memmi82@netti.fi)
Sent: Fri 8/01/08 8:00 PM
Reply-to: mfudiciary.mark@gmail.com

To: result@microsoft.co.uk
Microsoft Award Team
20 Craven Park, Harlesden
London NW10,United Kingdom
Ref: BTD/968/08
Batch: 409978E.
Dear Internet User,
ELECTRONIC MAIL WINNING NOTIFICATION
The prestigious Microsoft and AOL has set out and successfully organised a Sweepstakes marking the Annual anniversary we rolled out over 500.000.00 (Five Hundred Thousand Great Britain Pounds) for our annual year Anniversary Draws. Participants for the drawswere randomly selected and drawn from a wide range of web hosts which we enjoy their patronage.
The selection was made through a computer draw system attaching personalised email addresses to ticket numbers.Microsoft and AOL are now the largest Internet companies and in an effort to make sure that Internet Explorer remains the most widely used program, Microsoft and AOL are running an e-mail beta test. Your email address as indicated was drawn and attached to ticket number 080775787555 with serial numbers BTD/0257903122/07 and drew the lucky numbers 04-06-09-90-09-22(07) which subsequently won you 500.000.00 (Five Hundred Thousand Great Britain Pounds) as one of the jackpot winners in this draw. You have therefore won the entire winning sum of 500.000.00 (Five Hundred Thousand Great Britain Pounds)The draws registered as Draw number one was conducted in Brockley, London United Kingdom on the 1st of August 2008. These Draws are commemorative and as such special. Please be informed by this winning notification to Contact your fiduciary agent Mr.Mark Anderson, with the information listed below.
Mr.Mark Anderson
Microsoft Promotion Award Team
Head Winning Claims Dept.
E-mail: mfudiciary.mark@gmail.com
mfudiciary.anderson@gmail.com
1. Full Names
2. Home Address:
3. Age:
4. Sex:
5. Marital Status:
6. Occupation:
7. Phone numbers:
8. Country:
Our special thanks and gratitude to Bill Gates and his associates
We wish you the best of luck.Thank you for being part of our
promotional award program and commemorative Anniversary Draws.
Sincerely,
Dr.George Henry.
Head Customer Care Service
Microsoft Promotion Team

How to tell it’s a scam? 

· The “friendly name” that the email is from is “Microsoft Promotion Team”, but if you look at the actual email address it came from (Memmi82@netti.fi), it’s not a Microsoft address, or a promotion management company.
· The reply-to address is a gmail address. Microsoft would not use a competitor’s email service as their reply-to address. Additionally, it’s different than the sender address.
· It is not addressed to an individual. Occasionally, there are legitimate sweepstakes that you’re notified via email, but they will be addressed to you as an individual.
· The email begins, “The prestigious Microsoft and AOL…” A corporation wouldn’t tout themselves like that. And more likely in a legitimate sweepstakes email winning notification, it would start out with something like, “Congratulations, you have just won…”
· It asks for your personal information. No legitimate company, especially Microsoft, will ever ask you to provide you username, password, date of birth and/or country, credit card information, etc, via email.
· It has a foreign language at the bottom of it that is different from the language it was sent in. 

Email Scam #4: The sudden emergency!
You receive email that appears to be from one of your friends that says they are stranded and need only a few thousand dollars to help them out. Any person would help a true friend if they can, right? Sure they would, but before you respond or act, ask yourself about the likelihood of your friend being in that situation. 
· Have they mentioned that they will be traveling? 
· Do they regularly participate in the kind of activity described? 
· Sanity check the information and if at the end you still aren't sure, then pick up the phone and call them. 
Today's Technologies make it easy to impersonate someone and hard to find out who is really behind the act. We must all realize that each piece of information we read and act upon has the time needed to pass our logic checks before we respond. One false click, and it result in you needing to spend time recovering your email, blog, or other service; or it could be months regaining your identity. 

Email Scam #5: If you don’t forward this email, something bad will happen. 
We’ve all seen emails that promise great things if you forward the email to all your contacts, or threaten bad things if you don’t. Topics Hotmail customers and friends have asked about most frequently are listed below:
· A fee will be charged for Hotmail. 
· Get cash from Microsoft, or other companies or get free items (gift certificates, phones,  etc)for forwarding an email.
· Internet petition to keep Messenger a free service.
· Medical appeals usually involving injured or sick children.


Verifying Malicious Files or Site Addresses
1. You can Google search the page address (I sometimes include the word "scam")
2. You can use a special service provided by a number of anti-virus sites such as

  • Symantec's 
  • Macaffee's 
  • Kaspersky" 
The most-used phishing schemes involved fake prize redemption, poker, porn -- "stating that free pornography is available for viewing upon entering login information” -- or free cell phone airtime.


Verifying SCAMS and RUMORS 
The sites below usually will have the most up-to-date info about your questionable message.  Find more about and confirm rumors here:

The Internet Crime Complaint Center (IC3)  http://www.ic3.gov/default.aspx 
is a partnership between the 
Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C), funded in part by the Bureau of Justice Assistance (BJA).


Snopes.com    http://www.snopes.com/
Great site..

Scambusters    www.scambusters.org/
Some stuff to be found here:

List of Scams
Urban Legends
Scam Check