'Spam Spotter Rules: It’s the bit before the .com that counts' blog discussion

Former_MSE_Penelope

This is the discussion to link on the back of Martin's blog. Please read the blog first, as this discussion follows it.

Read Martin's "Spam Spotter Rules: It’s the bit before the .com that counts" Blog.

Please click reply to discuss below.

Kenarf

All excellent stuff. I always used to think spam distinguished itself by bad grammar/spelling and usually without the polish of the sites it was spoofing - until I got an eBay notice that looked superficially perfect. Warning signs (apart from the unlikely links as Martin explains) were that I was addressed as a customer, not by username as eBay would, and that I had no knowledge of the transaction described. So I forwarded it to [EMAIL="spoof@ebay.co.uk"]spoof@ebay.co.uk[/EMAIL] Hallmark have also been spoofed fairly convincingly.

What's the Latin for 'Let the Internet User beware' ?

albinohawk

Thought I would share my spam strategy.

I tend to treat all mail with suspicion (guilty until proven innocent), operating on the principle that until verified its a stranger telling you to do something. Obviously there are different ways of verifying - friends talking about things you know, emails requested from forum. Anything with links to finance stuff sets off alarm bells in my head.

I also have 3 levels of email addresses. One with my handle for anyone and anything such as forum sign ups etc. A more businesslike one for shopping and banks etc, and a personal one just for friends. It keeps my personal one pretty clear and I know i can trust those emails a little more.

Finally I use Thunderbird which has a great bayesian spam filter in it and makes it very easy to tag spam. I also have an extension that moves tagged spam into a Spam folder and adds a delete all spam button. That means I only have to run my eye down a list of say 10 potential spam emails before more often than not hitting delete all.

Hope that helps

albinohawk

Related to Kenarf's post, has anyone had any really sneaky or intelligent spam before?

I've had a few, but one that stands out for me is an email forward I received about a company that was recently in the news for their plans to connect advertisers to mobile users.

The original email refered to a genuine BBC news story about the company, spread appropriate FUD and encouraged you to sign up your number to be ex-directory at the company's website. This email, had been forwarded through a whole chain of well-meaning people, but strangely was missing the From header (the only one in the whole chain that did).

I almost put my mobile number in before thinking to myself, "hold on, only friends have my number and i've never had any problem with mobile spam before, lets just see how this goes first and if theres a problem deal with it then...".

I'm probably being too paranoid, but what if that original email was sent out by the same company? After all their business model relies on mobile numbers, which is exactly what people are voluntarily submitting, and anyone that peddles customer data doesnt exactly have your best interests at heart. Super-tricky if so!

Cheers

segarrett

I'm delighted to see this, so many internet users don't understand this. The problem is how to get them to read and inwardly digest. The ones who really needed to read this are the least likely to. Similar important points are: don't use the same password for every account you own (this is a whole topic in its own right) and don't enter credit card details unless the site is secure.

20000RPM

Apart from the excellent advice above, I'd like to add a point to Martin's original post.

1. Don't rely on the status bar (the bar that's often at the bottom of the browser window) to genuinely show where a link is pointing to, as it's easy to make it say whatever you like.

2. Even if the link in the status bar is a genuine one, that doesn't mean that's where you will go if you click on it. It's also very easy to add a script to the link that will take you elsewhere when it's clicked on.

On another topic, the 'Verified by Visa' and Masterdard schemes are terrible in my view: they are training people to enter their credit card details into a frame that pops up on a site yet doesn't originate there. A phisher's dream.

BobbinAlong

Its exactly why I'm reluctant to give my un-computer literate other half email as he's bound to click on something bad.

I'm a web and database software developer and use Mailwasher (free software) to preview the full headers and decoded links.

The nastiest one I've seen purported to come from my mailbox provider at one of the domains I have an email address with and claimed I needed to click on a link to upgrade my mailbox settings.
Being one of the two people who manages the domain and administers the mailboxes at the site I think I'd know about an upgrade!

Paul_Varjak

20000RPM has stated that you cannot rely on the web address shown in the status bar when you hover over a link because it is possible to write a script then send you to another web address.

I think it is also then possible to make the letters in the address bar look different to the characters than they actually represent and so send the unsuspecting 'customer' off to a website that looks completely genuine (right down the the web address seen in the address bar).

That is why it is best not to use links - type the web address manually into the address bar - making sure (of course) you do not mispell it yourself and take yourself off to a fraudulent website!!!!!

Of course, you should always use the latest version of your preferred browser, install updates for that browser and ensure any anti-phishing filter is always turned ON!

Personally, I find the spam filter in GMail excellent but I don't like to leave messages on someone else's server - thousands of Hotmail and GMail accounts were hacked a few months ago. But you must still not assume that every e-mail in your inbox is genuine!

It is good to see that GMail accounts now send (by default) encrypted messages over the internet - thought I don't think messages are encrypted when sitting on the GMail server. Hotmail, on the other hand, does not (by default) have even an encrypted login procedure for their web-based access - that is an open invitation to any internet thief at a free wirless hotspot!

jenniewb

Thanks- for all the fantastic advice, I tend to think I am too careful sometimes and just have everything down as spam or phishing, I was even thrown by paypal and oneclick (apple itunes) when I started getting reciepts from them and went to the relevent sites to report them as phising scams!

I now can see what to look for in a fake link- that second part of the article was great, thanks!

I also have several email addresses, each designed for different needs (and also as some have names you wouldn't want included on a job CV!)

bluekat

I'd just like to add what we use here as an anti spam defence! We use Mozilla Firefox as our browser (it's also safer than virus laden Internet Explorer) which has 'add-ons' making it customisable. One add-on that is particularly useful is 'Cool Previews'. When you hover over a link a small magnifying glass icon appears, and when you move the mouse and hover over that, it opens a small window and shows you the page you're about to click onto. This way you can quickly determine if it's the right page you're after. Particularly useful from search engines as you can check for missing links, spam or simply the right information. Hope this helps??

waygood

When reading emails from people I dont know OR content that looks suspicious, rather than clicking on a link, I do the following.

1. Right click on the link
2. Copy Shortcut
3. Paste it into the URL bar of a web browser (dont click GO or press ENTER)
4. Compare the URL to the website its supposed to be for
5. Close the browser

So I never have to actually visit the website to find out if its a spam link.