Tim:
>> I think he means:
>> 1. Look at the lines up to and including the next received line.
>> 2. Repeat the process, upwards.
>> 3. Otherwise, stop looking any further, it's spam.
Bill:
> Parse Error! My mind incorrectly parsed what Tony said.
I didn't find the language too clear, either. But knowing how to read
email headers, I took a crack at decoding what he wrote.
> I've known for some time that
> - messages from most countries other than my home country,
> - messages claiming I'm in legal trouble, tax trouble, etc.,
> - messages asking for crypto-currency, gift cards, and other hard or
> impossible to trace payment, and
> - threatening messages
> are almost certainly malicious and should not be responded to
Here, in Australia, you can almost guarantee that you won't get
official mail about being in trouble. Legal, tax, debts, whatever will
be harassing you with phone calls, letters on paper, and pounding on
your front door. The phone calls are the hardest to tell if they're
legit, because they come from overseas call centres with bad English,
fake or no caller ID, the same as the nuisance calls.
You can't win a lottery you didn't enter, and although a friend could
buy a ticket for you, you'll probably find out about that from them,
and no legit lottery asks you to do dodgy things for your prize.
Gift cards will be a hard one to figure out, too. You might be
subscribed to something that gives you a special offer, but they don't
do it themselves, they've employed a third party. I usually avoid
special offers, anyway. You get some 20% off if you spend some $200
that you weren't going to spend in the first place. You save more
money by not buying anything. And you avoid further spam.
If I have a shop ask me for an email for warranty reasons, I hedge on
giving them anything. Though with today's vanishing invisible ink cash
register receipts, it may be a good idea with large purchases. I'll
give them an already public address, or special different address which
I can track who gave it away.
e.g. Some mail servers let you tag +word to your username, and they'll
deliver it to your normal address.
tim+fridge@xxxxxxxxxxx
tim+furniture@xxxxxxxxxxx
tim+insurance@xxxxxxxxxxx
All of them would be delivered to tim@xxxxxxxxxxx. If I receive some
spam from one of those addresses, I'll know exactly who sold my email
address. You could send them the bill for your email filtering
software/service.
I've virtually given up on reporting things. There's so many gazillion
spams and scams they can't get policed. Any time I've traced some bank
scam report, I can see that it's already been reported many times.
That's no surprise, with the sheer numbers of people they've spammed.
And I've found that when you make some reports, they contact the
miscreant *with* your complaint, including your details, and you get
more crap from the miscreant.
There are so many things that harvest contact details, if you make a
post in public you can almost guarantee that someone has copied the
address. Hence why I post on here from an auto-deleting mailbox.
Anybody can send an email with a "from" address stating whatever they
type into it. Although some servers verify that, by requiring you to
log in before sending, so spammers cannot post through them, not all
do. And some servers can refuse reception of unverified mail, or mail
from domains that have not gone through that domain's mail server.
e.g. Gmail will check a message that says it was posted from a yahoo
address, to see if it passed through the yahoo mail servers, and check
that the yahoo mail servers verified it.
It's the same kind of thing with nuisance calls. Your number is
harvested from somewhere, it gets sold to call centres. It could be
from some company you gave details to, it could be from an app on your
phone that copies all your stored contacts (including friends who've
given you their unlisted number). And you have call centres which hide
their caller ID, or write fake numbers into it (hoping to get past
people who don't answer anonymous calls). If the phone companies
refused to connect calls with faked numbers, we'd be a lot better off.
I get a lot of nuisance calls that have ridiculously long numbers, or
from numbers belonging to disconnected services. The phone system is
computerised, you can't convince me that they can't verify a number
before making the connection. Nor that they can't identify a call
centre from the huge volume of traffic coming from it, the mass of
wrong numbers, the calls that get answered for a few seconds and then
hungup on. ISPs have been doing firewalling and spam filtering for
years, it's about time the phone companies did, too.
> I realize there is no perfect solution or 100% safety. But for the
> benefit of others as well as myself, I'm following up on this. When
> I do as Tony and Tim suggest, what am I looking for that would be a
> red flag the the message is (probably) bad, or would be a green flag
> that the message is (probably) genuine and safe?
I find that most spam has a stupid "from" address, often another
completely unrelated "reply-to" address. If you see an address that's
almost like a real one, be suspicious (slightly different spelling,
extra words, extra punctuation). Any mail addressed as coming from you
that *you* didn't type, is spam.
If you get an email that purports to advertise a new thing from your
bank, visit your bank website, and see if they advertise the same
thing. Don't click a link in the email, even avoid googling the
address for your bank. Hand-type the actual address for your bank in
your browser, then bookmark it for future reference. There's plenty of
website scams which have used an address that's just one letter
different from a real address.
Switch off features in your mail client which change how it displays
addresses in the viewer. Have it show addresses exactly how they were
typed in the message. Don't let it pick out the real names from your
address book, then use them, instead. Don't let it hide the email
address to just show the username.
If you can configure your mail program to show a few more headers above
the message, get it to include displaying the reply-to header. You can
even get it to show the mailer header (mine will show I'm using
Evolution, and occasionally Thunderbird). You'll eventually remember
what you're friends use, and spot some weird spam program as being
different, unusual, or missing.
Anti-spam filtering programs can add headers, you can have their spam
score displayed, too. Some will munge extra stuff in the subject, but
it *may* be more convenient to view the information separately.
If your mail program has a status bar, don't turn it off. Usually,
they'll reveal the addresses of links in the page if you hover the
mouse over the link without clicking on it. It's common for spammers
to try an obscure the address in various ways. One way is with HTML
mail, they'll write an address in the text that appears on the page,
but it's a link to some other address.
e.g. In HTML links are constructed with code like this:
<a href="address">text</a>
The link uses the address in the HREF= data, but displays whatever is
between the > </a> portion. That's how webpages work.
e.g. <a href="homepage">visit the homepage</a>
<a href="http://google.com/";>use Google</a>
But if some bastard writes:
<a href="http://scam.example.com";>www.google.com</a>
You'll *see* the google address written in the page, but the link will
take you to the scam address. If you have the status bar visible on
your program, hovering over the link without clicking on it will show
you where the link would take you, without actually going to it.
One day someone might think to create a plug-in that checks links with
two different addresses in such links, and red flags them.
Some people sign their posts so the recipients can check that *they*
were the author. You can do that, too.
--
[tim@localhost ~]$ uname -rsvp
Linux 5.0.16-100.fc28.x86_64 #1 SMP Tue May 14 18:22:28 UTC 2019 x86_64
Boilerplate: All mail to my mailbox is automatically deleted.
There is no point trying to privately email me, I only get to see
the messages posted to the mailing list.
- Mwuu haha haaaaa haaaa, soon the world will be mine!
- Sir, you've got to take your finger off the intercom button.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
