Quick primer: phishing is email that pretends to be from some business or bank with which you might have an account, urging you to take some action to protect your account from a security risk. You click the link in the email — JUST DON'T DO THAT, OK? DID YOU HEAR ME? *D*O* *N*O*T* *C*L*I*C*K* *L*I*N*K*S* *I*N* *U*N*S*O*L*I*C*I*T*E*D* *E*M*A*I*L*!*!*!*!*!* — and it takes you to a fake site which looks like the real site for the business in question. And it says that to prove your identity and protect your account, you have to give it your bank account, credit card, Social Security number, etc. JUST DON'T DO THAT, OK? DID YOU HEAR ME? JUST DON'T DO THAT! You'll lose your bank account, your credit, and worse.

Here's rule one: if they sent you the message out of the blue and it includes a link, it's a phishing message. Don't click the link. JUST DON'T DO THAT, OK? DID YOU HEAR ME? JUST DON'T DO THAT!

OK, but now if you're curious, you can explore the phishing email. Hover the mouse over the link. If you've got a decent mail reader, you'll see the real address of the link. In the message, it might look like http://www.PayPal.com; but when you hover over it, you'll see something entirely different. That's proof positive that you're being phished. Don't click the link. JUST DON'T DO THAT, OK? DID YOU HEAR ME? JUST DON'T DO THAT! Often it will just be an IP address; and if you try to trace it down, you'll likely find it's in a foreign country.

Well, today I got an interesting one, because the phishing link wasn't an IP address; it was Google! Here it is, in part:

http://www.google.com/pagead/[Whole bunch of junk omitted]&adurl=http://[IP address cleverly encoded]/departament/index.php

I didn't put the whole thing here, because I don't want some moron somehow copying it into the browser and visiting the phishing site. JUST DON'T DO THAT, OK? DID YOU HEAR ME? JUST DON'T DO THAT!

But look at what they've done: they've highjacked the Google ads mechanism. Google ad images always include a link to redirect you to the advertiser. Well, instead they're making Google's servers do the work of forwarding you to their phishing site. So if you hover over the link, it looks semi-legit, because it is a legitimate Google link.

Except, of course, that the phishing email claimed to be from PayPal, not Google.

Still, someone gullible might believe the two companies were working together somehow. And so the "hover the mouse" technique might fail, since some readers will only show a short stretch of the total URL. The one with my Web mail, for example, only showed part of the address, not including the &adurl=http://[IP address cleverly encoded]/departament/index.php part. Microsoft Outlook 2007, on the other hand, shows all 209 characters of the URL.

So unless you're careful, the hover approach can still fail to alert you to a phishing address. There's really only one safe course: JUST DON'T CLICK THAT LINK, OK? DID YOU HEAR ME? JUST DON'T DO THAT!

When I'm traveling on my own dollar, I keep an eye out for Red Roof Inn. They're consistently at or near the lowest price of any national chain, and they're consistently clean and well-maintained, with courteous staff. Plus many of their locations are T-Mobile HotSpots, and I have a T-Mobile subscription, so I can get online there easily.

But there's Red Roof service, and then there's Red Roof service...

My new contract work is on a project with some pretty tight deadlines looming, so there are some long days lately. When the days are long enough or the weather nasty enough, I prefer to check into the local Red Roof than risk the trip home. A night there is $45, which is one-third the cost of a wrecker, so it's an easy decision.

Monday was a long day: 18 hours. So I decided to check in to Red Roof. I arrived around 5 a.m. (Tuesday, technically, but still Monday for me), got a room, slept, and checked out at noon.

Tuesday was a shorter day: only 14 hours. Still, that meant it was after 3 a.m., and I was tired. Another Red Roof night. I checked in around 3:30 a.m. (Wednesday, technically, but still Tuesday for me), got a room, and slept.

At just about noon, I got a call from the front desk. They told me they owed me some money, but I told them I was pretty sure we were square. Eventually I realized that they had recorded the Monday/Tuesday check-in as a Tuesday night stay with an early arrival. They said I had paid twice for one night; but I insisted that I had slept two nights and paid for two nights, and as far as I was concerned that was fair. I also said that if the unexpected blizzard continued, I would be back that night.

Well, the blizzard turned to rain, which made the slush nice and slick. And while my day was very short (only 9.5 hours), I was too tired to risk the roads. Back to Red Roof!

But when I got there, the night clerk had a note from the day clerk: if I showed up, my stay that night was already paid for. I explained why I thought I owed them money; but he insisted that their policies said I had paid for two nights and only used one so far. Finally, I decided that if they were going to insist on letting me sleep three nights for two payments, I wasn't going to argue with them. But I sure plan on telling people what good service they provide.

So if you find yourself stranded late at night in the Kalamazoo Portage area, I highly recommend Red Roof Inn West, conveniently close to Western Michigan University and other local attractions.