Dwight Watt - Newspaper Article #338 6/1/2016

Question: Should I click link in empty Amazon email?


No. Apparently the makers of phishing and hacking and ransom ware emails are really busy this week.  Be real careful on emails that you get with attachments.

I got one today that was sent to an artist guild I am a member of.  It had subject as welcome and other than a link in the email it had no typed subject.  When I hovered on the link (did not click it) it showed the name of the link as a real long name of gibberish.  I assume it was some type of virus to download on the machine.  I closed and trashed.

There is also reports of ransomware (where the program takes control of your PC, encrypts all your files, and demand you pay some sum via usually a Green Dot card to get code to unencrypt) being distributed as messages from Amazon.  Many of us buy regularly from Amazon so an email from there about order is normal.  It says something like your order has been shipped or similar.  In all the ones that have been seen by security people so far the body is like one I received above.  It does have an Amazon.com sender name.  The body only has a link and no other information.  

The experts have looked at the links and they are to a document that has either JavaScript files attached or macros.  Then when they run, either automatically or by you clicking to enable macros or JavaScript, they download and run the ransomware on your machine. Basically at that point you lost everything on your machine.  I hope you had backed it up (usually by copying your pictures and data files to either CDs/DVDs or to an external hard drive that is not connected to your machine) when this happens.  If the external hard drive is connected it may or may not get wiped also depending on the ransomware.

Be careful opening links.  Don't just go by you know where email came from, that can be forged, but also see what link actual name is.  Doing actual name is difficult on tables and phones but on laptops and desktops move pointer over the link (do not click it) and see what it shows as address at bottom of screen or in pop up tool tip that shows it.