Since I started tracking spam mail in June 2005 I have now received a total of 17,579 emails of which 11,589 were spam. That leaves me with 5,990 (34%) of the mails were legit that I asked for. The upside is that this year 69% of my mail was legit (1,529 emails).
A few things that I keep telling everyone and bears repeating here:
- If you get mail that purports to be from anyone asking you to re-enter or reverify your account information never click on the link provided. Go directly to their site yourself and check there.
- Keep your firewall up-to-date and active. If you don't have a firewall get one and install it. There are a number of good free firewall packages out there.
- Keep your anti-virus up-to-date and active. Again, if you don't have this software get one and install it. Like #2 there are a number of excellent packages out there for free that you can download.
- Keep your Operating System (O/S) up-to-date and apply all patches immediately. It does not matter what O/S you run, keep your system up-to-date.
- Keep a good set of backups. Even if you follow #2-4 hardware does fail at times and having a good current backup will go a long way to restoring all of your critical files.
- If you get an email that sounds to good to be true... it probably is.
- Never open up file attachments that you don't know who the sender is. Even if you know the sender, check the file first with a current virus scanner and then check with the person before trying to open the file. You are not paranoid, just prudent if you check before doing anything with that file.
- Enable viewing of the extension of the file name. Some of the nasty packages are really '.EXE', but, shows '.ZIP' at the end of the name hoping to trick you into trying to open the package.
- Change your passwords on a regular basis. Some people use passwords that have never changed in years, use post-it notes with the account and password or make an easily guessed password. You can make passwords that are hard to guess, but, easily remembered. If a cracker can guess your account password then they can use your identity for whatever purposes they want.