Fixing E-mail SPAM Filters

One of the new benefits from my company I am receiving this year is identity protection. I received an e-mail from our service and it had all sorts of warnings on it that indicated the message originated outside of my company's network. Before setting up the service, I had to review my benefits to make sure it came from the company actually providing the service. Our IT department loves to test our Phishing skills and sends us bogus e-mails about once a month. When we flag it as a Phishing e-mail we are told if the e-mail really is a test. Once I verified the valid e-mail message, I logged in and set up my account.

Our identity protection company suggested using a personal e-mail address. They then asked to verify it. I did and they sent a message with an 8-digit number they wanted me to enter into their website. When the message didn't arrive quickly I looked at my SPAM filter which didn't have the message either. While I waited for the verification code to arrive, I investigated my SPAM filter settings. I don't know why I have not done that before.

Whenever I go through my SPAM report and see an e-mail that should have made it to my inbox, I click the "Allow" button. I assumed this would allow all e-mails from that sender through. When I checked my filters, I had a number from the same companies but with different senders. I didn't realize that companies changed the senders based on the message being sent. While I would have loved getting a message from anyone at Disney.com, the sender looked like:

123abc@disney.com

Furthermore, there were a number of subdomains like:

456def@email.disney.com

What I really want is to receive everything from any part of Disney. In order to do that I had to go into my SPAM filter settings and created rules for "Allowed Domains" and not just "Allowed Senders". I went through all 57 allowed-senders rules and converted them to allowed-domains rules. Then I went back and deleted the duplicated rules in allowed-senders.

I have been spending several minutes a day going through the message subjects of the e-mails caught in my SPAM folder because no matter what I tried, I couldn't figure out why clicking the "Allow" button wasn't allowing all messages from particular companies through. Now I know why and will be proactive in making sure I create the correct rules. In the future, I hope to not have to spend any time reviewing my SPAM messages.

SPAM E-mail Can Be Funny

Every day I go through my SPAM e-mail to make sure the filter didn't catch something I want to receive. To some, this might seem like a chore. To me it is a humorous exercise that always puts a smile on my face. Today I thought I would share some of my favorites from yesterday's SPAM.

• Mysterious Israeli Nuclear Arsenal: International Intrigue Deepens - This is funny to me because Israel has had nuclear weapons for quite some time. It forms the plot from Tom Clancy's book "The Sum of all Fears." It is hardly newsworthy let alone "International Intrigue."
  
• BREAKING NEWS: Putin Drops "Financial Nuclear Bomb" on America - If this is breaking news, why have I been getting the same e-mail for over a year.
• Dr. Fauci's Final Strike Against America? - With the COVID pandemic reduced to a footnote thanks to vaccines, someone is out there trying to keep Dr. Fauci's memory alive.
• RIP: 401(k)s, Pensions, Mutual funds . . . - I don't think they are going anywhere soon. Inflation may reduce their value but they still remain viable investment vehicles. Sometimes they even keep pace with inflation.
  
• China's Secret Plan to Bankrupt Millions of Americans? - This one could be real and I think it is called Temu. With prices that low, people will continue to buy useless crap they don't need.
• Zelensky's Surprise: Ukraine's Military Boosted by AI! - I think the more surprising headline with Ukraine's defense against Russia is that it is still going on. Theoretically Russia should have rolled over Ukraine in the first 3 months of fighting. The fact that the fighting is still going on leads to questions about Russia as a military powerhouse.
• Bombshell Confession from Gates (SHOCKING) - Why would I care? Somehow people think that every little thought in certain successful peoples' heads should be major news. It isn't.
• Pending Order [#48752-11] 36 Piece Tupperware Modular Set - Wait I never made that order. That is what the Spammer is hoping I will say and click on something in an effort to contest the order. The best option is to not do anything at all.
• Medicine's Newest Marvel: A Pill Against Obesity - Yes there are some prescriptions you can take that will diminish your appetite but there are more reputable sources for this kind of news.

I find most of these subject lines humorous because they seem so outlandish to most people with common sense. So how to they get people's attention? All they need to do is find one area of insecurity and the spammer will snag a victim. Perhaps they all seem outlandish to you except for the one about AI. You don't quite understand AI and how it is being used and so the e-mail will lure you in to read it. Then BAM! You have infected your computer with a virus, malware, or some other malady. Furthermore the person that snared you now knows your vulnerability and will continue to use it.

Hopefully you have not been lured by one of the previous headlines. If you have, you have my sympathies and I hope you have extracted yourself from any harm it may have caused. My biggest reason for sharing this list, besides a personal laugh, is to help others recognize what SPAM is floating around and keep them from becoming a victim.

Your Smartphone is Telling Everyone Where You Are

This afternoon I read an article from the New York Times about how your mobile phone is collecting where you are and have been. This is something I already knew and have for a long time not allowed apps to know where I am located. I really don't have much to hide but I still find it creepy that services are out there collecting my location on a regular basis.

The article goes through a number of scenarios about how that information could be used for nefarious purposes. Fortunately I don't need to worry about any of them. I am not a secret service agent guarding the president. I am not engaging in illegal activities that might include robbing banks or prostitution. About the only scenario I should be worried about is that someone would be able to tell when I am not at home or on my boat and be able to rob either location. Fortunately I don't have anything expensive on my boat and I doubt there is much in my home that warrants worrying about thieves.

The things I really worry about are exactly why those smartphone applications are collecting the data: advertising. Companies like to be able to track that you have seen an ad and then visited a store to purchase something. Advertisers can also see that you walked into a restaurant and left immediately. That will just open the flood gates to restaurant ads spamming my phone. I am also not interested in ads for stores I just walked by. Imagine walking by a shoe store and then being bombarded with coupons about shoes you don't care about. I just wanted to get to the video game store on the other side.

After reading the article, I double checked my phones and Google account. I have made sure to turn off location notification on all of them. If I need to use a map application, I will turn it back on temporarily and then be sure to turn it off again.

Increasing Blog Traffic

Lately I have been wondering how to increase traffic to this blog. I would also like to increase traffic to my YouTube channel and so I ran a little experiment. First I have to give credit to my wife who gave me the idea. She said that I can't just post stuff. I have to share the posting with as many people as possible. When you do that via e-mail, it is called SPAM. When you do it on social media sites like Facebook, it is considered normal.

I wanted to share a business article on LinkedIn and so I looked through my most recent posts. I could have chosen a video game review but I don't think that would have been received well. LinkedIn is just not the right audience for that. I also wanted to see if I could drive traffic to my YouTube channel at the same time. So I created a simple teaser that said something like, "Thinking of ditching your career and becoming the next YouTube celebrity?" I then provided a link to my "How to Make Money on YouTube" post. It fit the criteria I wanted as being business like as well as referencing my YouTube videos all over the place.

Traffic to my blog skyrocketed compared to normal. I had five times as many regular viewers for that post on the first day and three times as many the next. Furthermore I had people contact me via LinkedIn that I hadn't communicated with in years. I have to say that the first goal of getting more viewers to read my blog was a huge success.

With everyone reading an article about YouTube I thought that there would be a huge jump in video watching as well. Surprisingly the number of views for both of my videos never increased. That seems pretty strange because I usually get quite a few views of my Goblin Valley video every day with no promotion on my part. Nope, for the past 3 days the count has remained constant.

I also thought that my LinkedIn associates would see my blog and start looking at some of the other articles I have written. Nope, the only article being viewed is the one that I referenced in my post to LinkedIn.

I learned a lot with this little experiment. From now on, when I create a business post, I will make sure to post it to LinkedIn. It will help drive traffic to at least one article. It also beats doing nothing. Now if I could only figure out how to drive millions of views to my YouTube channel.

Don't Hack a Hacker

This morning I got done skiing and had to work from my home office. I sat down at my desk and got an e-mail that began with the following:

   Hello!
   My nickname in darknet is HckD4*.

The poor grammar indicates that the person does not speak English as his/her native language. Already I am preparing for a SPAM e-mail, however I am intrigued. It goes on:

   I hacked this mailbox more than six 
   months ago, through it I infected your 
   operating system with a virus (trojan) 
   created by me and have been monitoring 
   you for a long time.

Interesting. I wonder if HckD4* is as tired of all the SPAM I get or if he/she thinks I get a lot of important e-mails? The message goes on:

   If you don't belive me please check 
  'from address' in your header, you will 
   see that I sent you an email from your 
   mailbox.

Well that's not that hard to do. If you know anything about Simple Mail Transport Protocol or SMTP, then you know that is a fairly simple task. Any hacker with about an hour of experience can fake a message to look like it came from your own server. The trick is to look at the headers for the e-mail to see if that is actually the case. In my e-mail client, I selected the box to show all of the header information and see that the message came from a server named z3.hck7.pro, which is located in the country of Panama. Needless to say that is not even remotely close to where my e-mail server is located. My original hunch is correct and this is just a SPAM e-mail.

For your enjoyment and mine, the message continues:

   I have access to all your accounts, 
   social networks, email, browsing 
   history. Accordingly, I have the data 
   of all your contacts, files from your 
   computer, photos and videos.

Even if I believed this person, there is nothing of value there. I don't do a lot of social networking. I don't visit questionable or incriminating websites. All of my photos on my computer are tasteful and probably boring to most people besides me. So at this point, there is nothing compelling me to be to afraid. Now we get to the point of the message:

   I was most struck by the intimate 
   content sites that you occasionally 
   visit. You have a very wild imagination, 
   I tell you!

Wow! If I didn't know this was a fake before now, I do now. Sure I visit a lot of video game sites but that shouldn't be embarrassing. What else would make me embarrassed?

   During your pastime and entertainment 
   there, I took screenshot through the 
   camera of your device, synchronizing 
   with what you are watching. Oh my god! 
   You are so funny and excited!

Oh if this was real, he/she must have a picture of me picking my nose or something. That really isn't that embarrassing. Furthermore my e-mail computer doesn't have a camera connected. My laptop does, but it is from work and so locked down with security software, there is not a chance in the world that someone has hacked into it. Trust me, our IT department takes a lot of crap because we have so much anti-virus software. For once I am glad it is there. Oh, my laptop is also a Mac and there are significantly fewer virus programs written for the Mac.

Finally, the hacker tells me what he/she is really after:

   I think that you do not want all your 
   contacts to get these files, right? If 
   you are of the same opinion, then I 
   think that $1000 is quite a fair price 
   to destroy the dirt I created.

The message then goes on to give me a bitcoin wallet and where to send the money.

Messages like this really make me angry. I have been using computers for a long time and know how to verify if the message is real or not. What about other people that don't? Hopefully you don't fall for such an obvious fake. How can you tell if it is a fake message? Well think about legitimate e-mails from people like your credit card company. An extortion e-mail should include some of the following:

1. Your actual name - This e-mail did not contain my name at all. It had my e-mail but that is necessary to contact me in the first place. If the hacker had really been spying on me, he/she would at least know my real name.
2. Some other information about you - Credit card companies always tell you the message is from your account ending in 4 specific digits. If those digits don't match any of your credit cards, you know it is a fake, unless someone has opened a credit card in your name without you knowing about it (but that is a topic for another time). This e-mail had nothing like that.
3. Some sort of proof - If you are going to try and extort $1000 from me, you better have some sort of proof that I have done something worth hiding from all of my contacts. How hard is it to send an image with proof? If you have the images claimed in the e-mail, it isn't. If you don't, it is impossible.

The more I thought about this e-mail, the more I realized how fake it actually is. Let's assume I have spent some of my computer time doing something I want to hide from my wife or contacts. Is it actually worth $1000 to keep hidden? Most of the people I know that cruise the Internet for pornography don't try to hide it. They may not brag about it in mixed company, but they are also not ashamed of it. Sure some people will be embarrassed but it might start a conversation that needed to take place anyways.

Hopefully none of you fall for such a scam. If you would like another source talking about this same e-mail in more detail, here is a good article.

The Humor in Spam E-mail

I have a pretty good filter that eliminates a lot of unwanted e-mail. Unfortunately it may be a little too good as I have to go through my filter list daily to make sure I am not missing any important messages. I quickly skim the subjects and the sender. If there is anything that I think might be important, I can view it without having it sent to my inbox.

Weird Al Yankovic did a song about a decade ago making fun of the absurdity of horoscopes and so with a little creative license, I would like to add my thoughts about all of the Spam e-mails I see on a daily basis.

Lose 20 pounds overnight - As someone who has lost about 30 pounds in the past 3 months, I know what it takes to lose weight. It really is a simple trick: eat less food and exercise more. Unfortunately the only way to lose 20 pounds overnight is to have one of your legs amputated. I've grown attached to mine and want to keep them so I won't be trying to lose 20 pounds overnight.

Reverse diabetes with this one simple trick - For a lot of people there really is one simple trick for reversing type 2 diabetes and that is to lose weight. However I think those that have type 1 diabetes are offended by such claims. Losing weight also doesn't guarantee you will reverse diabetes, but you may keep it at bay for a while. I'm sorry as I really do want there to be a magic cure for diabetes. Unfortunately it is not that simple for everyone. If you do have diabetes, please see your doctor and get help.

These women want to date you - If I was living below the poverty level of some 3rd world country and you offered to fly me to the United States or some other equally wealthy country, I'd want to date you to. There are much less expensive ways of getting a date though. Besides, this is most likely a scam.

Have an affair tonight - No, I like my wife and wouldn't want to do anything to hurt her. I suppose there are some that might find this e-mail entertaining, but I'll pass.

Find out if he is cheating on you - I think this e-mail is sent by the same people that sent the previous e-mail. Anyone who responds to the previous e-mail is put on a list and all they have to do is check to see if your name is on the list.

I will pay you $2 Million if you help me deposit this money - I get something like this on a daily basis. Remember that if something is too good to be true, it generally is. This is a good way to have someone give up bank account information that bad guys use to clean out savings accounts.

You've won a prize - Ok, I'll admit that once I really did win a prize and they notified me by e-mail. However they provided information that I had given them when I signed up for the contest and so I knew it was real. Generally speaking though, you didn't win anything and it is just another scam.

Repayment of the money lost in a scam - This one is just sad even if it is a bit clever. If someone was gullible enough to get scammed once, they just might fall for it again in the hopes of getting their money back. Too bad it doesn't really work that way. 

I'm stuck in a foreign country and need your help to get home - I actually almost fell for this one. I got an e-mail from someone I barely know claiming that he was stuck in some foreign country and needed me to wire him some money so he could buy a plane ticket home. I didn't know him well enough to just call his family and ask if he was traveling and so it was tempting to respond and send him a few bucks. However I travel enough internationally to have seen the holes in his story and figured it was a scam. I was tempted though.

I wish there was something I could do to keep people from sending me so much junk e-mail. Unfortunately that is just the price we pay for being able to exchange messages so easily. Every once and a while I do crack a smile as I read some of these unwanted messages. Perhaps I just need to view them as entertainment and humor. After all, that is what the small print says about horoscopes.

An E-mail From my Sister

I just got an e-mail from my sister and thought it was great that she was thinking about me. The message looked like it came from her in that it even had the line at the bottom that said it was sent from her iPhone. My sister has an iPhone and so one would think the link that she suggested really came from her. The reality is that the message wasn't from her and I knew even before I subjected myself to more spam e-mail.

So how did I know the message really wasn't from my sister? It is easy because I also have an iPhone. I know how tough it is to type on my iPhone's keyboard and there is no way I would spell out an entire URL with all of the little various characters that make up the tracking signature. The characters at the end of my alleged sister's e-mail were "3b5pmwcxdk5sympms0" and there is no way I would type all that out.

Another hint that the e-mail really wasn't from my sister was that she sent me it from her iPhone. Why wouldn't she send me a text? It would have been faster for her and she knows I respond to text messages much more quickly than I do with e-mail.

The next time you get an e-mail from one of your friends that contains a link to click on, simply ask yourself a few questions. Does the e-mail look legitimate? Are there hidden clues that indicate it not being a genuine e-mail? If you do have a question, you can always expand the e-mail headers and see where the e-mail originated. While the reply-to field was my sister's e-mail address, the originating e-mail address wasn't. I think I will just send an e-mail to my sister saying "Hello".

Direct Mail vs. SPAM E-mail

One of the first things I do in the morning is to check my e-mail. I have two primary e-mail accounts with an additional three e-mail accounts that get forwarded to my primary personal e-mail. That means I have a total of five e-mail accounts for just one person. I have a pretty good SPAM filter that eliminates a lot of junk e-mail but I still have to go through about 25 to 30 junk e-mails every morning. I never even read them. I look at who sent them and maybe the title or subject before clicking the delete button. When I do bother to look at what is in my SPAM folder, there are generally 200 to 300 daily messages that I don't ever even see.

As this week is my son's high school graduation, I am working from home for a couple of days. I just got the mail from the mailbox and noticed there was some junk mail there as well. Unlike my e-mail, I at least looked at the pictures and glanced over the postcards and letters. I also went through every page of a department store catalog advertising Father's Day gifts.

I'm sure that I am not unique. There is an added value to something tangible even if it is a printed piece of paper or postcard. Now did I purchase anything based off SPAM e-mail or junk mail from my physical mailbox? No, but at least with physical mail, I got some piece of the message that was sent.

Technology is like a pendulum in that one year everyone is looking at technology as a huge benefit. Then the pendulum swings and we realize that the original technology wasn't as huge a benefit as we all thought it would be and either move to a new technology or go back to how we were doing things before. Judging from my physical mailbox today, direct mail is making a comeback.

Open the Floodgates of Spam

Yesterday I was working on a problem at work and was stuck. Rather than continue to spin in circles, I decided to post my issue to an online forum and see if I couldn't get some help from the experts. Immediately I got a response asking for more information. In the process of providing the information, I figured out what my problem was and was able to get it fixed without any additional help.

When originally posting my problem to the forum, I was asked to provide my e-mail address. This was helpful because as soon as someone asked me a question, I was sent a message. Unfortunately there are a lot of programs on the Internet looking for valid e-mail addresses.

I woke up this morning and checked my e-mail. So far I have only gotten one Spam message promoting Viagra, but I imagine there are more to follow. In the future I need to remember to use a throw-away-e-mail account for such postings.