Confirm before you click.

I have received more than enough e-mail alerts from my bank to know the format that those e-mail alerts do take. So, when I received an e-mail alert stating that I logged on to my internet banking account, I immediately had my warning flags raised. I hope some maleficient goon has not siphoned off the “paltry” change I have left in my account. I must find out. For a start, I am not even sure I logged on to my online banking portal on the stated date. Then, how many of us do keep a log or journal of the days or times we logged on to our online banking portals. I don’t either. Even before I opened the main mail, by just looking at the header (that is,  the line that bears the subject title & the sender email address), the warning hints were glaring at me. The sender e-mail address and the subject matter are uncaningly similar to what my bank usually send. Yet, they are not the same. Going ahead, I opened the mail and noticed that the salutation though similar are just not the same. My bank has a “special” way of addressing me. The fake e-mail did not follow this format. Going through the fake mail, a link address was provided, supposedly meant to redirect me to my authentic bank address. The link was even preceded by the secured layer https://. As it is well known, internet addresses preceeded by https:// are supposedly more secured than those preceeded by http://. But don’t be fooled, it is possible to present a web adress as http://www.xyz.com (which when clicked should take you to a legitimate site xyz.com), but when you click on it, it will take you to a site which though resembling or even bearing the name xyz.com is a ruse for the nefarious website http://www.abcd419.com

In order to confirm my suspicions, I immediately logged to my online banking portal. When I did this, my bank immediately sent me an alert to let me know that my online banking account has been accessed. Comparing the two mails side by side, I was able to confirm the authentic mail and the fake one. I can go on and on, trying to make this scenario more explicit, but here is the morale of this message. 

(1) Don’t be in a hurry to click on a link that you are not sure of. Clicking on any juicy or salacious link can easily get your computer/phone hijacked and infected with malware, trojans, viruses,  etc etc. What happens next is that all the secrets and details stored on your laptop/phone are siphoned off and used to steal your money and undo you.

(2) If you are not sure of the authenticity of a link or email address, do not click on it while using your phone. Open the same web page or mail using the browser (Explorer, Chrome, etc) on your laptop. Now, move your mouse to the top of the provided link. DO NOT CLICK! With your mouse hovering over the link, look at the very last line on your desktop window (very near to the bottom edge of the screen). The true address of where the link that you hovered your mouse on will lead to will be indicated. Is this a genuine or meaningful address? Is it the same as the bank address that you are already familiar with?

When you hover your mouse pointer over the email address or website address on you laptop, you immediately see the correct destination on the last line at the bottom of your screen. This functionality is not available on your phone because your smartphone doesn’t have or need a mouse. Therefore, do not click on those links while using your phone. It is better to err on the side of caution.

I am not an expert, but a little precaution will always save the day. My people, let us “shine” our eyes and shine them very well.

Enough said.

http://www.akinlade.net