Yeshiva World News


The Flatbush Scoop
The Borpark Scoop
The Monsey Scoop
The Catskills Scoop

YWN Coffee Room » Litoeles H'rabim!

Email security tip

(8 posts)
  • Started 5 months ago by HaLeiVi
  • Latest reply from chocandpatience

Tags:

No tags yet.

  1. HaLeiVi
    HaLeiVi is Supposedly not Joseph

    There are many spoof emails out there immitating large corporations at which the target will most likely have an account. The From of the address tells you absolutely nothing about where it actually originated. Anyone can send an email with anyone else's name in the From field.

    The only real way to tell is the links in the email. BUT, the link you are shown is not necessarily the actual underlying link. You also have to watch out for a similar but different URL.

    Now, here is something important to understand. Many sites have subdomains. A subdomain is subdomain.maindomain.com. The trick is to understand that the part that comes before the .com is the main site. What comes before that is just categories on the main site. For example: checkout.paypal.com, if that exists, is a page or folder on paypal's site. However, paypal.hkjvg.com is most likely a hacker trying to fool you. The site is hkjvg and paypal.hkjvg is a page he set up to get you to enter all your paypal information for him to binge.

    If an email is suspicious, you are better off not even openning it because when you do, it will verify you as a real address. It does this by having a picture in the email with a unique file name just for you. When your email program picks up the picture your address is verified, hereby making you a steady and valuable customer. Online email will often not show or pickup tese pictures.

    Posted 5 months ago #

  2. real-brisker
    Now that's Brisk, Baby!

    HaLeiVi - Thanks.

    Posted 5 months ago #

  3. 2scents
    Mint and Raspberry

    Thanks.

    I keep getting these emails, mostly from large companies that I deal with, never opened any of them, for some reason they didnt look right. thanks for explaining it.

    Posted 5 months ago #

  4. chocandpatience
    Member

    HaLeivi: can you explain your last para some more - didn't get it.

    Posted 5 months ago #

  5. aries2756
    Smartness runs in my family.

    Here is another little tidbit I just found out. If you take pictures on your cellphone and then email them they can be traced to the location where the photo was taken if your phone has gps capabilities. It is important to go into your setting on the phone and disable the gps for the camera before taking pictures so there is no location information attached to the photo encryption.

    Posted 5 months ago #

  6. HaLeiVi
    HaLeiVi is Supposedly not Joseph

    Choc, perhaps some background information will help understand. Some web pages are ready-made files sent to your browser upon request and some are created anew for each visit. The latter is called a dynamic web page.

    The pages on this site are obviously dynamic, since a change on a user is reflected even in old, closed threads, and your pre-moderated posts are seen only to you. That means that the server writes out the page every time you visit.

    Many times the page gets additional information from you, and based on that it gives you different content. When you submit any form your browser requests a page and sends along the information you just filled out. Sometimes that information is added to the URL as ?firstname=Moishe&lastname=Kapoya.

    Not only can web pages be dynamic but pictures can be, too. Many times the picture's source is a page that creates the picture based on the "?..."

    So if I want to verify which emails that I sent to are real I add a picture reference in the email that has extra information, other than just the filename. That information will be a code that is unique for your email. In that case the server, upon getting tht picture request, registers your email and proceeds to send (unsuspecting) you the picture.

    Posted 5 months ago #

  7. Jothar
    F.M.C.R.S. and occasional creator of chaos.

    For those who use internet email, or whose default browser is firefox or chrome, I recommend the web of trust extension, which is faster to block phishing websites than Mcafee SiteAdvisor or opendns anti-phishing protection.

    Posted 5 months ago #

  8. chocandpatience
    Member

    haleivi: thanks, got it now

    Posted 5 months ago #

RSS feed for this topic

Reply

You must log in to post.

Advertisement Options  |  Contact YW  |  In the News  |  Policy  |  Login/Register  |  RSS
Copyright 2012; All rights reserved.                       Website design and development by Duvys Media