LifeLock is one of the bigger names in online security. A bit of a mixed reputation (which always comes with the business), but generally solid.
Of some of the reviews, the biggest rap against them seems to be how it’s allegedly impossible to cancel your service. Reviewers say they just keep charging and charging for monthly services until you guess the secret word, but a lot of online companies are like that.
Still … imagine my surprise when I got this email from them. The heading was enough to capture anyone’s attention:
Your Identity May Have Been Stolen
That’s enough to make my innards clench right there. Here’s the letter itself:
Now understand, online security is huge business. Even the best, most legit companies around (McAfee, Norton, Kaspersky) make big bucks from scaring the living fool out of you.
Viruses are scary. Malware is scary. Identity theft is tres scary. Think about it. If the average user’s computer bogs down or acts wonky, he’ll probably suspect it’s a virus right away. Even when it’s not.
While a savvy user can minimize these threats by employing best practices (strong passwords, being careful clicking random links, not doing banking over a public wifi system, keeping all protection systems updated), even the best can run into malware or have the identity stolen.
Okay. I did a little quick-and-dirty detective work. Did this really come from LifeLock like the heading says?
Here’s what I noticed right away:
There are several links from the email, and they all go to the same place (this is not a link, so don’t bother clicking it):
This will take you to an affiliate’s page. An affiliate is someone who gets a commission from each unit he sells, and he does not work for LifeLock.
By the way, I got that info from right-clicking the link, going to the context menu and hitting Copy Link Location.
I looked up in the “From” block in the email heading and got this:
From: LifeLock <firstname.lastname@example.org>
To: [my email address]
Date: 08-25-2015 04:20 PM
With some email clients/systems, you have to click to get that information. But that’s easy and safe to do.
So what does the heading tell me?
It’s not from LifeLock, that’s what. But the aforementioned affiliate link kind of told me that.
This topica.com is a bulk email service. I have no problem with that; I use one (Mailchimp) myself. But you have to sign in to get on the email list unless the affiliate just randomly puts addresses in. And if he does, he’s probably not ethical enough for me to want to deal with him.
At the bottom of the email (I know Mailchimp requires this) there’s a link to unsubscribe. With this one there’s also a link to complain to Topica about unsolicited email. Which I clicked. May not help, but it sure felt good.
Anyway, if you get a scary-looking email from a legit company, check it out:
– Where did it really come from — I mean, what email address/domain?
– Where do the links go?
Hey, there’s scary stuff aplenty online and in your email box. A little checking goes a long way in separating the real from the spurious junk.
Usual warnings: Enjoy your computer. Enjoy your online experience. Enjoy those cat videos and stuff. But be careful. It’s a jungle out there.
(For further information, check out my sidebar of best practices for online protection. Though I wrote the list from the top of my head, there’s some really useful stuff. This is really a link, by the way.)