Once again my own email provided me with another “scam of the day.” I got an email message which purported to be from my email provider indicating that someone had tried to sign in on my email account from another location. The email then told me to click on a link to verify my profile. As always, the email looked quite legitimate and it was directed to me personally. However, the email from which it was sent was not that of my email provider, but rather that of a lawyer whose email had apparently been hacked which allowed the hackers to utilize spearphishing, as I described in previous “scams of the day” to send a message directly to me. However, in this case, I certainly did not think that it was from my email provider when the email source from which it came was a lawyer’s office. If I had clicked on the link, I would have downloaded a keystroke logging malware program that would have stolen all of the information from my computer and made me a victim of identity theft.
Always be skeptical of any links and attachments even if they are from people whom you trust. As was the case with the email sent to me, the person who it appears is sending you the email could have had his or her email account hacked to make it appear that the email was from someone you knew. In the case of an email purportedly from your email provider or anyone with whom you do business, you should not download any attachments or click on any links. Instead contact the company directly either on line or by phone to check and see if the email is legitimate. Chances are it is not.