Beware of those random weird email links


Why argue with a winning malware formula?
Why argue with a winning malware formula?

Haven’t seen them for a while, but it looks like those random email-hijacking links are still around. Why argue with something that works?

I just got one. It had a weird title, something like [etiohg. First clue. It was from a friend I haven’t heard from for a while. It was sent to a bunch of other people, including mutual friends. I know the sender isn’t the most computer-savvy person in the world, so there’s that.

Can’t blame her for sending it. She probably didn’t even know it went out on her email.

This one had no greeting, just a link. One of those shortened ones. Not even a link, but some other one.

Did I click on it? What, do I look like I wandered in off the shrimp boat just yesterday? I did take the domain name of the link (, a made-up name) and typed it in, and it was some shopping site in a foreign language, offering Rolexes for little bit of nothing.

The .eu part of the address is real, and that tells me something about the server. .eu is for European Union, which still exists for some reason.

A ton of red flags, and being halfway computer literate (plus hard experience) meant stay away.

To my understanding, here’s how this works. You click on the link and it somehow gives the sender access to your email account. I think it’s more or less automatic, but the sender basically controls my email. From my address he can send more of these emails, it taps my address book (now numbering in the thousands) and sends more of these emails to some or all of them.

It’s the gift that keeps giving.

So here are my red flags:

  • I haven’t heard from the person in a while. But even if the email is from somebody I regularly communicate with, it’s still suspect.

  • A weird-looking link, usually shortened. I can send anything through and you wouldn’t even know what it is until you click on it.

  • A country code (top-level domain, like .com or .eu) that you don’t recognize. Here’s a list of them through Wikipedia. Bonus points if the country code is from some nation that is not our friend.

  • No message, just the link.

I sent my friend a reply, with a Re: [etiohg in the headline. Here’s the text:

(Friend’s first name), I got a couple of these emails from you. I think someome hijacked your email account & turned it into a spam machine. Might be a good time to change your password. Don’t click the link.”


I didn’t want to scare my friend, but, well … there it is. Now if I had the presence of mind to send that reply to everyone it got sent to (reply to all) I would have done so.

Anyway, if you get one of those, don’t click the link. Then, as I mentioned, change the password of the email account. Now. It probably needed to be changed anyway.

Then maybe — if you actually catch it in time (no promises there), chase that email with another offering your apologies and a warning to not open it.

If you’re unlucky enough to have spread the plague of malware and your friends bit on it, do the obvious thing. Blame it on someone else.

The ol’ tried-and-true Facebook worms are still around

Watch out for Facebook weirdness.

From what I get, ol’ Koobface is still around.

An anagram of a popular social media site, this multi-platform computer worm is still hanging around in all its variants and wreaking havoc after all these years.

There are plenty of hoaxes and urban legends circulating around this piece of malware (like the hoary tale that it’ll burn up your hard drive), but there’s enough truth that shows what a contentious bugger Koobface really is.

In a rare show of anger against the folks who produce malware and security threats, the Facebook folks even calling the Koobface gang out. Naming names, all that good stuff.

But Koobface is still around, as you can see by checking the comment dates in this McAfee post. Some things, like pyramid schemes and chain letters, are not going away anytime soon ’cause they’re successful, right?

This came to my attention about a week ago when a friend got word of this creature through his Facebook account. What he got was a link to the Snopes site, and when he forwarded it to me (at my request) I had a look at it and immediately recognized the M.O.

For those who forgot, you might get a provocative-looking picture on your Facebook feed. When you click on it, you’ll be asked to download a viewer for the accompanying video because the one you have is allegedly out of date.

When you click on that, the fun begins.

I experienced something like this a couple of years ago. Like an idiot I clicked on a picture that showed up in my timeline via a friend, a picture that this friend never would have put up in a zillion years. Got the opportunity to download some program called flvdirect.exe — which triggered all sorts of weirdness:

  • The video was automatically sent to many people on my friends’ list.
  • The .exe file to the viewer sat in my /home/download file. I noted the name and ran a Google search. The program in question, flvdirect.exe, is billed as something that would help download torrents but is actually spyware. It’ll do all sorts of nefarious things on your hard drive and it monitors your surfing habits.
  • For the next hour or so, I heated up my high-speed Internet line. Running Google searches on the offending software. Firing instant messages back and forth with a Facebook (actually a real) friend who also got the video — from me. Posting my findings on Facebook. I finally got to bed at 2 a.m., exhausted.
  • My conclusion: Spreading malware sure is hard work.

Myself being the impulsive type, I shut down my Facebook account and started looking for other ways to communicate. It wasn’t until a year ago that I opened another account.

I’m a lot more cautious these days, steadfastly saying no to all those app requests. Third-party applications are the fastest way to screw up your Facebook experience, so I’m keeping my account an app-free one. Every so often when the app requests get heavy I’ll put up an announcement to this fact — a rude one, but not as rude as some I’ve seen:

I stole this off a friend's Facebook timeline; hope she doesn't mind.

With that thought in mind, enjoy your social media. It’s fun, a great time waster and all that. But there’s no reason to let it take your computer over.

Watch out for bugs.







Facebook handing advertisers names, hometowns

Might this be another reason to ditch Facebook? 

From Newser:

Facebook Handing Advertisers Names, Hometowns: “Despite promises to the contrary, Facebook and MySpace are supplying information to advertisers that can be used to find an individual’s name, age, hometown and occupation, reports the Wall Street Journal . Typically on the Web, advertisers receive nothing more than an unintelligible string of letters and numbers ‘identifying’ an Internet…

The full article can be read in the Wall Street Journal:

Facebook, MySpace and several other social-networking sites have been sending data to advertising companies that could be used to find consumers’ names and other personal details, despite promises they don’t share such information without consent … the practice, which most of the companies defended, sends user names or ID numbers tied to personal profiles being viewed when users click on ads. After questions were raised by The Wall Street Journal, Facebook and MySpace moved to make changes. By Thursday morning Facebook had rewritten some of the offending computer code … advertising companies are receiving information that could be used to look up individual profiles, which, depending on the site and the information a user has made public, include such things as a person’s real name, age, hometown and occupation … several large advertising companies identified by the Journal as receiving the data, including Google Inc.’s DoubleClick and Yahoo Inc.’s Right Media …

OK. Have you dumped your Facebook account yet? While I do miss the networking with friends, I’m surviving pretty well without it. I sure don’t miss the malware. Or the privacy settings that require a degree in nuclear physics to figure out. Or the random people I really don’t want to hear from. Or all this Farmville and FishyWorld or whatever-it-is crap that’s cluttering up my computer.