As everybody can ... borrow a logo from any site, it becomes equally easy for malicious mailers to send very plausible looking e-mails holding much more than the surface message. Danger lies at the end of every link. It is far from required to open easily identifiable executables! Hitting the wrong link is enough to pick up unwanted spy-ware and other things best left on the Web.
To counter persistent pretenders, today's e-mail user needs to be ever present and truly know the source!
Not just the source as in who any piece of information is from, but source as in the underlying HTML code that generates the nice looking e-mail.
Imagine your bank or eBay sending a notice that your account have been temporarily closed due to suspicion of identity theft. It looks right and the responding link does appear to point to a true eBay domain. Imagine the response asking you to click on http://support.ebay.com
(The example will take you to Symantec's frequently updated Hoax-list, not eBay's excellent Security center, which you (truly) will find here: http://pages.ebay.com/securitycenter/)
With proper visuals surrounding links it can be very convincing. Hit by the fear of identity theft such links become very tempting as one wants to set the record straight as quickly as possible. Remember: Your e-mail editor may not have the revealing statusline that may display a different destination.
Don't click if you are not certain.
Before clicking on any such mail, you have to view the source! The link's name as it is displayed in the e-mail must match the name of the actual URL.
Try viewing the source for this page and search "support.ebay.com" to get to the actual link -- notice how the href does not line up with the displayed text between the larger/smaller brackets.
If in doubt, please:
- Note the name of the link
- View the material's source
- Search for the link name
- Compare href with display name
If there is any difference, don't click on the mail but report it to the party that the sender is pretending to be.
e-Presence is being ever present; going below the surface of high-impact e-mails (for better for worse) and viewing the source is, sadly, a new and necessary skill.