- “USPS Delivery Failure Notification” reads the subject line. In the message, recipients are asked to open an attachment to track the package. The attachment contains a malicious file to download. Hit “run” and your computer could freeze.
- “American Airlines: Your order has been completed.” This “carrot” includes a ticket number, flight number and a link to print your ticket, but instead the ZIP file contains a virus that will offer so-called help for your infected computer with a link to a fake antivirus site.
- A variation of number 2, “ORDER ID: 045294099, American Airlines” uses the same lure complete with seemingly authentic flight information and a malicious attachment.
- “ConEdison Billing Summary as of Jan 12” includes a link to a malicious executable file. Recipients are told the link includes their billing statement. Gas emergency information cut and pasted from Con Ed’s website appears in the body of the email.
- “Phishing incident report call number” claims to be from CERT (for “Computer Emergency Response Team”), the U.S. government’s department for computer protection. A link promises details about the recipient’s case, but contains another virus.
If you’re running Windows, here’s one way to change the default: Open Start and select Computer. Once the new window opens, hold down the Alt key to reveal the menu bar if it is not displayed. The menu bar consists of the listings File, Edit, View, Tools and Help. Select “Tools” and then “Folder Options.” A pop-up window will appear with three tabs: General, View and Search. Select View and scroll down the list until you find the check box “Hide extensions for known file types.” Uncheck this box.