Many email clients today have an option to disable automatic loading of images in your email. Many even have this feature enabled by default. Why is this a good thing to do?
1. You may want to protect your eyes (or yours kid's eyes) from images you'd prefer not to see. This way you can open an email without also loading its images, and then decide whether you'd like to display the images.
2. In the past, there was some worry that "images" you load might contain viruses. I don't think this really happens, especially as computer software is much more robust now.
3. The main reason images are often blocked by default is to protect your privacy from spammers. Images you see in your email can be one of two kinds - (1) the local kind where the image files are actually attached to your email, or (2) the externally linked kind where your email references files that are stored on an external server. If it is the second kind, your computer will have to contact an outside server to get the pictures to be displayed. When it does this, it may log a message on the server that you have opened the email that was sent. This lets spammers know that your email address indeed is a real address, and they may spam you more!
Here's links about how to enable this feature for your mail:
- In Yahoo! mail or Yahoo! mail classic: I believe Yahoo's default is to initially block all images.
- Gmail doesn't automatically load externally linked images, unless it is received from a someone you have emailed twice. You can customize this setting.
Saturday, November 21, 2009
Wednesday, November 11, 2009
Scams, example 3
The below text is from an email addressed from a good friend of mine:
I was immediately suspicious because (1) the style is definitely not the way my friend would write, (2) there are tons of typos, and (3) I'm suspicious of anyone trying to get me to buy products/wants my money.
I contacted my friend, who said she did NOT send that message. I asked if she experienced any other side effects, and she said all of her contacts in her email account had been deleted, but that luckily her virus/malware scanner found nothing.
I'm guessing that the intruder obtained her password somehow, perhaps by just trying to guess her password. The intruder then spammed everyone in her contact list. Wouldn't that take a lot of work? Not really, some people hire folks to do this. Plus people can write programs that aid in the attack.
I did some search online, and it looks like this web site is a fake site that sells consumer electronics for "really cheap." You buy your cheap, "authentic" iPod or whatever, submit your payment, and wait a while until you realize maybe they're never going to send you anything, or they send you something fake. But you can't really do anything about it because this "company" is based in China (we think.)
Reminders:
1. Be careful where you shop online - you can't just trust any shop.
2. Use a strong password, and avoid falling for phishing attacks.
3. If this happens to you and your email account has been compromised, (1) immediately change your password to a new password. (2) Run your (up-to-date) virus scanner to make sure there's nothing bad installed on your computer. (3) Alert friends who may have been spammed through your account so they don't fall for it.
Friday, November 6, 2009
Avoiding scams - another example
The below message got by my SPAM filter and landed in my email inbox: (BTW, I normally do not allow automatic display of images in emails, or even open suspicious emails, but captured the below image for educational purposes, after doing some research.)
The email looks like it is from a social networking site, asking me to join/accept a new friend. This is not uncommon - we often get/send messages to people inviting them to join Facebook, LinkedIn, or some other social networking site.
However, the email immediately looked fishy because (1) I've never heard of "Jhoos" and was suspicious of it. (2) I didn't know the person whose name was listed in the email who supposedly "wants to be my friend." I did a search on that person's name in my email inbox and we were once both cc'ed on a message. (3) It's funny there is both a "Yes - Accept" and "No - Reject" button. Why would I click No to reject a friend on a site that I don't even belong to (instead of just deleting the email.)
Reminder 1 - Don't click on links if you're not sure of the site it is taking you to, especially if it is given to you by someone you don't know!
Reminder 2 - Just because an email says it was sent to you by John Smith does not mean it was sent by John Smith. Even if it is (supposedly) your best friend asking you to join some site, I'd double check with your friend, and double check the site (if I haven't heard of it.)
I did a google search on "jhoos" and supposedly it is a free online dating service. BUT, I also found many other google results (such as McAfee's SiteAdvisor site) that WARN AGAINST that site, which will install things on your computer without you knowing, send "invitations" to everyone in your address book (it asks you to enter in your email password so that you can supposedly connect with other friends), and perhaps other things. I didn't try it out myself, but seems pretty clear to me the social networking/dating thing is a front.
Reminder 3 - Don't ever give your email account password to anyone!
I know some sites will ask you to enter your email account info, and I really dislike it. (Facebook has it as a feature for inviting/connecting with friends.) Sure, maybe it's convenient. But do you really wanna give that much access to your account to some stranger? It's like giving someone the keys to your house. Not a good habit.
However, the email immediately looked fishy because (1) I've never heard of "Jhoos" and was suspicious of it. (2) I didn't know the person whose name was listed in the email who supposedly "wants to be my friend." I did a search on that person's name in my email inbox and we were once both cc'ed on a message. (3) It's funny there is both a "Yes - Accept" and "No - Reject" button. Why would I click No to reject a friend on a site that I don't even belong to (instead of just deleting the email.)
Reminder 1 - Don't click on links if you're not sure of the site it is taking you to, especially if it is given to you by someone you don't know!
Reminder 2 - Just because an email says it was sent to you by John Smith does not mean it was sent by John Smith. Even if it is (supposedly) your best friend asking you to join some site, I'd double check with your friend, and double check the site (if I haven't heard of it.)
I did a google search on "jhoos" and supposedly it is a free online dating service. BUT, I also found many other google results (such as McAfee's SiteAdvisor site) that WARN AGAINST that site, which will install things on your computer without you knowing, send "invitations" to everyone in your address book (it asks you to enter in your email password so that you can supposedly connect with other friends), and perhaps other things. I didn't try it out myself, but seems pretty clear to me the social networking/dating thing is a front.
Reminder 3 - Don't ever give your email account password to anyone!
I know some sites will ask you to enter your email account info, and I really dislike it. (Facebook has it as a feature for inviting/connecting with friends.) Sure, maybe it's convenient. But do you really wanna give that much access to your account to some stranger? It's like giving someone the keys to your house. Not a good habit.
Subscribe to:
Posts (Atom)
Posts
