Got a very convincing email this weekend, seemingly from my registrar for one of my many domain names. The message was stating that the DNS was about to be changed on that domain, to point to another location. They wanted me to click on an enclosed link to prevent it.
But I wasn’t born yesterday!
Listen folks, there ways to ensure an email, is actually from who it says it’s from.
First of all,do NOT allow html email! Had I been using html in my email reader, I would not have seen that the link that was showing as my registrar, actually was going to somewhere completely different!
Also, you should actually look at the email headers. In this case, the header information almost looked legitimate, but careful examination found that the email was actually coming out of an IP address in South America!
Also, be aware that some bad guys will hide the actual email address that you’re clicking on, by masking it as an encoded string.
An example is a url that looks like this: http://%6C%6E%78%67%6F%61%74
Which is actually this url: http://lnxgoat.com
Also, if the address is pointing directly to an IP address like: http://192.168.1.2/Americanexpress.com as an example, run away fast!
Yes, you see Americanexpress.com, but that’s not where you will end up!
Your inbox, is a dangeroud place. Use it with care!