Posts Tagged ‘antispam isp’

As soon as Windows Vista was released the problems related to it began to pop-out. Presented like the best software ever, Vista failed to keep up the promise that Microsoft has stated. At beginning no one knew how good or bad Vista will be, but for sure everyone has expected some remarkable, out ordinary and superb software. The results were very bad. Most users are not happy with Vista and that leads us to conclusion that XP is still number one operating system.

Most of the problems that are often mentioned when using Vista are related to its incompatibility with other Windows software. Unfortunately that problem remains today also, although they are trying to fix Vista to work better.

One of the problems back then and one of the biggest problems with Vista today, that really bothers Vista users, is a problem with Outlook Express 2002. To work with Outlook you first have to set up your account, type in all of your user information, e-mail addresses, passwords and servers. Then, you check for your password to be saved. Once completed everything works perfectly. The problem starts when you close your Outlook and then re-open it. When a send/receive takes place, you get an annoying Network Password pop-up that shows the server name as well as your user ID and a blank password. You enter the password but it will fail your send/receive. And than, when you go into your account settings in Outlook, it doesn’t show your password that you saved in the initial setup as saved. In other words, you have to type all of your passwords each time you close/open your Outlook Express.

You can find many complaints to this problem on the internet, and a very few good solutions. Maybe the best way to avoid such a problem is to stick with Windows XP and not using Vista, but that’s up to you. Of course, Microsoft is very aware of this problem and because of that it has put some solutions for fixing it on their official Help & Support page. Too bad that their solutions aren’t useful to all users, but there is always an alternative. Some users have written their own solutions on many community boards, but again they don’t work for everyone. I suggest you to try them all until you find what’s good for you.

Here is one solution for this problem:

Back up your registry and remove the user account information from the “Protected Storage System Provider” subkey. Then, reenter your password options.

To do this, follow the steps for the version of Windows that you are using.

Note the the steps listed in this section should not be used on a computer running Windows Vista.
Back up the registry key
1. Click Start, and then click Run.
2. In the Open box, type regedit, and then click OK.
3. Locate and then click the following registry key:
HKEY_CURRENT_USER\Software\Microsoft\Protected Storage SystemProvider
4. On the File menu, click Export.
5. In the Save in box, select a location where you want to save the .reg file.
6. Type a file name in the File name box, and then click Save.
7. On the File menu, click Exit.

Remove the user account information
Important Do not remove the main Protected Storage System Provider key. This key is not automatically regenerated. If you do not have password retention problems and you do not remember your password, deleting the user subkey may cause you not to be able to retrieve your mail.

Note If you use Windows XP, you must have administrator permissions to edit the system registry.
1. Exit all programs.
2. Click Start, click Run, type regedit in the Open box , and then click OK
3. Locate and then click the following registry key: HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider
4. On the Edit menu, click Permissions.
5. Click the registry key for the user who is currently logged on. Then, make sure that the Read and Full Control permissions are both set to Allow.
6. Click Advanced. Then, verify that the user who is currently logged on is selected, that Full Control is listed in the Permissions column, and that This Key and Subkeys is listed in the Apply to column.
7. Click to select the Replace permission entries on all child objects with entries shown here that apply to child objects check box.
8. Click Apply, and then click Yes to continue.
9. Click Ok two times
10. Double-click the Protected Storage System Provider key to expand the key. Click the user subkey folder that is directly underneath the Protected Storage System Provider key, click Delete on the Edit menu, and then click Yes in the warning message dialog box.

The user subkey folder resembles the following example:

S-1-5-21-124525095-708259637-1543119021-16701

Note For every identity that you have, there may be a subkey under the Protected Storage System Provider key. To resolve this issue in all identities, you must delete all the user subkeys folders that are under the Protected Storage System Provider key.
11. On the Registry menu, click Exit. Then, restart the computer.

For Microsoft Windows 2000
How to back up the registry
1. Click Start, and then click Run.
2. In the Open box, type regedt32, and then click OK.
3. Locate and then click the following registry key:
HKEY_CURRENT_USER\Software\Microsoft\Protected Storage SystemProvider
4. On the Registry menu, click Save Key.
5. In the Save in box, select a location where you want to save the .reg file.
6. Type a file name in the File name box, and then click Save.
7. On the Registry menu, click Exit.

How to remove the user account information in the registry

Important Do not remove the main Protected Storage System Provider key. This key is not automatically regenerated. If you do not have password retention problems and you do not remember your password, deleting the user subkey may cause you to be unable to retrieve your mail.

Note If you use Windows 2000, you must have administrator permissions to edit the system registry.
1. Exit all programs.
2. Click Start, and then click Run.
3. In the Open box, type regedt32, and then click OK.
4. Locate and then click the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Protected Storage SystemProvider
5. On the Security menu, click Permissions
6. Click the registry key for the user who is currently logged on. Then, make sure that the Read and Full Control permissions are both set to Allow.
7. Click Advanced. Then, verify that the user who is currently logged on is selected, that Full Control is listed in the Permissions column, and that This Key and Subkeys is listed in the Apply to column.
8. Click to select the Reset permissions on all child objects and enable propagation of inheritable permissions check box.
9. Click Apply, and then click Yes when you are prompted to continue.
10. Click OK two times.
11. Double-click the Protected Storage System Provider key to expand the key. Click the user subkey folder that is directly underneath the Protected Storage System Provider key, click Delete on the Edit menu, and then click Yes in the warning message dialog box.

The user subkey folder resembles the following example:

S-1-5-21-124525095-708259637-1543119021-16701

Note For every identity that you have, there may be a subkey under the Protected Storage System Provider key. To resolve this issue in all identities, you must delete all the user subkeys folders that are under the Protected Storage System Provider key.
12. On the Registry menu, click Exit, and then restart the computer.

How to reenter your password in Outlook 2002 and in Outlook 2003

1. Click Start, point to Settings, and then click Control Panel.

Note In Windows XP, click Start, and then click Control Panel.
2. Double-click the Mail icon or the Mail and Fax icon.
3. Click Show Profiles, click the account that you are troubleshooting, and then click Properties.
4. Click E-mail Accounts.
5. Confirm that the View or change existing e-mail accounts check box is selected, and then click Next.
6. In the E-mail Accounts dialog box, click the account that you are troubleshooting, and then click Change.
7. Under Logon Information, enter the password, and then click to select the Remember Password check box.
8. Click Next, and then click Finish.
9. Start Outlook.
10. Use the Send and Receive command to determine whether your password is retained.

How to reenter your password in Outlook 2000 Corporate or Workgroup (CW)

1. Click Start, point to Settings, and then click Control Panel.

Note In Windows XP, click Start, and then click Control Panel.
2. Double-click the Mail icon or the Mail and Fax icon.
3. Click to select Internet E-mail in the services list, and then click Properties.
4. On the Server tab, enter the password, and then click to select the Remember Password check box.
5. Click Apply, and then click OK.
6. Start Outlook.
7. On the Tools menu, click Send and Receive to determine whether your password is retained.

How to reenter your password in Outlook Express
1. Start Outlook Express.

Note If you receive a logon error, close the dialog box and continue.
2. Click Tools, and then click Accounts.
3. Click the Mail tab in the Internet Accounts window.
4. In the Account column, click to select the Internet e-mail account that you want to change, and then click Properties.
5. On the Server tab, type your password in the Password box, and then click to select the Remember password check box.
6. Click OK, and then click Close.
7. Exit and then restart Outlook Express.
8. On the Tools menu, click Send and Receive to determine whether your password is retained.

Note If other Windows 2000 users or Windows XP users have password-retention problems, reenter the password, and then click to select the Remember Password check box for those profiles. Each user may have to log on for his or her password to be retained.

Drazen Prastalo writes computer articles for <a href=“http://www.h-desk.com/”>H-desk – Computer software/hardware forum </a> where you can find more info.

Today,on most internet user’s computers, we have the
ability to employ software, along with our
intelligence, to prevent viruses and spyware.
To put this article into proper perspective, we’ll use
Medieval defense tactics.

This is accomplished by 3 methods. First, a firewall…
‘The Castle Moat’ so to speak. A firewall can’t see
inside your computer beforehand though, so if any viruses
or spyware were present before the firewall was installed
then its of no use. Of course, its extremely good at preventing new
attacks.

Second, a anti-virus program…. ‘The Castle Drawbridge!
They will not provide much help with spyware, but good
virus protection is as desirable as one of Avaris’s
dreams! One drawback can be the updates, of course.If
you’ve just updated Wednesday night and a virus hits the
next day, then you may not be protected till next
Wednesday night, and by then it may be too late. If you’re
smart, you will have signed up for email alerts with
the provider, or even better, you’ll have a anti-virus
program that has a real time update feature. I get the
tingles when I see that little pop-up saying a update
is available and click here. Its downloaded ,installed,
and updated in about 20 seconds! A new virus or Trojan or
God forbid, a new keylogger can hit the internet and spread
in a matter of days, and I’m sure this must make the definition
writers lives a living hell. I have great admiration for
them as they could have been wealthy doctors, but they have
chosen to help us… the end users. (moment of silence here)

Last, we have anti-spyware programs,’The Flaming oil’! (my favorite).
Their update features are like the anti-virus programs,
so you have to be as vigilant with this method of defense
too as you would be with the others. I’ve heard there are
people out there that don’t even know when their
updates run, or even if its configured to do so! I
refuse to believe this sordid rumor!

So you’ve got your defenses set up, you’re looking good.
But the best defense is a good offense, attack!
That’s what some organizations do. They prowl the net
looking for websites that harbor drive-by downloads,
URL Re-Directing and such. When they find them, they
shut them down, or report them so effective protection
can be manufactured. These people have my sincere
thanks for what they do. With identity theft on the
rise and Websense reporting that the average computer
has 28 items of Spyware on it, we need all the help we
can get. Oh sure, you’re saying not my computer !
Well, lets discuss those little boxes that you click
“I Agree” to when you download something. Do you read
the entire statement? This is one way spyware has
become so rampant, because so many downloads have extra
software included in them. These can be harmful to
your computers well being. KeyLoggers, popups, adware, malware…
Need I go on?
So my idea is that we need these shining knights from the
castle to journey forth on a quest. They will be
little robots or spiders like the search engines use.
They will be given absolute power over harmful
programs they find. They will be like Gort in the
movie “The Day the Earth Stood Still”.
Dell recently reported that 12% of their calls were
for spyware damage, Microsoft says half of their
reports of system crashes are caused by spyware. These
calls cost these companies millions of dollars in
revenue, which they then pass the costs of onto us,
the consumers.
Who knows, if viruses and spyware ever get controlled,
the average computer may only cost a dollar!

For more Free Resources www.100computertips.com

In the basic scenario of book publishing, a writer finishes a book and then finds an agent who helps sell the book to a publisher. When someone asks, “How do I find a publisher?” they’re often looking for the details of this scenario. But let’s backtrack a little. The answer to this question has to do with what you as a writer want out of the publishing process as well as what the publisher wants. It’s best to be as clear as possible on both counts. Here are a few things to consider.
What You Want
What exactly do you want for your book? It’s possible that your answer can save you a lot of time and heartache. Here’s an example. A writer recently emailed me about wanting to find a publisher for his book on dealing with sickle cell anemia. He said he felt it was a really important book and that people would be interested in the information. That’s great, but if his main goal is getting his book into the hands of those coping with the disease, he doesn’t have to go with a big traditional publishing house in order to do that. He can self publish and take the book directly to doctor’s offices, support groups and sickle cell organizations.
Do you want a book that tells a family story that will be a legacy for your children? Do you want a book that will establish your expertise and help you get started on the speaking circuit? You can accomplish these things by self publishing. A prominent ghostwriter recently published a book about his trade and landed a television interview where he discussed how politicians get their books written. The author was introduced as a “ghostwriting guru” and his book was prominently displayed at the end of the story. There was nothing that would have told you the book was self published. It didn’t make a difference that it was. He still got the notice, was still seen as an expert.
Do you want to go for the whole enchilada–traditional publishing house, book tour, the status of having the validation of a publisher? That’s fine too. Which brings us to…?
What Publishers Want
Publishers are reviewing tons of manuscripts daily. How do you get your submission package to stand out from the others? By giving what they’re looking for.
They want good writing. That’s a given, but how do you deliver? First of all, be in a mode of constantly learning about your craft. Take classes, workshops, join a writer’s group. Next, hire someone to help you. There are many editors who assist writers in getting a manuscript ready for submission. Some agencies even provide editing as part of their services.
The next part is harder. It has to do with that magical term “platform”. Everyone these days talks about how publishers buy on the basis of your platform. In fact your submission package, fiction or non-fiction, will be all about showcasing your platform. Here’s what they’re looking for and how to demonstrate it.
Who you know and who knows you: Have testimonials and blurbs from known and noted people featured in your package. If you have a few big names behind you, that’s more power for your marketing machine.
Do you have a following? If you put out a newsletter or other regular media you’ll want to show how many subscribers you have. If you have a killer website, tell the number of hits you draw each month. If you sell a product, give sales figures to show you know how to produce what your customers want.
Are you in front of people all the time? Tell what media you already have under your belt. When and where were your last speaking engagements? Describe any radio, television, newspaper or magazine interviews you’ve done recently.
If you’re lacking in any of these areas, it’s never too late to change your situation. Polishing your prose and your persona are the best steps you can take to attract a publisher. They’ll also help ensure your success if you decide to go it on your own. Remember, any improvement on your writing or marketing fronts will never go to waste!

For More Free Resources visit www.onlinepublishingsite.com

There has been much research on internet banking even before it began. The research continues to this day, with more and more participants involved. As people use internet banking more, it gives researchers more reasons and subjects to study.

One study showed the devastation of identity theft on individuals. They had trouble getting jobs, loans, and insurance, for example. They could not conduct business in a bank, not even internet banking. Some ended up in very difficult positions.

The study suggested that banks, including internet banking institutions, would do well to proclaim themselves as the champions of identity protection. This would help them by limiting their losses. Besides this, they could charge a fee for the service.

Another study evaluated how people felt about the security of their internet banking transactions. 78% of them stated that they would like some kind of verification of their identities to be carried out at certain times. This, they thought, should be done at the moment that unusual transactions were being done on their internet banking accounts.

People seem to be getting more comfortable with internet banking every year. One study showed an increase in internet banking of 9.5% between 2006 and 2007. Another study predicts that 76% of the households who have an internet hookup in the year 2011 will also do internet banking.

It is true that internet banking and online bill paying are predicted to continue their rise in popularity. However, viewing bills electronically is expected to decline. Payment by other means besides internet banking is also expected to go down, including bill paying by phone.

Some studies have made use of surveys that ask people if they want alerts for their internet banking accounts, and if so, what kind. It turns out that consumers do want alerts for their accounts. What is more, they want a lot of alerts for a variety of occurrences.

They want to be alerted when a bill is going to be paid and when it has been paid. They want to be able to set an alert to tell them when a certain check has cleared. They want to be alerted when there is any inkling of fraud. This one, of course, is an especially good idea.

The demographics of internet banking have also been studied. It seems that the middle income people who use internet banking are afraid they will lose control without better records. Anything that can be done to give them better records will make them more comfortable to use online banking.

The lower income people have many reasons for not using internet banking. The over-$100,000 group seems to use it more. They also tend to use it without fear. This may be because they are in less danger of running out of money and overdrawing their account.

A new field of study is social networking. This is a concept that involves the use of internet banking by networks of people. They are usually in their 30’s and 40’s. They put their money together to make deals with financial organizations. Study is geared towards finding out how this will affect internet banking for these people, and for all internet banking customers.

Internet banking research is going on, and will continue to go on as long as online banking exists. The banks want to know how to stay profitable. Hopefully, they are also interested in how to better service their customers.

Terry Detty finds <a href="http://www.majon.com/safeannounce">Email Marketing</a> and <a href="http://www.majon.com">Internet Marketing</a> his passion. In addition to marketing, he enjoys reading and occasionally goes out for a short walk.&nbsp; His latest interest is a new<a href="http://www.majon.com/dirsubmit">Directory Submission</a> program he's been using.

PCs have become a staple in every home. Without PCs, you will find it hard to stay connected and to even do the work required of you in school or in the office. With so much PC packages being shoved to our throat every time we go to department stores and computer shops, you’ll really get quite confused on what you really need and what PC package will fit your budget and lifestyle. To help you through this dilemma, here is a brief backgrounder of the parts of PCs that you should get to know.

Processor.
This is one of the three primary components of your PC. The processor is the part that determines how fast your computer process information. Intel is still the leading brand in processors but competitors such as American Micro Devices (AMD) are slowly catching up, offering cheaper alternative. In shopping for a processor, one should consider the following:

Clock speed — this will show the number of instructions that a computer can execute in a second. This usually comes after the brand name. Processors nowadays are already set at the gigahertz range.

Cache memory — this stores the data that were previously accessed. This simplifies the work of the computer as it would not take twice as long to access information already stored in memory bank. Without a cache memory, much of the work will fall on the RAM (Random Access Memory).

Operating temperature — some processors easily heats up. Before buying, make sure that you have asked about the operating temperature just in case you need to buy additional fans or put the computer in an air-conditioned room.

RAM (Random Access Memory).
RAM serves as the temporary memory of the PC, containing information that are needed for the computer and the programs to function. In addition to processors, RAM also determines the speed of the computer. The higher the RAM, the faster the computer is in accessing information and responding to commands.

Motherboard
This is where all the parts of the PC’s CPU (Central Processing Unit) are attached. Some motherboards already have video cards and soundcards embedded on it while others don’t. What is important however is to choose a motherboard that is compatible with your RAM and processor? Incompatibility of PC hardware can cause major problems and may even lead to the breakdown of your computer.

Hard drive.
This is the part where you store all the information in your PC. Picture a floppy disk with much much larger storing capacity. The hard drive serves as the permanent memory of your computer. Here you install all your programs and save all the documents that you need. It is also important that you buy a hard drive with really big capacity especially now when people are so used to storing multimedia files that may use up a lot of hard drive space.

Video cards
This is the part of the computer which determines the quality of the multimedia images that you will view. The higher the memory of the video card, the better is the picture quality and the colors. Also, video cards are also responsible for how fast multimedia images are accessed. This is especially needed if you use your computer for multimedia activities such as watching a movie or playing video games.

For more Free Resources www.100computertips.com

Privacy policy legislation affects internet banking just as it does any other type of banking establishment. You might want to keep your personal information private. If so, it is good to know how your bank treats privacy policy.

A study was done to determine how well different banks, including internet banking companies, dealt with privacy policy. All financial institutions should have privacy policies that are consumer friendly. This is in keeping with the spirit of the law.

The law in question is the Gramm-Leach-Blily Act, or GLB, as it is often called. This was enacted by Congress in July of 2001. It gives power to financial institutions to conduct business in many important ways.

More importantly to consumers, there is a section devoted to the privacy of banking customers, including internet banking customers. Banks must provide consumers with a copy of their privacy policy. This explains how your personal information will be used by internet banking operations and other banks.

Your personal information would include any information that can be identified as your particular information. It could be your name, address, social security number, internet banking transactions you have made in your name, and other information. It could also be any information that can be guessed by having some of this information.

The study evaluated bricks and mortar banks, clicks to bricks banks, virtual bank internet banking operations, and other financial institutions. It compared each company’s privacy policy, how they informed consumers about their privacy policy, and what options consumers had with them to “opt-out.”

If you opt-out, you are saying to the company that you do not want your information to be shared with other companies that are not affiliated with the bank. Under GLB, internet banking services still have the option of sharing your information with affiliates and marketing partners, but they should inform you that they are doing so.

One problem has been that the privacy policy statements sent out to consumers by internet banking companies and other banks have been impossible for most people to decipher. They are not exactly an easy read. There is a movement to make them easier to understand.

Another problem is that some internet banking companies have made it very difficult to opt-out of having their information shared with unrelated businesses. It should be the easiest with online banking. Indeed some internet banking companies have online forms to fill out so that you can be finished with it in short order.

However, some internet banking sites make it nearly impossible to opt-out. They make you go to an 800 number, or write for a mail-in form, or they may not have opt-out at all. These are in the minority, but you should watch for them when comparing online banks.

The good news is that virtual internet banking companies that offered standard banking services like checking and savings accounts scored the best in the study. If you want to keep your information private, check out your internet banking institution’s privacy policy before you sign up.

Terry Detty finds <a href="http://www.majon.com">Internet Marketing</a> and <a href="http://www.majon.com/safeannounce">Email Advertising</a> his passion. In addition to marketing, he enjoys reading and occasionally goes out for a short walk.&nbsp; His latest interest is a new<a href="http://www.majon.com/WebsitePromotion">Website Promotion</a> program he's been using.

Phishing (and yes, is spelt correctly) is the art of scammers sending out tens of millions of emails in the hope that some recipients accidentally fall victim for the scam. According to research about five people per million emails fall for them.
Usually the scam email is purportedly from your bank (for this article I’ll use the word ‘bank’ but it could easily be any financial institute) to say that they have updated their system (or another reason) so you need to make sure that your details are correct, and if you will simply click on the link in the email then you will be able to enter your account details.

The trick here is that the link in the email does not take you to your banks web site, it is actually a CLONE website run by the scammers and if you enter your bank details they are then sent given to the scammers. They will then in turn go to the REAL web site of your bank and use your details (that you just gave them) to access your funds, once in your account it’s a simple job of transferring all your funds into another account.

The question I get asked the most after explaining all this is why can’t the money be traced? Why can’t the authorities simply reverse the financial transaction on behalf of the victim?
The answer is a bit complicated but I will try to explain it here, but before I do I must explain another scam – I call it the ‘work from home’ scam.

The ‘work from home’ scam is simple – you receive an email that offers you a part time job at home for transferring funds. The email may state that the writer cannot accept payments from your country (but they never actually specify which country that is) in order to pay for their services (they may sell paintings, antique furniture e.t.c). So they have decided that YOU would be the perfect person to help them by accepting payments in your country and then sending the money onto them (after you take out 10% as commission). You are to send the money overseas via wire transfer – the reason for this (and it isn’t specified in the email) is the money will no longer be traceable!

Now lets put those two scams together and you’ll see the overall picture.

I’ll explain this using an example -
The scammer (I’ll base him in Nigeria) sends out one million emails purporting to be for ‘Bank of Australia’ (BoA) to random email addresses. From that maybe one person falls victim to the scam (remember that out of a million people who receive the email maybe fifty actually have an account with BoA) and enters their bank account details.
The bank account details are then sent to the scammer who transfers the money into another account. Most bank accounts in Australia cannot send money overseas, in this case Nigeria, so the money must be transferred to another Australian bank account (any Australian bank account). And whose account is it sent to? The person who has accepted the ‘work from home’ job that’s who!

The person who has accepted the ‘work from home’ job now receives the money to which they believe is part of a legitimate business transaction. All they need to do now is to withdraw 90% of the money (they get to keep 10%) and send it, via wire transfer, to Nigeria. Once the wire transfer has gone through there is now no way of getting the money back

So what’s happened here? The more common word for this is ‘money laundering’.
The person who has their bank account looted has been finished with (as the scammer knows that the person won’t be blindly putting money back into the account so they can get it again), but the person who has fallen for the ‘work from home’ scam is about to get into a lot of trouble as they have laundered money for a criminal organization, and that can land people in jail.

So how do you protect yourself from these scams?
Two rules. Firstly, NEVER click on a link in an email – EVER. Secondly, remember the old saying ‘there is no such thing as a free lunch’ and you won’t get sucked in to the ‘work from home’ scam.

Copyright 2007
About the author : This article was written by James Clifton (www.jamesclifton.com) on behalf of the website www.thebestscams.com

James Clifton has been on the Internet since 1996 and runs several succesful web sites.

Get paid to fill out simple web surveys. Earn up to $150/hr.

Work from home with a proven system for people who want to get paid for
giving opinions, taking surveys,& polls.

If you are tired of being burned by all t he earn-from-home scams out
there, then check out this opportunity. Just fill out simple surveys and
get paid for your opinion

For more info. go to:
http://paydotcom.com/r/11804/268550/511670/

I'M A RETIRED COFFEE BROKER ENJOYING WHAT CAN HAPPEN ON THE INTERNET

Linux oriented community for sysadmins

Back in the days when Windows 98 was the latest Microsoft operating system, HTML email messages accounted for a large number of infected Windows-based systems. Surprisingly, things have not changed much nowadays either. Accepting and displaying HTML email messages still pose a great deal of threats for email users, regardless of what operating system they are using, or if the latter is actually immune to an attack based on vulnerabilities of other systems.

To illustrate, here are some of the possible threats posed by the use of HMTL messages; including, but not limited to virus or other malware infections, which still account for a high degree of risk.

Based on HTML email, a malicious person is able to perform different scams and phishing attacks. These types of attacks consist in fooling the targeted email address user into giving out personal information such as: name, address, email address, personal bank account information. Such attacks involve impersonating a legitimate website to which the user may have previously registered and created an account.

Some scammers may go as far as impersonating banks or other financial institutions such as PayPal, in order to obtain credit card information or other personal details that can later be used to purchase goods, or even to empty a bank account. Many bank account frauds are made this way. As a countermeasure, if HTML emails are filtered at server level in a way that causes only text to be displayed such fraud attempts can be blocked and prevented.

Email clients have different approaches to HTML email. Mozilla Thunderbird, for example, does not display HTML content by default, as opposed to Outlook Express which displays HTML content by default. This does not mean that scams cannot be performed using simple text as well, but the probability for someone to believe a text message is lower in comparison to seeing an exact replica of their bank’s website requesting their personal details.

As compared to these attempts some of our peers make with the purpose to scam people for their personal information, viruses and worms do not use the same techniques. Their goal may be infecting the operating system, but the infection mechanism may be hidden behind a special offer for a free product, that may actually cost the user a lot more than if they had bought a similar product for real money.

Another commonly encountered threat consists in the simple viewing of a HTML message that can further trigger the delivery of more spam to the user’s mailbox.

How is that possible? You may ask. For instance, the spammer sends HTML messages that contain a different image filename link in each of the sent out messages. He also has an association between each image filename link and the email address that the message is sent to. When the message is displayed on the user’s computer, if HTML viewing is enabled, the respective image file will be automatically requested from the spammer’s server. At this point, the spammer knows that the message has been viewed on a computer and, based on the requested filename and using the association created, he now knows that the respective e-email address is in use. As a result, the spammer has found an active email user that he can convince to buy some of the products he advertises for. Another source of income for the spammer is selling a database of verified addresses, which is even more valuable than a database that contains 3 quarters of bouncing addresses.

This concludes some of the most important scenarios and consequences of using HTML in an email application.

For the article in original, and other articles, please visit: http://www.mailradar.com/articles/Security/

I am regular contributor for Mail Radar (http://www.mailradar.com), a new email community with a special focus on Linux and email servers; on topics that I am especially interested in. Please feel free to visit the site, share the information or contribute as well.