Damaged Gmails ?
Thread Starter
Damaged Gmails ?
Missing an e-mail that may have got sent to a Gmail address of mine, looked in Gmail Spam and there is a message from "Google" ??? that says I have 4 damaged e-mails, and inviting me to "Open the e-mails".
I'm suspicious and reluctant to. Am I being paranoid ?
I'm suspicious and reluctant to. Am I being paranoid ?
Join Date: Feb 2001
Location: In transit
Age: 70
Posts: 3,052
Likes: 0
Received 0 Likes
on
0 Posts
They are 'phishing' emails. Many variants around, also using LinkedIn, Faecesbook, etc. Referring to lost/damaged/recovered/new messages.
For example :
For example :
LinkedIn
From: Support Notification
Subject: There's a new message
http:// samochodwkredycie.pl/ wp-content/ themes/ liomagazine/ overemphasized.php?fredsmith
From: Support Notification
Subject: There's a new message
http:// samochodwkredycie.pl/ wp-content/ themes/ liomagazine/ overemphasized.php?fredsmith
ExSp33db1rd,
With these kind of suspicious emails, the key is to check the From and/or the Reply To addresses. How you do that depends on which email program you are using.
Bonafide emails from Google will always be from the google.com or gmail.com domains. Fake emails may include the words google or gmail in the address, but the domain will be different. Often, as capetonian posted above, the link in the email is to a completely different domain.
With these kind of suspicious emails, the key is to check the From and/or the Reply To addresses. How you do that depends on which email program you are using.
Bonafide emails from Google will always be from the google.com or gmail.com domains. Fake emails may include the words google or gmail in the address, but the domain will be different. Often, as capetonian posted above, the link in the email is to a completely different domain.
Moral of the story - never open anything suspicious. Check the sender's address and if it looks sus then it probably is. 'HSBC' are spamming atm claiming I've done too many login attempts. 'Click here to reset your password' Considering I don't have an HSBC account.........
Join Date: Aug 2002
Location: Earth
Posts: 3,663
Likes: 0
Received 0 Likes
on
0 Posts
Bonafide emails from Google will always be from the google.com or gmail.com domains. Fake emails may include.....
For the absolute avoidance of doubt and clarification, simply looking at email addresses or domain names IS NOT the way to tell if an email is kosher.
"From" addresses can be forged .... incredibly easily, and with no special software, coding or "hacking" required.
So as far as "from" addresses go, to paraphrase Mr Starr's song .... "FROM! What is it good for? Absolutely nothin'!"
In order to correctly evaluate the authenticity of an email, the ONLY way to look at the email source and go through the full raw email headers.
And finally, as has already been mentioned, even if the email looks Kosher based on raw headers, but contains an unexpected attachment, or a link to a security-sensitive function ... you should be weary and get in touch with the sender before proceeding further.
"From" address
"From" addresses can be forged .... incredibly easily, and with no special software, coding or "hacking" required.
The analogy I like is - It is just like putting the "wrong" return address on the back of an envelope. Anyone can do it.
Join Date: Dec 2007
Location: Yate
Posts: 8
Likes: 0
Received 0 Likes
on
0 Posts
I am not familiar with the various computer e-mail programs. However, from my own experience (reading e-mails with thunderbird) many of this type of 'phishing' e-mail contains Hyperlinks. If I hover my cursor over these links details appear in the bottom left of my screen telling me the address of the link connection. This is usually a complicated address which I do not recognise. I then conclude that the e-mail is phishing and discard it.
I use the simplest solution. I delete them all, and only ever click on expected attachments from known senders. Even some mail from the known senders is deleted.
As a friend of mine says, "If it is important, they can always call you". The UK to NZ call charge from the discounters is only 1p/min.
As a friend of mine says, "If it is important, they can always call you". The UK to NZ call charge from the discounters is only 1p/min.
Join Date: Aug 2012
Location: Toronto
Posts: 297
Likes: 0
Received 0 Likes
on
0 Posts
they are scams for certain. I get them every so often.
first clue is that they end up in the spam filter, why would google filetr its own emails?
second clue is when I look at them in the spam filter google warns me "we couldn't verify that this email was sent by <random domain>", so not sent by google then.
I can see how people could be fooled though
first clue is that they end up in the spam filter, why would google filetr its own emails?
second clue is when I look at them in the spam filter google warns me "we couldn't verify that this email was sent by <random domain>", so not sent by google then.
I can see how people could be fooled though
Official PPRuNe Chaplain
Join Date: Apr 2001
Location: Witnesham, Suffolk
Age: 80
Posts: 3,498
Likes: 0
Received 0 Likes
on
0 Posts
In Gmail, you can look at the message body in its "original" form, and see the trail of where it came from. Sometimes, curiosity leads me to do that. Gmail's spam and phishing filters look to be pretty good.
The simple rule is that your bank will not e-mail you a form to fill in, and certainly won't ask for passwords etc in one.
As others have said, any e-mail you weren't expecting, with an attachment, needs caution. Most competent anti-virus software catches them anyway.
The simple rule is that your bank will not e-mail you a form to fill in, and certainly won't ask for passwords etc in one.
As others have said, any e-mail you weren't expecting, with an attachment, needs caution. Most competent anti-virus software catches them anyway.
Join Date: Aug 2002
Location: Earth
Posts: 3,663
Likes: 0
Received 0 Likes
on
0 Posts
Gmail's spam and phishing filters look to be pretty good.
Join Date: Aug 2002
Location: Earth
Posts: 3,663
Likes: 0
Received 0 Likes
on
0 Posts
The simple rule is that your bank will not e-mail you a form to fill in, and certainly won't ask for passwords etc in one.
The risk of interception and falling foul of the regulator and data protection means they hardly send anything more than a generic message about anything these days.
Which is a good thing in my opinion.
Join Date: Feb 2001
Location: In transit
Age: 70
Posts: 3,052
Likes: 0
Received 0 Likes
on
0 Posts
Genuine email from the bank :
They will never ask you to click on a link in an email. Also the scams usually say :
Dear Customer
or
Hello
added too witch the apaling english and Spelling is usually a bit of a clew!
Just to let you know that your latest statement for account ending 913 is available. Log into Online Banking at natwestinternational.com then select Statements.
Don't forget to check your transactions regularly and please remember we'll never ask you for your PIN and password by email.
Don't forget to check your transactions regularly and please remember we'll never ask you for your PIN and password by email.
Dear Customer
or
Hello
added too witch the apaling english and Spelling is usually a bit of a clew!
Plastic PPRuNer
""From" addresses can be forged .... incredibly easily, and with no special software, coding or "hacking" required."
"In order to correctly evaluate the authenticity of an email, the ONLY way to look at the email source and go through the full raw email headers."
Correct. If it is spam or malware there will be a clue in there somewhere.
Mac
And I find Mailwasher - MailWasher Pro - Superior anti spam filter software | Firetrust - invaluable for deleting crap on the mailserver before it hits your computer.
(Mix - please don't let us start that argument again - please)
"In order to correctly evaluate the authenticity of an email, the ONLY way to look at the email source and go through the full raw email headers."
Correct. If it is spam or malware there will be a clue in there somewhere.
Mac
And I find Mailwasher - MailWasher Pro - Superior anti spam filter software | Firetrust - invaluable for deleting crap on the mailserver before it hits your computer.
(Mix - please don't let us start that argument again - please)
Did anyone had to change their Gmail password over the weekend? I tried to log on several times on Friday night- Saturday morning and I got an answer of wrong password. I had to change it, but then on Sunday I inserted the previous one as a test, and I was told it was the correct but old one.
Anyone with similar experience?
Rwy in sight
Anyone with similar experience?
Rwy in sight
Join Date: Aug 2002
Location: Earth
Posts: 3,663
Likes: 0
Received 0 Likes
on
0 Posts
(Mix - please don't let us start that argument again - please)
Fair enough, I'll watch you suffer in silence, but I feel to compelled to point out to others that if they are facing anti-spam issues, then that's something they should point out to their mail provider (or change mail providers) because filtering is best done upstream.
By the time it reaches your Inbox its too late, the goal is to exterminate it before it uses disk space (server or your desktop) and before you have to waste bandwidth and processing cycles trying your own software.
That is all.
Plastic PPRuNer
(Mix - please don't let us start that argument again - please)
I assume its the one where I tell you by the time its reached your Inbox, you're wasting your time with anti-spam ?
No, it's the one where I check the mail-headers on the server before downloading the messages and delete trash directly on the server, long before its reached my Inbox.
But I could never get you to understand that then and don't expect you to understand it now,
Mac
I assume its the one where I tell you by the time its reached your Inbox, you're wasting your time with anti-spam ?
No, it's the one where I check the mail-headers on the server before downloading the messages and delete trash directly on the server, long before its reached my Inbox.
But I could never get you to understand that then and don't expect you to understand it now,
Mac
Join Date: Aug 2002
Location: Earth
Posts: 3,663
Likes: 0
Received 0 Likes
on
0 Posts
No, it's the one where I check the mail-headers on the server before downloading the messages and delete trash directly on the server, long before its reached my Inbox.
The whole point is the magic should happen upstream. The only stuff that should ever be stored to the server disks is stuff you want.
If crap is being stored to disk on the server, then your email providers spam filtering aint' right. Simple as.
But I could never get you to understand that then and don't expect you to understand it now,
mixture mentioned:
Back to 1983. Again? :-)
Last time I looked, above mentioned resources were ludicrously cheap except for bandwidth which possibly is only cheap. For most home users these are irrelevant. Convenience trumps all.
Corporates may be significantly different, not sure, not been there for a bit. The difference is that corporates tend to have mirrored drives, sophisticated backups, redundant power and all that good stuff which puts up the cost of the resources substantially.
Anyway, I use free email, their spam filtering is good enough for me, so I don't care about any of that:-)
"before it uses disk space (server or your desktop) and before you have to waste bandwidth and processing cycles "
Last time I looked, above mentioned resources were ludicrously cheap except for bandwidth which possibly is only cheap. For most home users these are irrelevant. Convenience trumps all.
Corporates may be significantly different, not sure, not been there for a bit. The difference is that corporates tend to have mirrored drives, sophisticated backups, redundant power and all that good stuff which puts up the cost of the resources substantially.
Anyway, I use free email, their spam filtering is good enough for me, so I don't care about any of that:-)