With the volume of fraud emails from PayPal, Ebay and Chase bank, this is a handy tip. Sometimes it's very difficult to locate the legitimate emails!
AppleMail users: Go to preferences/Viewing and set header detail to "ALL", to see full header details.
More on email security - http://www.essentialsecurity.com/educationalfacts.htm
Discussion on:
View:
Show:
If you want to see the raw email, press "CTRL U". It will come up in another window.
Hope this helps,
PJ
Hope this helps,
PJ
Good tip but a little dated. Been doing this for years. A Reverse DN lookup / Blackhole does the trick for me.
It may be dated for you but what about someone new to computers? It's new to them, we should continuously share our information to help those who may not have seen it before.
All PayPal, Ebay, etc, fraud emails that I have ever seen always begin with "Dear PayPal/Ebay/etc User".
All official emails from these institutions without exception begin with "Dear (your full name)".
Apparently, these companies cannot stress this enough, as there are still hundreds, if not thousands of people still being fooled by spoof emails every year.
All official emails from these institutions without exception begin with "Dear (your full name)".
Apparently, these companies cannot stress this enough, as there are still hundreds, if not thousands of people still being fooled by spoof emails every year.
Whenever I receive an email purporting to be from PayPal or e-Bay, I simply forward it to "spoof@ebay.com" or "spoof@paypal.com." I've been doing this for several months. I don't seem to be getting these persistent fraud mails anymore. I figure that if e-Bay or PayPal have some reason to want to contact me about my account, they can ask me to log onto my account, and ask me from their Web site.
Many fraud e-mails are sent in HTML format and when you forward them (with some e-mail clients) are turned into text. This means that the addresses underlying the hyperlinks in the e-mail are lost. Also, the header info can be lost as well.
If you know how, it will provide the "spoof" handlers with more info if you forward the mail and attach the source text as well.
In FireFox this is done with (I'm trying to remember the exact set of pull down menues) "View -> Message -> Source" (or something like that). This will display the full headers and full HTML text. If you don't understand it, don't worry. Just copy and paste the whole of it in your message to the spoof handlers. They should know what to do with it.
BUT, don't just forward it without comment. Add in something about why you are forwarding it.
If you know how, it will provide the "spoof" handlers with more info if you forward the mail and attach the source text as well.
In FireFox this is done with (I'm trying to remember the exact set of pull down menues) "View -> Message -> Source" (or something like that). This will display the full headers and full HTML text. If you don't understand it, don't worry. Just copy and paste the whole of it in your message to the spoof handlers. They should know what to do with it.
BUT, don't just forward it without comment. Add in something about why you are forwarding it.
[I meant to add this to the end. It has now been moved.[
The PayPal spoofs are also easy to determine as they usually say that your account is being updated/ cancelled and what you to update your accounts. PayPal never does this. Recently I got an email from PayPal saying I just paid someone $300+ dollars and to hit a link to object. I have never got a paymetn onfirmation like this. What I usually do is just forward the email to spoof@paypal.com or ebay or whomever and I will quickly within 30 minutes get an automated reply that this email was a fraud.
It's not that this tip wouldn't work against so many forged emails coming from Ebay, Chase, Citibank, Paypal and many other known financial and commercial sources with an extended customer base.
The problem with it is customers being gullible enough to believe in those forged emails. Each company should work a lot to teach customers how to tell a valid email from a forged one (check Paypal's website; they have posted quick guidelines). If a customer doesn't check even those quick guidelines (like email being sent to or sent from specific accounts, email being directed to Mr. Someone Somesurname, and not to "Dear Customer", emails with spelling mistakes, etc.), I'm pretty sure they won't be checking email headers.
This tip is great to validate some suspicious emails in which you're not so certain about the sender, moreover if it's a known sender (and even in those cases, the best way to validate is to send an email to said sender and tell them 'hey, did you send me this?'), but using it to tell a difference between a commercial email and a scam... I think it should be clear enough that any email that asks you for your personal information or financial account number or PIN code is quite a fraud.
The problem with it is customers being gullible enough to believe in those forged emails. Each company should work a lot to teach customers how to tell a valid email from a forged one (check Paypal's website; they have posted quick guidelines). If a customer doesn't check even those quick guidelines (like email being sent to or sent from specific accounts, email being directed to Mr. Someone Somesurname, and not to "Dear Customer", emails with spelling mistakes, etc.), I'm pretty sure they won't be checking email headers.
This tip is great to validate some suspicious emails in which you're not so certain about the sender, moreover if it's a known sender (and even in those cases, the best way to validate is to send an email to said sender and tell them 'hey, did you send me this?'), but using it to tell a difference between a commercial email and a scam... I think it should be clear enough that any email that asks you for your personal information or financial account number or PIN code is quite a fraud.
Certainly TheITStranger didn't intend that you respond using the REPLY button, but to send a separate message to PREVIOUSLY KNOWN address of the supposed sender.
Also, NEVER left-click on any link in a spoofed spam. Instead, mouse-over to read the ACTUAL, unobfuscated link in your status bar.
A good way to screen out the greatest majority of spoof/phishing spam is to establish a unique email address (using non-name strings, like 3d4a5v6i7d@hotmail.com) reserved ONLY for eBay &/or PayPal communications. This is easily done using one of the extra free email boxes offered by your ISP, or any of the free services such as Hotmail, Lycos, Gmail, etc., so that you instantly know that ANY message from your banks, eBay or PayPal that arrives in your primary email box is obviously a fraud, since they would have no knowledge of any address except the "targeted" address you've established for them.
Even with that precaution, one can't assume that your designated address won't still get an occasional phishing spam, since they are sent out by the millions, with sequential mass addressing
(aaaa, aaab, aaac, etc.) hoping for "hits".
In addition to the http://castlecops.com/pirt, always send, with FULL copy/pasted headers, all phishing/spoofed messages to:
Phishing ,and [for USA residents]
spam@uce.gov, and uce@ftc.gov [Other countries hopefully have equivalent addresses in place]. The more volume of fraudulent email that gets forwarded to those addresses, the more it is likely that "official" measures will be taken (think stronger anti-spam laws and protections) by the "Powers That Be".
Also, NEVER left-click on any link in a spoofed spam. Instead, mouse-over to read the ACTUAL, unobfuscated link in your status bar.
A good way to screen out the greatest majority of spoof/phishing spam is to establish a unique email address (using non-name strings, like 3d4a5v6i7d@hotmail.com) reserved ONLY for eBay &/or PayPal communications. This is easily done using one of the extra free email boxes offered by your ISP, or any of the free services such as Hotmail, Lycos, Gmail, etc., so that you instantly know that ANY message from your banks, eBay or PayPal that arrives in your primary email box is obviously a fraud, since they would have no knowledge of any address except the "targeted" address you've established for them.
Even with that precaution, one can't assume that your designated address won't still get an occasional phishing spam, since they are sent out by the millions, with sequential mass addressing
(aaaa, aaab, aaac, etc.) hoping for "hits".
In addition to the http://castlecops.com/pirt, always send, with FULL copy/pasted headers, all phishing/spoofed messages to:
Phishing ,and [for USA residents]
spam@uce.gov, and uce@ftc.gov [Other countries hopefully have equivalent addresses in place]. The more volume of fraudulent email that gets forwarded to those addresses, the more it is likely that "official" measures will be taken (think stronger anti-spam laws and protections) by the "Powers That Be".
Was a Great starter discussion but give us MORE, please. This is an important topic!
I have checked the headers of questionable email for quite a while, but I dont really know what I am doing. Some where along the email's path, comments get inserted in some of the headers, I suppose my ISP? frequently puts "untrusted sender" or "misconfigured sender" in the header. Earlier, it was pretty long odds that such emails were junk, but now, seems a lot more than previously, these tags are getting added to valid email. Does anyone know where the notes are added, and what amount of confidence to assign them? Should I complain to the sender's ISP?
I was very interested to see the comments about reading email headers.
I use Pegasus Mail to read most of my mail, and its facility allowing a "Raw View" of an email, including the headers, is extremely useful. I don't know whether MS Outlook and MS Outllok Express can do that too, but if they can, I have never noticed the facility as being readily available.
A further point: many fraudulent emails entice the reader to click on a link to a URL, or an email address. Using Pegasus Mail, if you hover your mouse over such a link, its destination is displayed on the status bar. A quick read of the destination and comparison with the text of the link displayed in the email message will allow you to see whether the destination really is "http://www.hsbc.co.uk" and not something fraudulent like "http://123.234.12.1/hsbc".
Regards
Kenneth Spencer.
I use Pegasus Mail to read most of my mail, and its facility allowing a "Raw View" of an email, including the headers, is extremely useful. I don't know whether MS Outlook and MS Outllok Express can do that too, but if they can, I have never noticed the facility as being readily available.
A further point: many fraudulent emails entice the reader to click on a link to a URL, or an email address. Using Pegasus Mail, if you hover your mouse over such a link, its destination is displayed on the status bar. A quick read of the destination and comparison with the text of the link displayed in the email message will allow you to see whether the destination really is "http://www.hsbc.co.uk" and not something fraudulent like "http://123.234.12.1/hsbc".
Regards
Kenneth Spencer.
Viewing headers with Outlook Express (and the source of the message) is easy. Select the message then press - and right arrow or click on 'Details'.
Be aware that some levels of Internut Exploiter have a bug where a certain character in the URL will suppress display of the rest of the URL in the status line. That is, something like http://www.mybank.combadguy.hacker.co.ru/signIn will display as http://www.mybank.com . IE is the only one with this problem that I've heard of.
Phil
Phil
How would it work if some significant fraction of the recipients began to respond to fraudulent e-mails by returning false credit card numbers, passwords, bank account numbers, etc.
The fraudulent site to which you will be sent -- which is typically not the one you see on the page -- might only have a fraudulent form asking for your information, but just as likely visiting that site will earn you a noxious payload.
Visiting a fraudulent site can expose you and your information to keyloggers, spyware, Trojan horses and worse. No user interaction is required aside from opening the page. Under NO circumstances should you visit a known fraudulent site.
Visiting a fraudulent site can expose you and your information to keyloggers, spyware, Trojan horses and worse. No user interaction is required aside from opening the page. Under NO circumstances should you visit a known fraudulent site.
Using Pegasus, you don't even have to open the msg to see the header. Just right click on the unopened msg in the New Mail folder, and select Message Headers. You can take a look at the message properties in a similar way.
A sample of headers from an email that isn't spam, can often show better what should be looked for in a non-spam email.
The following is an email from the van-lug email list. I know it isn't a spam email, so the contents show valid headers. I masked the data for the poster's email address, as well as my own email address. the list address is publicly available so I didn't mask that.
The following is an email from the van-lug email list. I know it isn't a spam email, so the contents show valid headers. I masked the data for the poster's email address, as well as my own email address. the list address is publicly available so I didn't mask that.
X-Account-Key: account2
X-UIDL: 88e416cb70b470d1e8222a7e7550882c
X-Mozilla-Status: 0201
X-Mozilla-Status2: 00000000
Return-path:
Envelope-to: ********************
Delivery-date: Sat, 08 Apr 2006 21:22:30 -0400
Received: from sol01.ashbva.gweep.ca ([206.55.71.10])
by ez5.ez-web-hosting.com with esmtp (Exim 4.52)
id 1FSOdJ-00084T-Ul
for *****************; Sat, 08 Apr 2006 21:22:30 -0400
Received: from sol01.ashbva.gweep.ca (localhost [127.0.0.1])
by sol01.ashbva.gweep.ca (Postfix) with ESMTP id B2E491B4FB
for ; Sat, 8 Apr 2006 21:22:21 -0400 (EDT)
X-Original-To: vanlug-offtopic@robomod.net
Received: from sol01.ashbva.gweep.ca (localhost [127.0.0.1])
by sol01.ashbva.gweep.ca (Postfix) with SMTP id 6C3921B3C6
for ; Sat, 8 Apr 2006 21:22:15 -0400 (EDT)
Received: from pobox.sfu.ca (pobox.sfu.ca [142.58.101.28])
by sol01.ashbva.gweep.ca (SMTP proxy) with SMTP id 30617
for ; Sat, 08 Apr 2006 21:22:16 -0400
Received: from fraser.sfu.ca (daemon@fraser.sfu.ca [142.58.101.25])
by pobox.sfu.ca (8.13.6/8.13.5/SFU-6.0G) with ESMTP id k391LpDS006412
for ; Sat, 8 Apr 2006 18:21:52 -0700 (PDT)
Received: (from cgoodin@localhost)
by fraser.sfu.ca (8.12.11/8.12.3/SFU-6.0C) id k391Llsa014777
for vanlug-offtopic@robomod.net; Sat, 8 Apr 2006 18:21:47 -0700 (PDT)
X-Original-Date: Sat, 8 Apr 2006 18:21:46 -0700
From: Chuk Goodin *****************
Message-ID: *********************
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.6i
X-Virus-Scanned: by antibody.sfu.ca running antivirus scanner
X-Gweep-Robomod-Bayes-Score: 0.0001
Organization: vanlug.offtopic moderation hosted by Gweep Systems
Date: Sat, 08 Apr 2006 21:22:17 -0400
X-Gweep-Robomod-Bayes-ID: 20060408212217-30690 (as incoming/nonspam)
To: vanlug-offtopic@robomod.net
Subject: Looking for an AMD Duron
X-BeenThere: vanlug-offtopic@robomod.net
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Non-Linux threads among the VanLUG community
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: vanlug-offtopic-bounces+****************
Errors-To: vanlug-offtopic-bounces+****************
In case of phishing scams, you can report the scam to http://wiki.castlecops.com/PIRT or pirt (at) castlecops dot com. I've reported two phishing messages that claiming to be from PayPal but I 100% know that it isn't, as it's a phishing scam.
then I'd spend my WHOLE day reporting the TONS of bogus emails I get in the 5 email accts i have. Yesterday, I got 10 from "Paypal", 10 from "Chase Bank", etc........
Unfortunately, there are a lot of *users* that just don't get it! Case in point, a client of mine, that has been repeatedly shown/told/explained about phishing emails, STILL continues to click the links, and in some cases, GIVES OUT her info. She has been told PAYPAL, et al, will NEVER ask for the info she is providing to these sites. Can you say Some people are just too stupid to own a computer?
Unfortunately, there are a lot of *users* that just don't get it! Case in point, a client of mine, that has been repeatedly shown/told/explained about phishing emails, STILL continues to click the links, and in some cases, GIVES OUT her info. She has been told PAYPAL, et al, will NEVER ask for the info she is providing to these sites. Can you say Some people are just too stupid to own a computer?
Sure you can say there's people out there who are too stupid to own a computer... but doing something about them is totally another matter! I run into several of them a day as I'm sure others do, but they're what keeps my bills paid! I explain things to them... I show them how things work... and they call me out in a couple of weeks to clean up their system. As long as they're willing to pay for their stupidity... I'm willing to take their money.
BTW... putting in an email filter that moves messages with "overseas" in the header to the deleted folder cuts your spam by 90%.
BTW... putting in an email filter that moves messages with "overseas" in the header to the deleted folder cuts your spam by 90%.
It is offputting to read the posting of professionals who call their clients stupid.
Most firms have addresses to which Phishing expedition emails can be forwarded so that they can handle them...or at least be made aware of them.
Such as:
spoof@ebay.com OR spoof@paypal.com - I forward all eBay or PayPal messages there, and they re responsive to this input.
I once attempted to follow up with such emails by parsing the headers and notifying intermediaries and suposed originators of the abuse, but I found the methods to view the headers to be burdensome and the response to the additional input woeful.
I have since only forwarded the messges with whatever headers I can get at to companies who have been responsive to the "abuse@.com" messages. e.g. eBay/PayPal. Now Chase and Citi ahve been least responsive, so I have resorted to tweaking filters and manual deletions to purge these abundent scams.
Such as:
spoof@ebay.com OR spoof@paypal.com - I forward all eBay or PayPal messages there, and they re responsive to this input.
I once attempted to follow up with such emails by parsing the headers and notifying intermediaries and suposed originators of the abuse, but I found the methods to view the headers to be burdensome and the response to the additional input woeful.
I have since only forwarded the messges with whatever headers I can get at to companies who have been responsive to the "abuse@.com" messages. e.g. eBay/PayPal. Now Chase and Citi ahve been least responsive, so I have resorted to tweaking filters and manual deletions to purge these abundent scams.
I forwarded an email I received to spoof@paypal.com (I knew that the email had originated from PayPal).
They replied stating that their email was a fake!
They replied stating that their email was a fake!
PayPal scam E-mails should be forwarded to spoof@paypal.com.
Ebay fraudulent E-mails should be reported to Ebay through their security center.
Ebay fraudulent E-mails should be reported to Ebay through their security center.
You should report PayPal spoofs to spoof@paypal.com. They will actively work to shut down the site that is sending the phishing emails.
This is probably a good rule of thumb for any spoofing scheme. If you report them to the company that is being spoofed, they have the largest interest in doing something about it.
This is probably a good rule of thumb for any spoofing scheme. If you report them to the company that is being spoofed, they have the largest interest in doing something about it.
I really don't get much unsolicited email but every so often I get something that looks real, but I don't recognize the sender. I would like to open it to see if it is legit, but I'm afraid it will open the gate for more junk email.
Whenever I read a bogus email I seem to get dozens of additional bogus emails immediately thereafter. It takes a few days for the volume of junk mail to die down.
This led me to believe (I know you all will correct this if it is wrong) that just opening a bogus email is a problem. Since I can't read the header without opening the email isn't it too late to discover that it is bogus?
(I only get a half dozen or so junk emails a day - so I consider myself lucky.)
On the other hand if I can safely open the email to see the header I can use the above info to see if the email is legit.
I promise I won't reply or click on a link if it is bogus - so please don't take away my computer.
mike
Whenever I read a bogus email I seem to get dozens of additional bogus emails immediately thereafter. It takes a few days for the volume of junk mail to die down.
This led me to believe (I know you all will correct this if it is wrong) that just opening a bogus email is a problem. Since I can't read the header without opening the email isn't it too late to discover that it is bogus?
(I only get a half dozen or so junk emails a day - so I consider myself lucky.)
On the other hand if I can safely open the email to see the header I can use the above info to see if the email is legit.
I promise I won't reply or click on a link if it is bogus - so please don't take away my computer.
mike
Even Outlook Express and Outlook as bad as they are will refuse to download any graphics and such from emails by default. The reason they do this is because a lot of spammers and the like will use a single pixel graphic with a unique name in the email to identify if you opened the email (this lets them know they have an email address with a human on it). Just make sure your email client is set to not load graphic images by default. Outlook will let you set specific addesses to load that if you have an incoming address that you know is legit.
they can embed graphics IN the email which isn't a problem. If they embed them from external sources it tells the spammer you opened it.
Also the graphics could be one with WMF or jpeg flaws.
I use Eudora at home and set it for text only emails. At work I have to use outlook, but I turn off preview of email if I see spam, then delete it and turn preview back on.
I don't know if I'm being too paranoid. Our baracuda spam appliance blocks email with embedded graphics, or maybe outlook does, as previously said.
Despite very little browsing I still see keyloggers installed sometimes which worries me if could be email.
Trend micro has nice free online scan that finds many things:
http://www.trendmicro.com/spyware-scan/free_spyware_scan.asp
for sites like paypall and ebay, I have my own domain with 'catch-all' I make up email login for each of these (e.g. paypal@mydomain.com or ebay@mydomain.com)
This lets me know immediately, that if I get email from either of these NOT to these email addresses, I can delete them immediately (or foward them to abuse dept)
Also the graphics could be one with WMF or jpeg flaws.
I use Eudora at home and set it for text only emails. At work I have to use outlook, but I turn off preview of email if I see spam, then delete it and turn preview back on.
I don't know if I'm being too paranoid. Our baracuda spam appliance blocks email with embedded graphics, or maybe outlook does, as previously said.
Despite very little browsing I still see keyloggers installed sometimes which worries me if could be email.
Trend micro has nice free online scan that finds many things:
http://www.trendmicro.com/spyware-scan/free_spyware_scan.asp
for sites like paypall and ebay, I have my own domain with 'catch-all' I make up email login for each of these (e.g. paypal@mydomain.com or ebay@mydomain.com)
This lets me know immediately, that if I get email from either of these NOT to these email addresses, I can delete them immediately (or foward them to abuse dept)
I prefer Eudora but stopped upgrading at version 5.1 which unfortunately downloads graphics automatically. I know in later versions you can stop that - you even get a built-in spam filter.
I now use SpamPal to classify my e-mail, anything tagged by SpamPal is filtered into the "spam" mailbox in Eudora which I "always" keep closed.
Every now and then I open the "spam" mailbox, but only after "Stopping all Internet Activity" in ZoneAlarm. I'm happy with SpamPal's accuracy and rarely have false negatives (or positives for that matter).
It should be pointed out that the same results (in stopping the network) can be achieved by unplugging the network cable (or disabling the wireless adapter) before opening the offending spam.
I used to check the headers and look up the originating network (very easy using NirSoft's IPNetInfo) and forward the spam if an abuse address was listed but I've mostly stopped doing that after installing SpamPal.
If you do forward the spam to an abuse address make sure you include the headers. Without those, there's no way for anyone to follow up.
Cheers,
Thorarinn
I now use SpamPal to classify my e-mail, anything tagged by SpamPal is filtered into the "spam" mailbox in Eudora which I "always" keep closed.
Every now and then I open the "spam" mailbox, but only after "Stopping all Internet Activity" in ZoneAlarm. I'm happy with SpamPal's accuracy and rarely have false negatives (or positives for that matter).
It should be pointed out that the same results (in stopping the network) can be achieved by unplugging the network cable (or disabling the wireless adapter) before opening the offending spam.
I used to check the headers and look up the originating network (very easy using NirSoft's IPNetInfo) and forward the spam if an abuse address was listed but I've mostly stopped doing that after installing SpamPal.
If you do forward the spam to an abuse address make sure you include the headers. Without those, there's no way for anyone to follow up.
Cheers,
Thorarinn
All the inbound email protection suggestions are great, but ultimately companies like Ebay, PayPal and Chase could do more to not only protect their OUTBOUND email to the customers, but authenticate it as well. Right now, the guessing game is put on you, the consumer, but it should rest on the shoulders of them, the provider, don't you think?
http://www.essentialsecurity.com/products.htm
http://www.essentialsecurity.com/products.htm
My email reader (poppeeper) will open the emails in text format only, so images, attachments, virus don't work. I can read the mail and if it's valid, by hitting ctrl+1, it will display the html version.
My toaster manufacturer placed a sensor in the toaster to gauge when the toast is ready, based on my preference. They did this because they knew it would be needed. They did not say it was up to me to peek inside and determine if it is ready. They did not set one universal setting for all. And they chose to protect themselves from those well-known "stick a knife in it while it's cooking" hackers.
Seems my toaster gives me all that I want without loss of quality, without annual repayment and without forfeit of personal preferences. Perhaps my toastmaster can teach these email package developers and these Internet providers a thing or two about how to offer toast and cook it too.
Seems my toaster gives me all that I want without loss of quality, without annual repayment and without forfeit of personal preferences. Perhaps my toastmaster can teach these email package developers and these Internet providers a thing or two about how to offer toast and cook it too.
Ah but: your toaster is a single purpose machine - well OK it might toast hot-cross-buns too, but essentially the toaster designers know it will ONLY be used for toast.
Whereas, in the words of the father of modern computer science, Dr Alan Turing, the computer is "a universal machine". So no-one knows what you might wanbt to do with it next.
And, so, to the question of an email client: these days they don't JUST receive and display, write and send, ASCII-based text - they display graphics, text in mark-up languages, play music or video, hold contact lists, mailing lists, whitelists, blacklists, and who-knows-what else.
So, the writer of an email client program has a large number of functional options which s/he must somehow code and then interface with a user. If you, ron_r_a, are such a programmer, would you agree to be told *what* you must do, and *how* it must look to the user ? I bet not. You will do it your own way. And it *must* be different from all other email clients, or you will face accusations of plagiarism, and copyright and intellectual property issues.
I am not defending bad design or unreliable coding - I am simply saying that flexibility breeds complexity and simplicity limits scope.
Kenneth Spencer
Whereas, in the words of the father of modern computer science, Dr Alan Turing, the computer is "a universal machine". So no-one knows what you might wanbt to do with it next.
And, so, to the question of an email client: these days they don't JUST receive and display, write and send, ASCII-based text - they display graphics, text in mark-up languages, play music or video, hold contact lists, mailing lists, whitelists, blacklists, and who-knows-what else.
So, the writer of an email client program has a large number of functional options which s/he must somehow code and then interface with a user. If you, ron_r_a, are such a programmer, would you agree to be told *what* you must do, and *how* it must look to the user ? I bet not. You will do it your own way. And it *must* be different from all other email clients, or you will face accusations of plagiarism, and copyright and intellectual property issues.
I am not defending bad design or unreliable coding - I am simply saying that flexibility breeds complexity and simplicity limits scope.
Kenneth Spencer
eBay advertises that they never send e-mail to a client without placing a copy in your secure eBay mail folder. Therefore, the safest way to check mail from eBay is to log in (NOT using any hyperlink from an e-mail message) and check there.
If you regularly log into eBay anyway, just set up a filter to delete anything that says it is from eBay.
I don't know if the same is true for PayPal.
If you regularly log into eBay anyway, just set up a filter to delete anything that says it is from eBay.
I don't know if the same is true for PayPal.
I read that eBay never sends e-mail to a client without placing a copy in your secure eBay mail folder. Therefore, the safest way to check mail from eBay is to log in (NOT using any hyperlink from an e-mail message) and check there.
If you regularly log into eBay anyway, just set up a filter to delete anything that says it is from eBay.
I don't know if the same is true for PayPal.
If you regularly log into eBay anyway, just set up a filter to delete anything that says it is from eBay.
I don't know if the same is true for PayPal.
Great tip Dave. Last month I got quite a few of those eBay emails and I checked out the headers and it took me to a Bulgarian site.
I believe that phishing emails are the most dangerous emails that an unaware user can receive. They have the potential to disrupt your personal/financial life if you fall for it.
More of my thoughts: Anatomy of a Phishing Scam
I believe that phishing emails are the most dangerous emails that an unaware user can receive. They have the potential to disrupt your personal/financial life if you fall for it.
More of my thoughts: Anatomy of a Phishing Scam
My suggestion - http://smart-ip.net/trace-email
It analyzes an email header and gives a conclusion about message origin in a seconds.
It analyzes an email header and gives a conclusion about message origin in a seconds.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
