Wednesday, February 1, 2017

Are You a Spammer? Are You Sure?

Yesterday someone reported that a comment I'd posted somewhere had been "filed as spam." I don't remember who it was, didn't at the time, so don't know who made the mistake, but I thought it was timely to remind you: This is one web site where leaving a comment or following the blog will not generate tons of bulk e-mail--not even the e-mailed blog posts and/or fundraising appeals that a lot of first-rate bloggers, and online versions of Real Printed Newspapers and Magazines, do send out in bulk. I don't have a device that would do that. Despite the number of "blog advice" writers saying that it's vital for any blog that wants followers to use such devices, this web site has been gradually and steadily growing without them.

E-mail that actually comes from any member of this web site is individually composed and addressed to one person at a time. (In the case of petitions and comments on pending legislation, we've been known to send copies to multiple elected and unelected officials who may be involved with a specific bill or issue.) If you want to receive mail from this site instead of going online and reading it at Google's expense, you're obviously talking about printed mail, which this site is delighted to send anyone who pays for it in advance; you can order a printout of any individual post for $1 plus the amount of postage you require.

Nevertheless, it's entirely possible that people have marked my e-mail address as a source of spam, after having received spam or worse...that didn't come from me, but seemed to. It's possible that that's happened to your e-mail address, too, especially if you use Yahoo.

There are some hackers, one set traced to Turkey, whose trick for getting into your e-mail involves an e-mail that appears to come from one of your frequent correspondents, so you open it. What you see appears to be a harmless annoying spam link to some sort of pyramid scheme marketing something (which you might notice as being something your correspondent does not normally use or recommend). What you get is the hackers' opportunity to tap into your e-mail account and send out more of these "worm file" e-mails in your name, having already caused people (including you) to distrust your e-friend.

Because these pests got into my e-mail account via e-mails that appeared to come from Bridget Delaney, from Ron Paul, and from Grandma Bonnie Peters, I'm sure they have got into a few other people's e-mail accounts via e-mails that appeared to come from me. Not many, because my e-mail address book is small, but enough that some people Out There may imagine that I'm the spammer or hacker.

There's a very simple way for web service providers to foil this little game. Google actually does it--perhaps too carefully and too politely, perhaps not. Anything connected to the Internet can be traced to a physical connection point. Even a computer can flag inappropriate connection points. If I spend a day in Big Stone Gap and go online while I'm there, Google automatically sends me an e-mail, the next day, notifying me of a "log-in from a different location." Yahoo can and should do the same thing.

These messages could also be reviewed by a human who might notice, e.g., that it's extremely unlikely that someone who is Twittering, Googling, Yahoo-ing, and Binging from his or her home neighborhood would be, at the same time, sending spam e-mail from Turkey. There's no valid reason why hackers who do succeed in tapping into anyone's e-mail account once should ever be able to tap into it again.

Given Yahoo's current state of mess, I can understand why some people are just automatically filtering out all e-mail from Yahoo...but that's discriminatory. A majority of frugal, legitimate e-mail users have used Yahoo, and so far as I know we still do. Yahoo may or may not have the capability to sort out the legitimate Yahoo e-mail from the foreign "worm file" scams, but you have.

Here's what you do. If you receive a spammy-looking e-mail from a correspondent who has not previously seemed to be a spammer, report it to your e-mail provider. Take a screenshot if your browser will do that--it may help them trace the hackers.

While using Yahoo, you should see a button for "Full Headers" view. Click on it to get a screen shot of the "Full Headers" of the spammy-looking e-mail. Sophisticated hackers have ways to get round this, but if it is a piece of harmless annoying spam that may have been generated by a web site or marketing agency your friend may have used, you may recognize the spammer's real name and address in the "Full Headers"! (It may be part of a chunk of code that contains something like "ad campaign" or "upsells.")

Other e-mail services may have features similar to "Full Headers" that can help track and block spam in ways that don't offend, or defame the character of, your e-friend.

(Source of information: Yahoo personnel.)

(Can this post have an Amazon link? Of course it can!)