phishing scams

Was I hacked through Facebook?

Episode 1415

Myrna from Twin Peaks, CA
Facebook

Myrna got a notification that she needed to run special software in order to get back on Facebook. Leo says that chances are good that Myrna downloaded a virus. She has to be careful when responding to popups. They're usually "phishing" scams designed to get her to run a scan or download software. It's a red flag that they're going to break into her system and use it. Since Myrna fell for it, the only safe thing to do is back up her data, format the hard drive, and reinstall Windows from a known, good source.

Has my email been hacked?

Episode 1413

Joe from Covina, CA
Hacker

Joe gets emails from his brother and vice versa telling them to go to another site. Leo says that's a phishing scam using spam to do it. It's likely that the return address has been spoofed. We've seen this happen often with users of Yahoo mail.

ScooterX in the chatroom says that whoever clicks on the link in the email sends the same email to others in their contact list. So it may be that both have clicked on that link and sent it out.

Should I call the 800 number on a popup?

Episode 1379

Lisa from Palo Alto, CA
Hacker

Lisa went to a website and she got a pop up notification that her computer was infected and to call an 800 number to Microsoft. Leo says not to ever call them -- just exit the popup and move on. It's not infected and those popups are designed to insnare users. It's called a phishing scam. Lisa did it anyway, though, and gave them control of a computer. Leo says that's bad news because she doesn't really know what the hacker's done. He can install viruses on her or turn it into a bot, a keystroke logger, and use remote access to turn on her camera.

Should I click on a link to upgrade Flash?

Darryl from Santa Rosa, CA

Episode 1369

Darryl is getting messages to upgrade Adobe Flash on his Mac. Leo says do not reply to any message to upgrade your Flash, do directly to Adobe and get the update there. Hackers can compromise websites to include a bit of code to get you to click on a link. It's called a Phishing scam. Flash auto updates now. Or you can use Google Chrome and it will auto update as well. So never click on a link that offers to install an update to flash for you. It's a scam. Another thing you can do is redownload your browser, delete them and reinstall. That will renew certificates.

If I opened an email I didn't know, could I be hacked?

Ann from Studio City, CA

Episode 1350

Ann got an email notification from Yahoo in her inbox. She had a hunch it was bogus but didn't do anything with it. Can she still get hacked if she opens it but doesn't click on any links? Leo says that a bad guy has to get her to run a program. Leo says that opening the email is relatively harmless, so long as she doesn't click on any links.

How can I tell a phony email from a legitimate one?

Michael from Newcastle, PA

Episode 1347

Mike wants to know how to tell a real email from a phishing email. Leo says to hover over any link that would send him to a website, and see if the link is legitimate. He should never click on it. If it says to install something, or even asks for a credit card, don't do it. That's usually the first sign of an intent to do something nefarious.

How can I protect myself against phishing scams in email?

Cheryl from Alexandria, VA

Episode 1280

Cheryl wants to know if she can get infected by HTML email. Leo says yes. That's why she has to be careful what links she clicks on. But since she's using an iPad, she's protected. She can't get infected on that. Apple's iOS is very secure. But it's always a good idea to train herself not to click on links. If she gets an email from her bank for instance, she should just go to her browser and go directly to the bank's website.

How can I see who is logging into my account?

Clay from Highland, CA

Episode 1253

Clay keeps getting email from Google saying someone tried to access his account with a link to say "check your devices." Leo says it may be legit, but he should never click on links in email. Instead, if he's a Gmail user, he can go the bottom of his Gmail and find a link that gives him information on who has used his account. He shouldn't ever click on a link or button embedded in his email. It could be a spoof or phishing scam. Always go straight to the source.