Tuesday, November 17, 2015

Phishing Email - Wells Fargo Online Banking Alert

Phishing Email - Wells Fargo Online Banking Alert

Recently an email with "Note:This is a service message with information related to your Wells Fargo account(s). It may include specific details." email is circulating.
It's a  phishing email. But I walk you through how to tell for sure. 
What to do? 
Report them

Report Phishing
 URLs at Google now 

If you have recievied this email take further action now by click these links

  1. https://www.google.com/safebrowsing/report_phish/?hl=en&url=updatewells.net

Text of the phishing email; 

Dear Wells Fargo Online Customer:
We're writing to let you know that your account needs to be updated and verified immediately.

To proceed, Click on to Update

If this is not done your account may be disabled or blocked.
Please don't reply directly to this automatically-generated e-mail message.


Online Banking Team

How to tell this is a Phishing email ?

  1. Is email is from you to you, then it's phishing.
  2. Hover over all links in email, if it's not from the wellsfargo.com site then forget it.

    In above example, the Online Privacy Policy link points to wellsfrago.com, but the action link Update is to updatewells.net which is a spam collecting site.

  3. The best way is to look at message source, see below.

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.

For this phony email, well look at the top 50 lines of the message, known formally as the "message header".

At line 50 you have Return-Path: 233571@service-node-13.ng.hostnet.nl
and is suspect because domain was registered in Neatherlands (
Why look at "Return-Path"? When the e-mail is put in the recipient's mailbox, a new mail header is created with the name "Return-Path:" containing the address on the MAIL FROM command. So it's a quick hit to determine authenticity.

Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (downarrow to top right)->Report Phishing 

Report Phishing URLs at Google now 

If you have recievied this email take further action now by click these linksHover over the iforgot.apple.com link and match the URL and click on the match link to report them as phishing to Google.

  1. https://www.google.com/safebrowsing/report_phish/?hl=en&url=updatewells.net
If you don't see your URL here add a comment below.

Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Sunday, October 25, 2015

Windows 10 - Set Time Automatically (from the internet)

The trend in Windows 10 of the Metro design is the simplification of user interfaces design, whose goal is universal access to non-technologist. However, too many times the balance between simple and loss of information to make decisions is lost. Let's take for classic example, the need to set time on your computer accurately. 

Windows 10 has a nice slide button that says to Set Time Automatically. Well that's vague, right. The first question now is set time automatically according to what? Just adding "Set Time Automatically from internet" might be clearer or hover over with the additional information could have saved me from writing this post. 

Let's drill in, this setting automagically allows you to synchronize your Windows 10 time from a centralized time Network Time Protocol (NTP) server. The default NTP server set by Microsoft is times.windows.com, which does a great job. You can change that in Region & Language.

Each respectable nation in the world, has their own NTP Servers, and here's a brief list; 
  1. USA - time.nist.gov
  2. Canada -  time4.nrc.ca
  3. UK - ntp2c.mcc.ac.uk  University of Manchester
    (UK Nation Physics Lab  NTP Server is no longer funded) 

More here...

Saturday, October 24, 2015

Windows 10 is not spying on you - opt out ads using privacy settings

Windows 10 has an unprecedented level of privacy controls. Unlike other companies, you can opt out of many of privacy settings.

In Windows 10 - goto ‘Settings’ -> ‘Privacy’. It may seem like allot of options, but all 13 different sections you have a choice to control your privacy setting. 

Turning everything of your concern to ‘off’.

One last thing you can turn of adds in your browser by opt out of personalized ads from Microsoft here