JLV from southern California sent the following message to ActuallyFree.info:
"I came across this site: getmetobangkok.com. They are giving away two airline tickets free to Bangkok from anywhere in the world. Maybe you might want to include it."
This blog entry will serve two purposes. 1. It will show readers and fans out there that I actually check into links that are sent in and/or added to ActuallyFree.info directories. 2. It can educate others on how to check to see if an emailed link is legitimate or a scam.
One question that I could ask myself is "what is the motive of the person who sent the email?"
I don't know JLV personally, so he could be someone who is actually trying help me out, or he could be someone who is trying to promote the link because he has a vested interest in it. (JLV, if you're out there reading this, no offense is intended. This is just a great opportunity to show others how to handle emailed links) The link was a simple .com link, so I can see that it wasn't a referral link. If it ended with /ref#123 or something like that, then the sender would probably be getting a commission for promoting the link. That doesn't mean the product is not worth looking at; it simply means the sender's motive is more to earn money than it is to share the best product by word of mouth. Worst case scenario is this link leads to JLV's website (or the sender's website, again no offense intended if JLV is reading), and its loaded with spyware that downloads to my computer. Once that happens JLV has all kinds of ways of making illegal money off of my computer.
A common phishing scam is to send emails that look like they're from eBay, PayPal, Facebook, MySpace or some other popular website that requires membership. The phishing email says something like "dear user, please follow this link to update your account and avoid deletion or fees." The person clicks on the link and they're brought to a website that looks like the real deal, but its not. When the person fills out the form provided, they're not updating their account on a legitimate site, they're submitting their personal information to the "phisherman", which is then sold for profit, and can even be used for identity theft. Or the login information is used to log into their actual account on the actual site, and their facebook profile or myspace profile is used to send spam and ads to all the person's friends.
The two most common ways to avoid phishing scams are: 1. If its from the legitimate site, they'll use the name that you used to sign up, not "dear user". 2. Don't follow any links provided by email. Type the actual domain name into the browser (www.ebay.com, www.facebook.com, etc.) to get to the site. All of these sites have message services. If they sent you the email, it will also show up on your profile when you login to the real site (using the domain name that you know)
JLV's email could have been a phishing scam. The site probably tells me I have to submit personal information in order to get the free tickets. But what if its an actual, legitimate drawing? I'm open-minded enough to try it if its legitimate, and hopefully win.
First I have to make sure the website itself is safe if I'm going to visit the site. The best way to make sure a site is safe is to have updated anti-virus protection. Most anti-virus softwares (including free anti-virus software) will not permit someone to click through to a dangerous site. Since I don't have updated software on my older computer, which I was using at the time I read the email, I can also check the link at McAfee SiteAdvisor (www.siteadvisor.com). McAfee keeps a database of reports on millions of websites that they test. The reports are free and open to the public. You can also download the software for free to get an advisory band during google searches, but it slowed down my computer when I tried it. So I just go to their site to read the reports. If McAfee site advisor says that the website is at least safe, then I would type the link into the browser and see what the site has to offer. Maybe I would even try to find the name of a company so I could do some research on that.
McAfee SiteAdvisor didn't have a report on getmetobangkok.com. I submitted it for review, but getting a report isn't immediate (understandable since McAfee gets tons of submissions per day).
The next strategy I can try is to look up who owns the domain name on a WhoIs search. Sometimes a WhoIs search only reveals information for a proxy registration. This means that the person who actually owns the domain name is using the proxy's information in order to not reveal personal information. This is great for individuals who want personal websites without revealing personal information, but its a very bad sign when a "business" uses a proxy registration.
I used the WhoIs search provided by GoDaddy.com to find out that the domain name "getmetobangkok.com" is owned by a company called "c2p print design Pty Ltd" and its located in Australia. If this was a USA-based business, I would then check to see if the business has a report at the Better Business Bureau (www.bbb.org). Since it is located in Australia, I had to find out who their BBB equivalent is. Their BBB is called the Office of Fair Trading, and their website has a Business Names Details check. Here is the report for C2P Print Design.
Since I now know C2P Print Design is a legitimate business, I would feel comfortable using the domain name getmetobangkok.com. If there was no business registered under that name, then my last step, just to see if the website was safe, would be to go to a public computer at a library or school, not my own, and click the link. If a public computer gets a virus, no data is lost, because my files and information aren't stored on the public computer. The administrator simply re-installs the operating system and the computer is as good as new. Of course, going to a public computer is something I would only do if I really, really wanted to find out what the site had to offer. It is still possible that the site is legit even if they don't have a report with the better business bureau, or even if they have proxy registration information for the domain name. I just wouldn't know how to verify if it was legit or not until I went to a public computer to see if the site was safe and to find more information on the site itself.
When I went to getmetobangkok.com, I found an offer for 2 free tickets to Bangkok from anywhere in the world, just like JLV had mentioned in his email. This type of freebie falls under the category of "drawings, contests, prizes, sweepstakes, etc." The key to getting any freebie offered as a prize in a contest or sweepstakes is to follow all the directions when submitting your entry. This means reading all the fine print and following it to the letter. If the contest allows more than one entry, then by all means, submit more than one entry to improve your chances. More information can be found at the Contests and Sweepstakes page of ActuallyFree.info.
Although I've established that the domain name "getmetobankok.com" is owned by a legitimate company (C2P Print Design in Australia), I will throw up at least one red flag when analyzing the site. They don't have a separate page describing a privacy policy. They do have one sentence on the main page describing a "no spam" policy, but one sentence certainly isn't enough for legitimate sites in the USA. Also, the separate page describing the rules of the game doesn't provide very much information. These are things to be cautious about when submitting personal information. In all fairness, the site and company appear to be new and starting up.
JLV - once again, sorry for making you the guinea pig, and no offense intended. I appreciate the submission and encourage all other readers to submit freebies as well.
For more ways to verify the safety of a site and legitimacy of an organization, freebie, or program, click here.
No comments:
Post a Comment