Identity protection email: Scary or scammy?

keyboard locked and chained
Sometimes it’s tempting.

LifeLock is one of the bigger names in online security. A bit of a mixed reputation (which always comes with the business), but generally solid.

Of some of the reviews, the biggest rap against them seems to be how it’s allegedly impossible to cancel your service. Reviewers say they just keep charging and charging for monthly services until you guess the secret word, but a lot of online companies are like that.

Still … imagine my surprise when I got this email from them. The heading was enough to capture anyone’s attention:

Your Identity May Have Been Stolen

That’s enough to make my innards clench right there. Here’s the letter itself:

Scary email from LifeLock
So I got this email …

Now understand, online security is huge business. Even the best, most legit companies around (McAfee, Norton, Kaspersky) make big bucks from scaring the living fool out of you.

Viruses are scary. Malware is scary. Identity theft is tres scary. Think about it. If the average user’s computer bogs down or acts wonky, he’ll probably suspect it’s a virus right away. Even when it’s not.

While a savvy user can minimize these threats by employing best practices (strong passwords, being careful clicking random links, not doing banking over a public wifi system, keeping all protection systems updated), even the best can run into malware or have the identity stolen.

Okay. I did a little quick-and-dirty detective work. Did this really come from LifeLock like the heading says?

Here’s what I noticed right away:

There are several links from the email, and they all go to the same place (this is not a link, so don’t bother clicking it):

This will take you to an affiliate’s page. An affiliate is someone who gets a commission from each unit he sells, and he does not work for LifeLock.

By the way, I got that info from right-clicking the link, going to the context menu and hitting Copy Link Location.

I looked up in the “From” block in the email heading and got this:

From: LifeLock <>
To: [my email address]
Date: 08-25-2015 04:20 PM

With some email clients/systems, you have to click to get that information. But that’s easy and safe to do.

So what does the heading tell me?

It’s not from LifeLock, that’s what. But the aforementioned affiliate link kind of told me that.

This is a bulk email service. I have no problem with that; I use one (Mailchimp) myself. But you have to sign in to get on the email list unless the affiliate just randomly puts addresses in. And if he does, he’s probably not ethical enough for me to want to deal with him.

At the bottom of the email (I know Mailchimp requires this) there’s a link to unsubscribe. With this one there’s also a link to complain to Topica about unsolicited email. Which I clicked. May not help, but it sure felt good.


Anyway, if you get a scary-looking email from a legit company, check it out:

– Where did it really come from — I mean, what email address/domain?

– Where do the links go?

Hey, there’s scary stuff aplenty online and in your email box. A little checking goes a long way in separating the real from the spurious junk.

Usual warnings: Enjoy your computer. Enjoy your online experience. Enjoy those cat videos and stuff. But be careful. It’s a jungle out there.

(For further information, check out my sidebar of best practices for online protection. Though I wrote the list from the top of my head, there’s some really useful stuff. This is really a link, by the way.)

Sidebar: Protect that computer information and thank yourself later

While writing today’s piece on yet another phishing attempt by someone claiming to be PayPal, a few things came to mind and they deserve a blog entry on their own. I’ll include them in this sidebar.

Off the top of my head, I listed a few measures you can take to protect your computer and your online information — in fact, your whole identity — from being stolen.

This gets even more important as we use the Internet for more important aspects of daily life, such as moving money around.

Most of these tips are common sense, but those are sometimes the hardest ones to remember and implement.

Here’s a sampling:

  • Choose your tools carefully. If you use Internet Explorer, take that icon off your desktop right now and surf with a different browser. Chromium (an open-source version of Google Chrome) is good, as are Firefox and Opera.
  • Keep that browser updated.
  • Be careful about passwords; PayPal_Andy’s advice of having a designated password for each site is highly recommended, even though I’m guilty of using the same passwords for more than one site.
  • Don’t open any attachments if you don’t know the sender.
  • Be wary of attachments from someone you know; zap it with your virus and malware protection tools before you open it.
  • I’d also be wary of links sent by email, especially when they’re shortened through or some other service. Also be careful of links posted on your favorite social media sites; you can click on some malware real easily that way. I’ve seen malware propagate among everyone on your friends/followers lists, making them the gift that keeps on giving.
  • You do have virus protection, don’t you? You do keep it updated, don’t you? Virus protection that’s not kept up to speed is totally worthless.
  • Grab some spyware protection, too. For that I recommend Spybot Search And Destroy.
  • Be careful about using public wireless for any business involving money; it’s too easy to tap into your information that way.
  • If surfing in a public place, watch for anyone behind you or sit with your back against a wall. I know this sounds goofy, but when some lowlife is trying to grab your information the low-tech ways are often the most effective.
  • Don’t let me scare you or anything.

If you use a smartphone:

  • Guard it with your life. Even if you want to be a good neighbor and help someone in a pinch, don’t let that person “hold” your phone. It’s too easy for him to snatch it and run. Most smartphones carry way more information than you’d think, and most of it can be found in seconds.
  • Be careful about dropping or leaving your phone somewhere. Same reason.
  • I use a lanyard from an old mp3 player and attach it to my phone holster. The other end is attached to a small carabiner, which I clip onto a belt loop. The holster’s flap is closed when I’m not using the phone. That way, if the holster falls off (happens more often than I’d like to think) or someone tries to snatch it off your belt, you’d know immediately.
  • Stay aware of what’s around you, even if you’re texting or playing whatever brain-sucking smartphone game is hot these days. I’ve heard of folks stealing someone’s phone while the person is using it.
  • Two words: Password protection.

If you can think of any other means of protecting your information, share in the comments section. I’ll be glad to include it. Let’s watch one another’s backs.

Writing for others: Why the ante is raised on cell phone theft

Think about it. Losing your cell phone doesn’t just mean losing your phone.

To all intents and purposes, you’ve also lost your wallet. And maybe even the keys to your financial kingdom.

As cell phones get smarter, the ante goes up even more.

Here are some ways of protecting your smartphone and the information it carries. Some of this stuff is common sense, while there are others you may mot have heard of. Like my own best cell phone protection costs almost nothing but saves it from all kind of problems.

Read the article in CreditDonkey: