Arun Marballi

Last month, we reviewed backups as a proactive strategy for ensuring the safety of information stored on our computer�s hard drive. However, there are other protective habits that we must adopt to maximize our ability to stay safe as we engage the ubiquitous electronic mail (e-mail) cyberspace to carry out more and more of our interpersonal transactions. Consider these habits akin to �defensive driving.� In defensive driving, we anticipate that we are going to run into problems such as drivers who err and we make it a habit to be always ready to compensate. Similarly, in the e-mail environment we have to be ever watchful and steer clear of potential cyber-mines.

One such cyber-mine is a �phishing� e-mail. The problem is that a phishing e-mail looks like a genuine e-mail and typically appears to have come from someone we know � our banking or financial institution, internet service provider, e-mail service, employer or even friends. All these e-mails have one factor in common though � they all attempt to trick you into giving up some private information such as a password, an account number, a credit card number, your Social Security number and the list goes on. Armed with this information, the �phishers� can literally highjack your identity.

Quite often these e-mails will even attempt to trick you into clicking on a link that takes you to a spurious Web site that mimics your bank�s Web site, for example. The �defensive� golden rule is never imparting personal information in response to an e-mail sender, period. If the e-mail appears to be from someone you know, pick up the phone and call them instead.

Additionally, it is never a good idea to click and follow a link in an e-mail especially if it claims to take you to your financial institution�s Web site. It is significantly safer instead, to type the institution�s Web address that you know, into the browser address-box and go from there. Finally, keep in mind that banks and credit card companies already have all your information; there is absolutely no reason why they will send you an e-mail to obtain it from you again.

Another cyber-mine that I frequently encounter is a breed of e-mails that appear to be notifications of some sort � non-delivery of an e-mail, or information in connection with an order that you are supposed to have placed, or the status of your account on Pay-Pal, among others. Many of these e-mails come with an attachment and invite you to open it for further information. Clicking on the attachment could launch a virus or install a nuisance program called spy-ware. �Defensive driving� principles state that we should never open unexpected attachments regardless of the sender.

�Spam� or unsolicited junk e-mail that clutters our e-mail in-boxes also is a veritable cyber-minefield. Most e-mail systems have incorporated a �Spam Folder,� �Bulk-Mail Folder� or a �Junk Mail Folder� and they use fairly sophisticated filters to isolate spam into these folders. Although these filters are getting better, occasionally, �good� e-mails get picked up as spam and spam sometimes sneaks into our in-box. We must therefore rely on clues to guess if an e-mail is �good� or if it is �spam� without physically opening it. Three clues to look for are the Sender Name, the Subject and the presence of attachments. Attachments are always a red flag unless you are expecting them. Sender Name and Subjects that appear to be nonsensical (contain characters such as #, %, ^, etc.) must be deleted. The best thing to do is to delete any e-mail that looks like spam and above all to use our common sense in dealing with e-mail even from known sources.

Arun Marballi has worked in the Information Technology arena for more than 20 years with extensive experience in software development, process design and network/workstation management. For comments, questions, tips or suggestions, e-mail [email protected].

Arun Marballi has worked in the Information Technology arena for more than 20 years with extensive experience in software development, process design and network/workstation management. For comments, questions, tips or suggestions, e-mail [email protected].

Home