These are very basic things every internet users must know today to protect themselves against the attack of web chameleons.
The From address of an email does not always inform you about the real identity of it’s sender. Just because you have received an email which is appearing to be coming from your friend Pierre Dupont or from an email address firstname.lastname@example.org does not always mean that it was indeed sent from Pierre Dupont, or from the email address email@example.com.
The only way to know who has sent an email is to check it’s header, but in practice, rarely anyone checks header of every email received. I can in fact, send you a mail, with a « false » sender’s address of anyone.
The second trap is links like https://www.cic.fr/ where you may think that you are clicking on a link of the CIC bank, but in reality, you might be clicking on something different. Say, unless you are careful, I can redirect you to an address like http://www.cic.kigoobe.fr/. Now I can design the page of http://www.cic.kigoobe.fr/ in the same way as the real https://www.cic.fr/, and can register your userid and password on my database, before redirecting you to the real https://www.cic.fr/ address.
A normal user will understand nothing, since he is ultimately going to his bank, but the important thing is that in between I have saved your userid and password. Later, I can login to your account and transfer all your money to some other account from a different country.
This is a real threat. Two things one needs to know here. That, just if a link reads https://www.cic.fr/, this does not mean that it is the real URL of CIC, and second, one needs to learn how to read a web address. We do mistakes because of our ignorances. The important thing is to notice what is preceding the tld. In https://www.cic.fr/, CIC is the real website since it is preceding the tld .fr, but in http://www.cic.kigoobe.fr/ or in http://www.cic.kigoobe.com/, KIGOOBE is the real website because it is this what is preceding the tld .fr or .com. CIC written after www. just shows that CIC is a subdomain of the real domain KIGOOBE.
One way to know the real address of a link is to mouse over the link, and look at the status bar below. And even there, to see whether we are clicking on CIC.fr or on CIC.KIGOOBE.fr. Never click on a link unless you are sure about where you are clicking.
And in fact a « dangerous » link can be more harmful than what you are imagining at this moment. A bad IT guy (or a good IT guy with a bad intention, whatever), can send you a chameleon link what you might click without knowing really. That click can install a software in your computer quietly. At this instance, you still don’t know or suspect anything. But the bad IT guy with the help of the software he has just installed in your computer is already tracking every little thing that you are doing in your computer.
It’s as if like he is watching you from your back. He can see your screen in his computer exactly as you are seeing it. He can see links you are clicking, he can see what you are typing, and he can even see what is stored in your computer. Not only that, he can even click links on your computer. On other terms, if your computer is switched on, he can take the full control of your computer sitting right in his office.
Chameleons are dangerous creatures of the internet. It’s important to stay alert when we are surfing the web. And by the way, KIGOOBE.com is not a website of a net pirate, it’s my own harmless website who is cautioning you of possible dangers of the internet.