strange e-mail

[ERD50]

Good recommendation, but AFAIK in some popular email programs, such as Thunderbird, it ( previewing) cannot be disabled.

I use Thunderbird, and I definitively have it disabled.

I wouldn't use an email program that didn't allow preview disabling.

-ERD50

 

[GrayHare]

I use Thunderbird, and I definitively have it disabled.

I wouldn't use an email program that didn't allow preview disabling.

-ERD50

How is the preview setting changed in Thunderbird? I never could find the answer online.

 

[ERD50]

How is the preview setting changed in Thunderbird? I never could find the answer online.

Privacy basics (Thunderbird - MozillaZine Knowledge Base)

Thunderbird 2.0 and later versions block all remote images by default. You can display remote images whenever you read a message from a specific sender by clicking on "Always load remote images from ..." in the e-mail message, as shown below:

Doing this adds an entry to the address book that has the "Allow remote content" option ...

So there really isn't a setting to change, it is just "ON" by default operation. You disable on a case-by-case basis, which I have never done. I'm not convinced that a bad guy couldn't appear as the 'allowed' email address, and trick me that way. It's just a click to allow the images, once I've done some basic checking that it is authentic (like Amazon will address me by my account name, which a bad guy would not know).

-ERD50

 

[DoingHomework]

I have had a lot of fun over the years "scam baiting." Basically what we do is lead these scammers on and get them to either jump through hoops or do things that cost them real money. These guys inevitably need a bank account to receive money and often want to talk on the phone so they need a calling card. Most of them have to pay for internet access as well so the longer you string them along the more they pay.

I DO NOT RECOMMEND ANYONE TRY BAITING unless you know a lot about what you are doing and how to keep your cover. My cover identity bears no resemblance to what I use elsewhere online. There are people with very sophisticated phone systems and so forth set up that are very convincing, all in the name of doing something good.

But after doing this for years I'll offer some suggestions and comments on what has been said in this thread.

At this point (as others have said) you need a new address. Spam filters will help, and as others said, they spammers constantly change the send address, filtering that will provide almost no relief.

You do need a new address. A lot of people disparage "free" addresses like google or yahoo. I wouldn't have anything else. "Real" addresses are easily spoofed and once you have them you try not to change them. Basically, get a yahoo or google address and change it every few months if you really want to avoid spam.

I've mentioned this before, and I didn't believe it at first, but it is true and it helps:

Just opening an email can verify to the sender that you are a valid email address and a 'real live' person. With that information, I think your email address becomes 'hot property' and gets sold to a gadzillion other spammers.

What to do: Disable any sort of 'automatic preview' of images in emails.

How this works: The bad guys send a billion emails out with embedded images. Those images are displayed by linking to the image on their web server. Every email gets a different randomly generated number attached to that image, and they keep a database of image #'s versus email addresses. So when their site gets a request from that number, they know you actually opened the email. You have just become a target. Did you see the laser beam on your forehead?

So disable previewing. Now.

What you said is absolutely true. But it does not even take previewing these days. It is possible to tell if an email has reached the addressee and not been opened. That means a scammer can tell if an address is valid even if you don't open it.

The "no preview" advice though is good to avoid some viruses and such though.

Oh, the other thing - do people forward you jokes, or political 'hot-button' stuff, or heart-rendering stories, and such and they get forwarded? Unless they did a 'blind CC'; your email address is on that list. Spammers intercept them along the way, and there you are.

If anyone forwards me one of those, 'IMPORTANT: forward to everyone you know', they get an earful from me, and I make 'em clean the cobwebs out of my attic and scrub my septic tank until it shines, while I pour molasses and red ants on them, stick ear-buds in 'em playing 'Honey' by Bobby Goldsboro non-stop. Haven't gotten one in years.

It doesn't make any difference that YOU didn't forward it - other people are forwarding it and it has your address on it. That's all it takes.

-ERD50

Also good advice. But scammers can fairly easily intercept emails being sent on a grand scale to harvest email addresses. Forwarding a joke is just the tip of the iceberg. If you check your mail at a wifi site or have wifi at home you could be vulnerable even if your passwords are encrypted.

But the biggest source of spam is from things you sign or sign up for online. Any newsletter, comment you make, etc. exposes you. Most forums like this are safe because your email address is not exposed. But a surprising number of blog sites and so forth are weak and allow the email address out.

Just like fishing, baiting means laying something out there for the scammers to latch onto. This usually means posting using a new email address to various forums and waiting a few days for the lure to be taken. So, as you can imagine, an innocent comment on a similar blog could easily make you a target.

Ignoring these is best. I would not even bother sending them to a spam folder because the email address is unlikely to be used again. These guys change on a weekly basis if not more often. Beside being annoying they aren't very serious if you don't open them or any attachments. And, ALWAYS have up-to-date anti-virus software running!

 

[tryan]

These creatures have been pretty clever ... my tenant was hit. Wiring 3k to to the UK.

The scam took about 2 weeks to play out. She believed she was "employeed" to check Walmarts for clean conditions. The scammer then overpays her by 3k and insists on the money being wired back immediatly.

Of course the check bounces a couple days later and her wire has gone thru. The bank pursues fraud charges against my tenant when her account goes "insufficient funds" ... figuring she's in on the scam. She negotiated monthly payments in the face of jail time.

Yes, the rent was late that month. Yes, she's not the sharpest tool in the shed.

Just to add insult to injury, the scammers phoned her from a resort (she paid for thier vacation) taunting her.

KUDOS to DoingHomework for helping run these guys out of business!

 

[ERD50]

I have had a lot of fun over the years "scam baiting." ...

I DO NOT RECOMMEND ANYONE TRY BAITING unless you know a lot about what you are doing and how to keep your cover. My cover identity bears no resemblance to what I use elsewhere online. There are people with very sophisticated phone systems and so forth set up that are very convincing, all in the name of doing something good.

Fascinating. I really have no specific expertise in this area, just passing along the tidbits I've learned (and that I believe to be true after some checking), so I would never try to do any 'scam baiting', but it's fun to watch


RE - images with unique IDs in emails:

What you said is absolutely true. But it does not even take previewing these days. It is possible to tell if an email has reached the addressee and not been opened. That means a scammer can tell if an address is valid even if you don't open it.

The "no preview" advice though is good to avoid some viruses and such though.

Interesting, can you explain how they can tell if it reached the addressee? From some bounce/error message? But that doesn't tell that the user opened it (which would be more valuable to scammers, I would think)

But the biggest source of spam is from things you sign or sign up for online. Any newsletter, comment you make, etc. exposes you. Most forums like this are safe because your email address is not exposed.

Yes, like er.org, most places don't expose your email address. But I was in for a surprise a few years back, I assumed that at one site, and was shocked to see my address appear in the post. Never posted there again. And I suspect that was the source of some spam I got later, that was somewhat related to the topic.

Ignoring these is best. I would not even bother sending them to a spam folder because the email address is unlikely to be used again.

Yes, I just hit delete, the source address and form of the spam I do get (not that much, probably less than one a day?) varies. I suppose the duplicate types ar caught by the ISP spam filters.

These creatures have been pretty clever ... my tenant was hit. Wiring 3k to to the UK.

... The scammer then overpays her by 3k and insists on the money being wired back immediatly.

Of course the check bounces a couple days later and her wire has gone thru. The banks pursue fraud against my tenant when her account goes "insufficient funds" ... figuring she's in on the scam.

Yes, SIL got this scam attempt when she put something on Craigslist - they offer you full price and want to send a cashier's check, but that check will be more than the total amount (to cover other expenses, like shipping), then they will ask you to send a check for the overage. Delete.

Just to add insult to injury, the scammers phoned her from a resort (she paid for thier vacation) taunting her.

That's really bold, stupid, and a little funny in a twisted way.

-ERD50