-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cyber Security Tip ST04-008
Benefits of BCC
Although in many situations it may be appropriate to list email recipients
in the To: or CC: fields, sometimes using the BCC: field may be the most
desirable option.
What is BCC?
BCC, which stands for blind carbon copy, allows you to hide recipients in
email messages. Addresses in the To: field and the CC: (carbon copy) field
appear in messages, but users cannot see addresses of anyone you included in
the BCC: field.
Why would you want to use BCC?
There are a few main reasons for using BCC:
* Privacy - Sometimes it's beneficial, even necessary, for you to let
recipients know who else is receiving your email message. However, there
may be instances when you want to send the same message to multiple
recipients without letting them know who else is receiving the message.
If you are sending email on behalf of a business or organization, it may
be especially important to keep lists of clients, members, or associates
confidential. You may also want to avoid listing an internal email
address on a message being sent to external recipients.
Another point to remember is that if any of the recipients use the
"reply to all" feature to reply to your messages, all of the recipients
listed in the To: and CC: fields will receive the reply. If there is
potential for a response that is not appropriate for all recipients,
consider using BCC.
* Tracking - Maybe you want to access or archive the email message you are
sending at another email account. Or maybe you want to make someone,
such as a supervisor or team member, aware of the email without actually
involving them in the exchange. BCC allows you to accomplish these goals
without advertising that you are doing it.
* Respect for your recipients - People often forward email messages
without removing the addresses of previous recipients. As a result,
messages that are repeatedly sent to many recipients may contain long
lists of email addresses. Spammers and email-borne viruses may collect
and target those addresses.
To reduce the risk, encourage people who forward messages to you to use
BCC so that your email address is less likely to appear in other
people's inboxes and be susceptible to being harvested. To avoid
becoming part of the problem, in addition to using BCC if you forward
messages, take time to remove all existing email addresses within the
message. The additional benefit is that the people you're sending the
message to will appreciate not having to scroll through large sections
of irrelevant information to get to the actual message.
How do you BCC an email message?
Most email clients have the option to BCC listed a few lines below the To:
field. However, sometimes it is a separate option that is not listed by
default. If you cannot locate it, check the help menu or the software's
documentation.
If you want to BCC all recipients and your email client will not send a
message without something in the To: field, consider using your own email
address in that field. In addition to hiding the identity of other
recipients, this option will enable you to confirm that the message was sent
successfully.
_________________________________________________________________
Authors: Mindi McDowell, Allen Householder
_________________________________________________________________
Produced 2004 by US-CERT, a government organization.
Last updated August 12, 2009
Note: This tip was previously published and is being
re-distributed to increase awareness.
Terms of use
http//www.us-cert.gov/legal.html
This document can also be found at
http//www.us-cert.gov/cas/tips/ST04-008.html
For instructions on subscribing to or unsubscribing from this
mailing list, visit http://www.us-cert.gov/cas/signup.html.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSoQi83IHljM+H4irAQLG9wgArpc9EDSPApVvytgLDT0wAwiHiedH0aWi
mcojWvSI2CVnJokPmnFIhrEEOw30NuZkG/CYqg3W/zr0BmJYrWUh+yC+13wo1i1r
Lsk5nSaFyY/h8UN02TwSLYOOuj0Kj/JeZn+uDTK1eYYZDM97gwdPQbfUMBqO5+qS
uoKwE5pdZL4f53eqplSAZN93U32FCzXNru/b0pCETVXfDO0ZZtWMvaE2ElvzWGdq
VTna/FbBcnDM3Zo1M+Amxv4akt44CxEmW80NQqWvxjVw8mx6mPq7K7+MTA3A2Drc
h4JX3F1vyiXuiEBFWpAUv2va1mZMz5qqDfiEpzvQM/YprlGfPEiVUg==
=P/Gi
-----END PGP SIGNATURE-----
