- by Marianne Van der Wel

When you change your password for an internet account, the vendor will often send you an email notice in case someone else is tampering with your account. This is a good thing. A few months ago I changed my Paypal* password and received a legitimate email warning. A half hour later, however, I found a second email warning, again supposedly from Paypal. Upon investigating this second “Paypal” message, I found a huge clue: “If you didn’t change your password, submit your details through our secure form in order to reset it, or confirm your change by ignoring this notice.” It almost sounds right but a legitimate company would not instruct me to fill in anything or to go to a web site linked from an email when security issues are at stake. Other clues were found in the recipient’s email address which was: “sevice@paypal.com <update@service.com>”. In addition to ‘service’ being misspelled, the actual address in the angled brackets has nothing to do with Paypal. Of course, other text in this message was full of helpful advice such as: “Never share your password with anyone.” and “Create passwords that are hard to guess”. If I had filled in this form, it’s highly likely a predator would have had my password and gone on a shopping spree with my credit card.  

Here’s another example of the sophistication of net predators. I received an email from “Canada Post <tracking@canadapost.ca> “. The address “canadapost.ca” is the legitimate web address of Canada Post but I had not sent a parcel, and wasn’t expecting one. Upon careful examining of the message I found: “Dear client! Your package has been shipped. The tracking# is: 267CA23POST2617Z and can be used at “http://www.canadapost.ca/cpotools/apps/track/personal/findByTrackNumber?execution=e9s1 [www.rogatica.net]”  Even though the link I was instructed to use is that of Canada Post, the address in the square brackets isn’t. I didn’t touch that link! Instead I went to my web browser, independently typed Canada Post’s web address and put the tracking number in the Canada Post system. Sure enough, the tracking number was bogus.

The most insidious email I received came from ScotiaInfoAlerts saying someone had used my debit card for the sum of $7.82. I do not have a debit card! I examined this message inside and out. The web address in the message was legitimate, as was the phone number I was given to call. I went to the Scotia Bank site “http://www.scotiabank.com”.  That was fine, but when I added “/InfoAlerts” at the end I was warned I was being re-directed away from the Scotia web site. I did not proceed. Upon further investigation the best clue was in the “reply-to:” in the email header. It pointed to a yahoo account which ScotiaBank would never use!

During this investigative journey, I used Mozilla’s Firefox as my web browser with settings set to warn me about any such redirects. Please check the information found under "Help" in  your browser for such a feature.

*Paypal is an Internet application that lets you pay online with relative security using your credit card.