Many of us receive legitimate e-mail from unknown senders, or from known senders with new addresses.
The e-mail addresses in headers are not trustworthy. Digital signatures are only trustworthy if you got the public key from a trusted source. -- Shmuel (Seymour J.) Metz http://mason.gmu.edu/~smetz3 ________________________________________ From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> on behalf of CM Poncelet <ponce...@bcs.org.uk> Sent: Monday, September 21, 2020 10:18 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: Caution: "Hacked" email caused the distribution of a potentially harmful attachment FWIW (a) Begin by assuming that *all* received emails are spam/scam (and define this as the bottom line catch-all message filter) *unless* a higher up message filter recognizes both the sender(s)'s and the 'to' recipient's addresses as valid. (b) The sender's original email address can be found towards the end in the message headers, as in the "received from ... for ..." message header line. (c) Spam/scam emails can be sent to https://www.spamcop.net/mcgi?action=loginform for verification, if need be. The 'trick' to get around spammers/scammers is to use message filters, with the bottom line catch-all filter saying something like "if the subject does not contain <whatever random alphanumeric characters> *and* the sender is not <whatever more random chars>@<whatever else> then save the email in the trash/delete folder" - which then ensures that the email is never saved in the "Inbox" folder. A more skilful 'trick' is to have many different email IDs and give out a different email ID to every company, individual etc. (and keep a record of which email ID was given to whom) - so that, if a spammer or scammer gets hold of it, it can be deleted and a replacement new email ID can be created ... and then also determine from whom the spammer/scammer harvested the old and now deleted email ID. That kills off spammers and scammers, because any further emails sent to the old email ID just bounce as "undeliverable" and they cannot guess what the new email ID is. But that requires owning one or more domain names and being able to create/delete email IDs associated with it/them. (I have/use more than 200 email IDs across more than 30 domain names.) HTH. Cheers, Chris Poncelet (retired sysprog) On 22/09/2020 00:04, Bob Bridges wrote: > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On > Behalf Of Jesse 1 Robinson > Sent: Monday, September 21, 2020 17:08 > > JR> The idea of deliberately dumbing down language in spam is preposterous. > First of all I don't understand the purported logic of it. > > BB> Radoslaw's logic seemed clear to me, but when I set out to spell it out > for you, I began to wonder whether I'd mistaken it. He wrote "a method to > filter out bright people and leave only the fools", which I interpreted this > way: Intelligent people (according to Radoslaw) are less likely to produce > profit for the scammer, in the long run. If the scam is written badly, an > intelligent person is more likely to throw it out, and thus less likely to > waste the scammer's time with replies that will in the end lead nowhere. > Fools, meanwhile, will not notice (or notice less) the atrocious writing, and > thus be more likely to proceed. > > I'll leave it to him to say whether I read him correctly. But ~if~ that is > indeed the scammer's motive for writing badly, I think the scammer isn't > thinking very clearly. > > The next part of your comment I think is just a confusion about who said > what. I said Nigerians are mostly capable of better English than I see in > "Nigerian old ministers' " emails, but that's just a side comment, not part > of Radoslaw's reasoning. > > JR> More important, while English is an official language in Nigeria, it is > no one's mother tongue. It's learned, mostly in school, to whatever > proficiency the learner can achieve. The average spammer has probably never > stepped inside university. Even secondary school certification is improbable. > Add to that the 'dialectical' difference between Nigerian and American > English makes it unlikely that the most fluent spammer could write something > of undetectable of origin. > > BB> I don't buy that last part. I have no idea how many spammers have been > to University, or secondary school, but they can't ~all~ be illiterate and > therefore it's not unlikely - just the reverse - that some of them will be > able to compose a grammatically correct email. No one said anything about > "undetectable"; for verisimilitude you'd want ~some~ degree of "foreign-ness". > > --- > Bob Bridges, robhbrid...@gmail.com, cell 336 382-7313 > > /* ...in your bedchamber do not curse a king, and in your sleeping rooms do > not curse a rich man, for a bird of the heavens will carry the sound, and the > winged creature will make the matter known. -Ecclesiastes 10:20 */ > > -----Original Message----- > From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of > Bob Bridges > Sent: Monday, September 21, 2020 10:19 AM > > Interesting hypothesis. I always supposed that they were badly written > either because a) scammers don't care (which is perhaps another way of saying > they're illiterate, or b) these Nigerian-oil-minister scams actually are > written by foreigners whose English is bad - not, perhaps, by actual > Nigerians, whose English is usually better than that - or c) they want to > ~appear~ to be written by Nigerians. It never occurred to me that it might > be an anti-intelligence filter. > > But then, I take it as an article of faith that it's not intelligence that'll > save you from being scammed. It's not the smart people who fall for "I want > you to handle my money for me"; it's the greedy ones. And greedy people are > foolish, but they're not necessarily stupid. > > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On > Behalf Of R.S. > Sent: Monday, September 21, 2020 10:00 > > 3. Puzzle: why Nigerian scam emails are so horribly written? I mean a lot of > language mistakes. The answer is this is intentional. This is a method to > filter out bright people and leave only the fools. Only fool people are good > candidates to further steps of scam, which are expensive because that require > manwork. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > . > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
