Instructions for Adding an Email Account

I get lots of requests for setting up an email account in different email programs, so I thought I would provide a list of the best instructions I have found that I pass on to my clients.

All thanks to those that have provided these resources, it seems silly to replicate these over and over on the web.

If you know of a better one than what I have listed, let me know in the comments and I can look at them and add them in.

I am only listing one set of instructions for each Mail program version that I think is the easiest to follow.

Remember, these instructions will need to be supplemented with your own specific settings such as login / password and mail server settings. Contact your hosting provider for these things.

Mac OS

Windows

So if you have other clients, other operating systems, let me know and I’ll add them to the list.

 

Xerox Scan Email Virus

The tricks these guys try…

So I get an email, apparently a scan of an image from a Xerox copier sent to my inbox.

I am going to open the zip file that is attached? Um No!

This is what I see wrong with this one…

  1. Images don’t need to be zipped, it doesn’t compress them enough
  2. It was sent from someone I don’t know at admantech@nederland.8bit.be
  3. It’s incredibly vague.

Obviously targeting large organisations that have these centralised scanning machines that deliver documents in this way, but for the other masses, a real scatter gun approach.

Heres the text:

Subject : Scan from a Xerox WorkCentre Pro N 2918425

Please open the attached document. It was scanned and sent to you using a Xerox

WorkCentre Pro.

Sent by: Guest

Number of Images: 1

Attachment File Type: ZIP [DOC]

WorkCentre Pro Location: machine location not set

Device Name: XRX9679AA7ACDB40111008

For more information on Xerox products and solutions, please visit

http://www.xerox.com

The Phishers / Virus Makers have Hooked Amazon now

Phishing is all about getting people hooked, line a sinker, this time Amazon is the recipient of the Phishers focus.

It seems to be the usual DHL / UPS style scam, where a zip archive is attached to an email that carries the nasty payload.

Asking you to print the attached postal label to get your package.

As usual, delete these emails as they are nothing but a cover for a dangerous virus or scam.

Here is the transcript of the email

Goodafternoon!

Thank you for shopping at Amazon.com
We have successfully received your payment.

Your order has been shipped to your billing address.

You have ordered ” Asus Eee PC T91Go ”

You can find your tracking number in attached to the e-mail  document.

Print the postal label to get your package.

We hope you enjoy your order!
Amazon.com
Attachment is called Postal_label_Nr234.zip

It is interesting to see these people targeting suppliers / vendors that have wide audiences. Removing any refernce to DHL or UPS as this is starting to get a little old.

I wonder how long it will take for the Anti virus brigade to recognise this new variant.

Email Scam targetting mail users at specific domain

Well they keep rolling off the spam/scam production line.

This one pretends to be an email from mail support of a specific domain. As with all of these mass email scams, they don’t realise that the person they sent the email to manages all of the mail for that domain (Including the “support” that is mentioned in the email)

This is a phishing scam hoping to gain logins and passwords to try to gain access to mail (or if you are sharing login details) or other online services.

Here is a transcript

Subject: Your profile will be locked in response to a complaint received by the Administration
from: support-62@deepweb.co.nz

***This message was created automatically by mail-delivery software. Do not reply to this message.*** 

Hello!
Your profile will be locked in response to a complaint received by the Administration 29.01.2010 ?.
According to "paragraph 8 of the user agreement, deepweb.co.nz reserves the right to suspend or terminate the provision of services deepweb.co.nz, promptly notifying the user. 

Refute the statement may be, following this link:
<a class="moz-txt-link-freetext" href="http://schwaber.net/472e3bb6">http://schwaber.net/472e3bb6</a>


If the application is not rejected within 7 days, your e-mail an account will be blocked.
It has a number 237242679231777. 

In the near future we will contact you.
It takes up to 3 days to process your request.
Thank you!
--------------------------------
Sincerely,
mail support service
deepweb.co.nz 

As you can see they are using shortened style urls to hide things, but it is unsophisticated as they use a completely unrelated domain as the link.

Most likely this will be handled by the antispam handlers, but shows these scams are still out there and are unlikely to go away.

Other variants of this try to dupe gmail users into giving their logins to the phishers

DHL, UPS Virus Email, What Next NZPost?

Many times there are things that show the US Centricness (Is that a word?) of the internet:

  • .com readily meaning US site
  • US date formats in online forms
  • USD as the default currency

Well another example is the idea that every country must use UPS and DHL for their parcels.

Why else would all of the post / courier etc virus emails sent all around the world have these two as the only options to use.

The phishers seem to have a better idea…use a local provider to have a better chance of success. (Even these guys get it wrong: Note to Spammers – I dont have any Commonwealth Bank of Australia accounts)

What is wrong with NZPost? I suspect that in any case like this, an email from a local bank / services company / postal service etc would be more troublesome to the local population.

So, look out for suspicious emails from local suppliers, and as should be usual practice, here are a few standard tips to protect you from email nasties:

  • Any email asking for any form of login / password should be treated suspiciously
  • Any email warning of a security breach should be treated suspiciously
  • Don’t click on any links in emails that you are unsure of, instead go to the website manually
  • Don’t open any attachment that is unexpected, this especially includes zip files
  • Keep your virus software up to date and make sure email scanning is turned on!

Let me know of any other tips or other virus laden emails you have had to send to your trash bin.

Possible new DHL Email Virus

Wow, the virus / malware people are working overtime, my last post was about the Mail Server Upgrade scam / virus, now interestingly, a DHL email has slipped past my virus scanner.

In the past these have been picked up and have never been a threat, but this one got through, the email reads

Subject: DHL delivery service. Get your parcel NR.26252

Dear customer!

The courier company was not able to deliver your parcel by your address.
Cause: Error in shipping address.

You may pickup the parcel at our post office personaly!

Attention!
The shipping label is attached to this e-mail.
Please print this label to get this package at our post office.

Thank you for attention.
DHL Delivery Services.

As usual, there is a zip file attached. This normally trips the virus scanner,b ut not this time.

Hopefully the next virus updates will catch up with this new variant.

New Email Threat – Mail Upgrade Virus

I have had a couple of clients send on emails they have recieved with what seems to be a reasonably well crafted email describing an upcoming mail system upgrade.

The key thing is there is a link given to click on that in one email was direct to an executable file, assumed by me to be a file carrying either a virus or trojan program.

Another email had a link to a page on a website. (Which could easily redirect to a file download)

As with other emails of simialr technical nature, thsi one tries to talk in enough tech language to try and come across as legitimate.

Here is a transcript

From: System [mailto:System@clientsite.co.nz] Sent: Tuesday, 20 October 2009 12:20 PM
To: validemail@
clientsite.co.nz
Subject: Attention – Mail system upgrade

Attention!

On October 22, 2009 server upgrade will take place. Due to this the system may be offline for approximately half an hour.

The changes will concern security, reliability and performance of mail service and the system as a whole.

For compatibility of your browsers and mail clients with upgraded server software you should run SSl certificates update procedure.

This procedure is quite simple. All you have to do is just to click the link provided, to save the patch file and then to run it from your computer location. That’s all.

http://updates.clientsite.co.nz.secure.certificates-db.com/ssl/id=7721494943-validemail@clientsite.co.nz-patch6559.exe

Thank you in advance for your attention to this matter and sorry for possible inconveniences.

System Administrator

Another one, similar

—– Original Message —– From: “administrator” <administrator@clientsite.co.nz>
To: <validemail@clientsite.co.nz>
Sent: Tuesday, October 20, 2009 1:56 AM
Subject: Read carefully:Mail System Upgrade

Attention!

On October 22, 2009 server upgrade will take place. Due to this the system may be offline for approximately half an hour.
The changes will concern security, reliability and performance of mail service and the system as a whole.
For compatibility of your browsers and mail clients with upgraded server software you should run SSl certificates update procedure.
This procedure is quite simple. All you have to do is just to click the link provided, to save the patch file and then to run it from your computer location. That’s all.

http://updates.clientsite.co.nz.secure.certificates-db.net/ssl/id=798545139-validemail@clientsite.co.nz-patch2066228.aspx

Thank you in advance for your attention to this matter and sorry for possible inconveniences.

System Administrator

(urls changed)

It seems like some anti-spam has already picked this up, but if you see an email like this beware


Latest Email Scam – Trying another Tack

I have just started receiving a new wave of scam emails, these look like phishing ones (where the perpetrators try to mimic a reputable website, to encourage the public to enter personal details etc ), but the twist is that they are now changing from fear related (ie for your security, or there was a problem style) to reward related.

Here is the email I just got, I have removed the link, but left the link text:

Subject: Complete our quiz for a chance at 500$
From: quiz@commbank.com.au

Complete our quiz for a chance at 500$

We will randomly draw 50 winners from those that respond with all correct responses and deposit $500 in the customer's account.
You may only enter once and must be a member to enter. 

Please follow the link below to proceed: 

<a class="moz-txt-link-freetext">http://www.commbank.commbankcau.com/quiz/</a>

Winners will be notified by phone and/or mail. 

You must complete this quiz within 24 hours to win. 

Sincerely,
Commonwealth Bank

Notice that the domain of the email quiz@commbank.com.au
, and the domain name of the link www.commbank.commbankcau.com
are different

These are all attempts to trick people into clicking the link and handing over their details.

Once again, any emails coming from your, or another bank or financial institution like Paypal should be treated with caution. As a rule, do not follow any links in these kinds of emails. Go to your Bookmarks, or search in Google for the text of the email to see if you can find any mention of scam related issues.

Let me know if you have seen something similar, or other tactics these people are trying to use to trick us.