At signFrom time to time, I get a phone call from one of my computer support clients asking whether an email they have received is genuine or a scam (eg a phishing email). Quite often, they will forward the message to me for my comments

Checking back on nearly seven years of blog posts, I’m surprised to find that I don’t seem to have covered this issue specifically before, so here’s a list of some of the pointers I look for in deciding whether an email is likely to be genuine or not:

  • The “From” address looks dodgy. If, for instance, you receive an email from “fred@amazon.org” then that’s likely to be fake as the UK domain for Amazon is “amazon.co.uk”. Another common trick is for the domain of the sender to be spelled very, very close to the spelling of a “genune” sender (such as “sales@amazone.co.uk”. Unfortunately, even if the sender’s email address does look correct, it doesn’t need to be as it’s possible for anyone with the right knowledge to “spoof” an email address – ie make it look as if an email has come from an email address other than the actual sender. There’s nothing you can do about a spoofed sender address: just be vigilant.
  • The email includes an attachment. Always be very very careful about opening any attachment that you were not expecting. An attachment can look like anything (eg “Claim Your Prize.pdf”) but, in reality, be something else (eg “nastymalware.exe”). A common way of getting people to open hazardous attachments is to pretend that the attachment contains private information that has been sent to you in error – eg “companypayroll.xlsx”. They are relying on your nosiness to cause you to open something nasty that you think was sent to you in error.
  • The email includes logos, or styles or “house colours” that don’t look quite right in the context of who is supposed to be the sender. A genuine email from a reputable organisation would never get its own logo wrong (eg the shape, or the resolution).
  • Thief

  • The style of the English is stilted or strange, or words are mis-spelt or mis-used. Yes, I know that genuine, national institutions, are far from perfect in their use of English (I’ve seen rogue apostrophes in BBC content!), but I’m talking here of something more blatant. The worse the English, the less likely the email is to be genuine (assuming, that is, that it is purporting to come from a reputable organisation and not an individual).
  • If there appears to be a dire threat either stated or implied, then the email could be suspect. Think about it: if you’ve been spending megabucks with Amazon over the years, they’re hardly likely to want to lose your custom, so an email that threatens “confirm your password now or your account will be closed” would hardly be the best way for Amazon to behave towards a valued client.
  • On the other hand, if an email includes an offer that seems to be too good to be true, then it almost certainly IS too good to be true.

If you have any doubts at all about the bona fides of an email then do not click on any link in that email. Clicking on a link in a suspect email could take you to anywhere in cyberspace that the sender wishes to send you. You could end up downloading malware onto your computer: you could end up on a website that looks genuine but isn’t (where you end up divulging a username and password – or more).

Hooked iPadInstead, contact the supposed sender by phone, or via their website. Access their website in the way that you normally do – not by any link within the suspect email. By the same token, do not ring any phone number quoted in the email. Verify by other means the true phone number of the purported sender. Do not be embarrassed to phone the organisation to check whether the email did come from them. Do not feel that you are wasting their time. If someone is using their reputation to try to con you then they want to hear about it. You look much less daft checking that something is genuine than clearing up the mess if you went ahead regardless and fell into something nasty.

Although I don’t seem to have covered this topic directly before, I’ve come pretty close: there are some links below. I don’t apologise for including the link to my blog post about the “Microsoft Support scam”. People are still getting caught out by unexpected phone calls from scammers pretending to be from Microsoft.

Telephone Scams

Spear Phishing

GameOver, Zeus and Cryptolocker

Is It Safe to Download a File?

Phishing for your information (and money) is becoming more sophisticated

PhishingWe’ve all received phishing emails that pretend they are from trusted sources such as banks. They want us to hand over information that will let them steal money from us. And who among us hasn’t made their fortune by partaking of a Nigerian businessman’s plan to move money from his own country?

When they first started, such email scams were a bit of a joke. The spelling, grammar, and use of English were poor. Over the years they’ve become a lot more realistic, but they all share a big flaw in that they are not personally addressed to the recipient. Anyone asking for personal information or money in an email that begins with “Dear Valued Customer” is a fraud. Just delete it, or, if any doubt remains, phone the person it purports to come from.

But what if you receive an email (asking for money) that you are expecting? Suppose you’ve just spent £5,000 on a conservatory and you get an email with an invoice asking you to pay the money into a specific bank account. This is a perfectly normal way of doing business. I, myself, am being paid more and more often by my computer support clients in exactly this way. The email appears to come from the correct supplier, the recipient’s name and address are correct, and nothing at all appears to be suspicious.

Spear FishingThis is an example of spear phishing. Instead of sending gerzillions of rubbish scam emails to all and sundry (phishing), the bad guy is homing in on a particular individual because he has some information about that individual that may allay that individual’s suspicions about his bona fides.

In this instance, what may have happened is that the supplier’s email has been hacked and the hacker has been watching the correspondence between the supplier and his customers (including you). So, he KNOWS who you are, what you bought, how much, and so on. He just has to jump in at the right time and ask you to pay money into his own bank account.

The above is a very specific form of spear phishing. There are more general kinds whereby someone emails you asking for something confidential from you, posing as a “friend” or a “friend of a friend”. Now, people who know me know how I loathe Facebook and other social media, and their avowed intention to share as much personal information as possible among as many people as possible. This is my chance for a mega-gloat and a smug “told you so”. Remember that thingy you bought on Amazon and Amazon asked you to “like” it on Facebook? You did, and now someone’s emailing you knowing you’ve recently bought it and they could use information such as this to start trying to gain your trust and get you to reveal information they can use to your disadvantage.

Spear PhishingAnother variation of spear phishing is that a bad guy hacks into a database containing customers’ names, email addresses and postal addresses, and then uses that information to convince them (in an email) that their demands for money are genuine even if no credible sale is mentioned. After all, previous rubbish scams asking for money didn’t have any personal information, so could be safely ignored, whereas if someone knows your postal address then they must really know you, right? They needn’t even be expecting you to pay the invoice. The supposed “invoice” attached to the email could be a link that downloads ransomware to your computer and then you really are in trouble.

So, there are lots of ways that the bad guys can lull you into a false sense of security by quoting information that is personal to you in emails that they send you.

I hope that knowing of this increased sophistication of the scammers helps to encourage you to be a little more careful than I am sure you already are when any email sender asks you to part with personal/confidential information or even money.

What do you do (and not do) if an email asking you for information or money arouses your suspicions in any way?

  • Contact the sender, but NOT by replying to the suspicious email.
  • Do not find the sender’s phone number or email address from the suspicious email. Find the contact details from a previous email, your address book, or phone history.
  • Do not open any attachment in the suspicious email.
  • Do not click on any link in the suspicious email.

For a more complete (and authoritative!) exposition, have a look at this article from Norton on Spear Phishing

And for recent examples, have a look at this blog post from Tripwire on spear phishing.

By the way, if you ever suspect that an email message with an invoice sent by me to you is not genuine, then just phone or text me on 07961 387564.

I’ve been looking at ways to make the iPhone’s email program work better for me, and would like to pass on some tips:


IOS Mail IconOnly want to receive new emails when it’s convenient for you?

I don’t like my phone to make a noise telling me there’s new mail, only to find that it’s spam. Also, I think it’s not very good to have a phone pinging away when I’m with a client: there’s always the temptation to be rude and look at the phone (see this earlier blog on the subject of “phubbing”). If you agree with me, then you can change your settings so that you only receive email when you want it:

  • Go to Settings
  • Mail, Contacts, Calendars
  • Fetch New Data
  • Tap on each email account in turn and tap on “Manual”
  • Scroll down to the heading “Fetch” and tap against “manually”

Now, when you open your email app and tap on the inbox (or “All Inboxes”), your iphone will fetch your email for you. It will stay calm and quiet when you are doing other things.

IOS Mail Inbox

You can see twice as many items in the inbox by turning the number of lines to “none”.


Want to see more inbox items per screen?

When you go to your email inbox(es), the app shows who a message is from, the subject, and two lines of the body of the email. This means that you can only see a few messages per screen. You can see more if you change the setting so that only the sender and subject are displayed:

  • Go to Settings
  • Mail, Contacts, Calendars
  • Scroll down to the “Mail” section and tap on “Preview”
  • Tap against “none”


Jump straight to “Drafts”

If you tend to write emails a bit at a time, such as when you’ve got a few tube stops to travel, you will probably often wish to go to email drafts. This is easily achieved with a long press on the icon for creating a new email. Instead of starting to create a new email, a long press takes you straight to Drafts.


Reply to a specific part of an email

If you wish to send an email reply, but are only addressing one part of the incoming email, it is easy to quote just that part in your reply:

  • Highlight the text you wish to quote in your reply
  • Press the “reply” button in the usual way

You will see that only the quoted part of the original email is included below your reply.

IOS Settings

There are loads of tweakables in “Settings”, “Mail, Contacts, Calendars”


Change your email signature

If you would like a more personalised signature at the bottom of your emails than “Sent from my iPhone”, here is how it is done:

  • Go to Settings
  • Mail, Contacts, Calendars
  • Scroll down and tap on “Signatures”
  • Choose whether to use one signature for all your email accounts or vary it by account
  • Replace the default text with your own signature(s)

When I first started using an iPhone, I was quick to replace the original email signature as I didn’t want to give Apple free advertising on the bottom of my emails. I later re-instated the default as it does indicate that the email came from a smartphone and might, therefore, be expected to be shorter than my normal longer, more considered message, would have been.


Always send a BCC to yourself

A “BCC” is a “blind carbon copy”. This means sending a copy (“carbon copy”) without the message’s recipient knowing you are doing it (“blind”). This is useful if your email account is a “POP” account as you wouldn’t otherwise have a copy of the message you sent from your iPhone in any other place (eg the email program on your main computer). It’s then easy enough to move that copy from the inbox of your “main” computer to the “sent” folder just as if you had sent it from there in the first place. To do this:

  • Go to Settings
  • Mail, Contacts, Calendars
  • Scroll down and slide the switch to the right that is next to “Always Bcc Myself”

Has your email inbox become intimidating?

Lion TamerFor a lot of people (myself included), email is not just a means of communication: it is a central part of the administration of their work. As such, it needs to be efficient and organised. This can be difficult when there are hundreds, or even thousands, of messages flying about in both directions. My own computer support clients have often complained of bulging inboxes.

If you use an email “client” (as opposed to dealing with your email using your browser and connecting to webmail), then you may have the option of defining “rules” that tell your email client (email program) what to do in different circumstances.

Please don’t get carried away with this thought: rules can’t do most of your work for you. Moreover, as is the case with many aspects of computing, it is often difficult to judge how much time it is worth spending on a task in order to save time in the long run by being more efficient.

Nevertheless, I would like to give some idea of what rules can do. I am thinking of rules in Microsoft Outlook because that’s what I use every day, but rules are also available in Windows Live Mail and also in Mac Mail, and by using filters in Thunderbird.

Example – Incoming emails from clients

I file almost all emails from clients in folders for each separate client. Even though I clean this up occasionally to remove non-active clients, I still have almost 200 folders to choose between for any incoming email. To make this filing task a lot easier, I create a rule for each new client. The rule does just two things:

  • Assigns a “category” to that email (I have called the category “filed”)
  • Sends a copy of the incoming email to that client’s folder

Outlook Inbox

It is easy to spot the emails that have already been filed

The second step is achieved by telling the rule which sender (email address) it is on the lookout for, and which folder to send the copy to depending on that sender’s email address.

Since I can see the category of each email in the list of emails in my inbox, I can tell at a glance which inbox items I can just delete as soon as I’ve dealt with them (since I know they have been “filed”).

It’s possible to get a bit too clever with rules

I used to have some rules that immediately moved (as opposed to copied) emails that I didn’t really need to see, but which need to be filed. Some examples of such rules include monthly emails with pdf invoices attached and which I know I don’t need to see. Another example is the regular email that comes from my web domain, containing an attachment of a weekly backup of my website.

Sorting Office

Let your email program sort and file for you

The problem with doing this is that I would sometimes hear the “ding” of an incoming email but wouldn’t be able to see it in the inbox. Yes, I know I can take it for granted that if it has been moved from my inbox by one of my rules then it will be safely filed. However, I prefer to know what’s going on so, in practice, I now copy (rather than move) such emails and leave a copy in the inbox. It’s then simple enough to either glance at the contents and then delete the inbox copy, or just say to myself “ok, the such-and-such bill is in” and delete the inbox copy without opening it.

Refinements to the rules include the ability to make a specific sound when an email fitting the rule arrives. I used to have a rule that made a sound like a cuckoo whenever I received an email from a certain person. I won’t elaborate on the significance of that choice of sound file.

Another rule that I use assigns a high importance to any incoming email that arises from a contact form being submitted on my website. In Outlook, email with “high importance” is highlighted by an accompanying red exclamation mark.

There are many possibilities and variations. It is true that creating rules takes a little bit of getting used to, but I’m sure it’s something I could help with by offering remote control tutorials using Teamviewer. The difficulty, as mentioned above, is that it’s so hard to make a sane decision – AND THEN ACT ON IT – to spend a few minutes creating rules in order to save more time in the long run.

But let us do a quick calculation:
if you spend just two minutes a day filing incoming emails, that amounts to a whole day every year. Wouldn’t it make sense to spend an hour or so getting to grips with creating rules and then, maybe, a couple of minutes per week adding new rules, refining old ones etc?

In case you can’t believe these figures: 2 minutes per day for five days a week for 46 weeks per year = 460 minutes = nearly seven hours a year.

Suppose you saved all that time but spent half of it creating and refining rules. It’s a bit like giving yourself an extra half a day in every year. It may not be much, but it’s better than a poke in the eye with a sharp stick.

Oh, and it also makes that bulging inbox far less intimidating. It can be very therapeutic skimming down the list and deleting stuff that’s already filed and that you no longer need in the inbox.

Have you noticed an increase in foreign spam recently?

Microsoft Outlook 2013 logoDuring the last month or two I have become aware of a huge increase in the amount of spam getting into my inbox from abroad. Not only is a lot of it not in English, but a lot of it even uses different character sets (such as Chinese characters).

To begin with, I kept asking myself why someone in China would want to spam me in a way that couldn’t possibly benefit them, but then I worked out that it’s probably just the same economics that make any type of spamming worth doing. What it boils down to is that the variable cost of sending a single spam email is almost zero. So much of this is so automated to set up (and virtually costless to distribute) that the only measurable cost of sending spam to 1000 email addresses is the cost of acquiring the addresses. Does it really matter if the response rate is measured in fractions of one percent if the cost of achieving that response rate is even closer to nothing?

Anyway, analysing the economics doesn’t stop the rubbish from pouring in. What can you do about it? Well, if you use what is probably the best email program out there – Microsoft Outlook – then you can block a lot of it from reaching your inbox. Actually, that’s not strictly true. The wording in the Outlook program suggests that you are “blocking” email from reaching you, but in fact it is still being delivered – it just gets automatically diverted away from your inbox and into your Junk folder.

Outlook 2013 Junk Mail Option

Click on the area circled in red to get to the Junk Mail Options menu

This won’t help at all if you don’t use Outlook and it won’t help if you collect your email on several devices – most of them not employing Outlook. Nevertheless, it seems that a lot of people work like me and have one computer, running Outlook, that is the “main hub” of their email activity, so keeping this one email “centre” clean of foreign spam might be worth a few minutes of effort.

So, how do we filter foreign email in Outlook? The example here uses Outlook 2013 but I don’t suppose the earlier versions are very different:

  • Go to the Home tab and click on the icon of the head and shoulders in the Delete group
  • Left-click on the last item in the menu that pops up (Junk Email Options)
  • Left-click on the International tab at the top of the window that has just opened

Blocked Top-Level Domain List

Outlook 2013 Blocked Top-Level Domain ListClicking on this option allows you to block all email that comes from an address that ends in the country code of the place you wish to block. So, for instance, if the sender’s email address is fred@mydomain.af and you have blocked email from Afghanistan’s top-level domain then Fred’s email will be blocked. Note that Fred’s email would not be blocked if his address didn’t end in “.af”, so mail from fred@spamsarus.com would get through even if the email originated in Afghanistan.

It takes a minute or two to work through the list, so it might be quicker to click on the “select all” button and then individually un-select the ones you don’t wish to block.

I’ve done a bit of research to see if adding an email address to your “safe senders” list would take precedence over blocking an entire country’s top-level domain. I couldn’t find a definitive answer so you would need to test it if you wanted, for instance, just one individual email address in India to get through to you.

Blocked Encoding List

Outlook 2013 Blocked Encodings ListThis option doesn’t block email addresses from specific countries, or even block email written in different languages. What it does do, however, is block email written in specific “character sets”. For example, there are two sets of Chinese letters (Traditional and Simplified) that you can block. As another example, you can also block all email written in the Syrillic script.

It would be easy to argue that these filters could be made more sophsiticated, but they are definitely better than nothing. In my own case, I think that the ten minutes I spent setting them up will be more than repaid by not needing to manually delete this foreign spam – especially if the current trend for increasing foreign spam continues.

Small iPhone niggle solved!

Down The PlugholeFollowing on from last week’s blog about blocking unwanted phone calls, I have finally had a look at a problem with iPads and iPhones when attempting to delete emails from the inbox.

When I open my iPhone Mail app I like to be able to see the option to view all emails that have come in today. Clicking on the “Today” option will reveal a pile of emails coming into all my accounts – including real, urgent, dealt-with, spam, unwanted etc. It can be quite therapeutic (as well as “administratively sound”) to go through these, deleting all of those that don’t need my attention. Like most people, I only use my phone and tablet to keep abreast of new stuff and to deal with anything that needs dealing with immediately. Therefore, I’m not at all interested in long-term storage or filing of emails on these devices. I either need to keep them in the inbox for now or they can be deleted.

Unable to Move Message

Look familiar? Read on…

So, here comes the irritating problem. You ought to be able to delete an email by sliding the message leftwards. The message will be replaced by a red bar and the word “delete”. Remove your finger from the screen (at the end of the leftward swipe motion) and the message should be despatched to data heaven. Quite often, though, it doesn’t. Instead, a message pops up declaring “Unable to Move Message. The message could not be moved to the mailbox Trash”.

This is one of those small computer niggles that’s just important enough to create a scintilla of annoyance, but not important enough to bother investigating. Well, this time I thought “no more, I’m going to get to the bottom of this one”.

I have found that the problem happens when you connect to an email account on your IOS device (iPhone or iPad) via the IMAP method and the account settings on the device need a slight tweak to tell the app where your incoming message are kept. The solution (for an iPhone running IOS version 8.1.3) is as follows:

  • Go to “Settings”
  • Scroll down to “Mail, Contacts, Calendars” and tap on it
  • Tap on the account that is displaying the behaviour you wish to change
  • Under the heading “IMAP”, tap on the account name
  • Scroll down to the bottom of the screen and tap on “Advanced”
  • Scroll down until you see the item called “IMAP path prefix”
  • Tap on the item and replace the contents (“probably a “/”) with the word “INPUT” (in capitals, no quotation marks)
  • Tap on “< Account" at the top lefthand corner of the screen
  • Tap on “done” and close the “settings” app in the normal way.

Do be aware that, since this is an IMAP connection, deleting any messages from your iphone/iPad will also cause the message to be deleted from the server.

iPhone Mail Preferences

Tap on a circle to select or unselect that option (you would need to scroll down to see the “Today” option)

I started this blog by saying that I like to open the “Today” screen in my emails – showing all emails that have come in to all accounts today. You can choose which items are displayed when you open the Mail app by opening the Mail App and then tapping on the “Edit” option at the top righthand corner of the screen. Then just tap on any “empty” circle to replace it with a tick. That item will then be displayed when you open the Mail app. As you would expect, this is a “toggle” switch, so tapping on it again will change its state back again (ie ticked to not ticked and vice versa). Tap on the “Done” option at the top right when you have finished changing selections.

For the most part, I like to avoid computer jargon but it’s probably worth knowing what a “toggle switch” is since there are lots of them in computer software. A toggle switch (in computer terms) is just a switch that can be in one of two or even three or more positions and changing between the positions is achieved by operating the same switch in the same way so that you “cycle” through the available settings and stop when you’ve reached the setting you want. In other words, it’s not analogous to a light switch that you flick down for “on” and up for “off” but it is analagous to a light switch on a cord where you pull the cord down in the same manner whether you are going from on to off or off to on.

As a Computer Consultant discussing client’s systems, programs and computing choices, it often strikes me that Microsoft have created a lot of confusion by using the word “Outlook” in the names of three different email products. This confusion is particularly marked, of course, if I’m providing telephone support on one of the “Outlooks” but the client is talking about one product and I’m thinking of another. There’s no point in my asking “which Outlook are you using?” because it would be unreasonable to expect the client to know of all these different animals and to know which one of the three they are using. So, I usually have to ask things like “what does it say on the icon you click to get your email”. Thank goodness for remote control support where I can see what the client can see.

So, let’s just see if we can clarify the situation:

Outlook Express

Outlook Express 6 logoThis was the free email program that formed part of the Windows package right up to, and including, Windows XP. It developed into different versions right up to version 6.

Outlook Express was a program installed on the user’s computer. It provided the functionality to send and receive emails and to store them on the user’s computer. It also had a “newsreader” but I’m not bothered about that as I don’t think I ever came across anyone using it. Email programs (also called email “clients”) need to be set up with the information relating to the user’s email account (such as the names of the email servers, username and password, what type of security there is, and so forth).

Outlook Express was succeeded in 2005 by Windows Mail. Windows Mail came as part of the Windows Vista program. Windows Mail was then superceded by Windows Live Mail. So, for anyone who used Outlook Express in years gone by, the natural successor is now Windows Live Mail. A difference between the two is that the user has to download the Windows Live Mail program (it’s part of the free suite of programs called Windows Essentials). This difference is not caused by technical considerations, but is a result of Microsoft being hauled before the European monopolies authorities. Microsoft had to agree to supply its email program separate from Windows as the bureaucrats decreed that Microsoft had an unfair advantage over other email programs if they installed their own program automatically with Windows. Has it made any difference? I doubt it. It’s very rare, indeed, that I come across anyone using a rival product such as Thunderbird.

Outlook

Microsoft Outlook 2013 logo

Outlook 2013 logo.

Like Outlook Express, Outlook is an email program (aka a “an email client”). However, it is not a free product either as part of a version of Windows or as a separate download. It is a paid-for program that is more robust and much better featured than Windows Live Mail. It comes as part of the Microsoft Office Small Business suite of programs or on its own. Microsoft Outlook costs about £110 when bought on its own.

I don’t think I’m sticking my neck out too far if I suggest that Outlook is the most popular email program for organisations. If you are thinking of buying it, it costs the same to buy on its own as the difference in price between the Office Small Business package and the Office Home and Student package. Click this link for a comparison of Microsoft Office products.

Outlook.com

Outlook.com logoThen the marketing bods at Microsoft seem to have had a collective brainstorm. They announced a web-based email facility that they chose to call Outlook.com. I have no idea why they chose to call a product after a website and I have no idea why they chose to confuse everybody by using the term “Outlook” again, meaning something completely different this time. See this link for more information on Outlook.com.

So, Outlook.com works like a Gmail, Hotmail, or Yahoo account in that you access it via a web browser. All you need to know to access your email is your username and password. Accessing email this way has the advantages that you can access your email from any computer and your data is stored on the server so you don’t need to back it up. The main disadvantages of web-based email are that it can be slower to access, and the functionality of the program is usually simpler than with an email client. To use the vernacular, web-based email is a bit clunky.

So, there you have it, three different approaches to email, all using the same name.

I’d love to be a fly on the wall of a Microsoft marketing meeting…. on second thoughts, maybe I wouldn’t.

What do POP and IMAP mean?

The @ sign and a question mark mergedThese are both methods or “protocols” used by email programs (also called “email clients”) so that the email program and the mail server (the computer that deals with your email) can understand each other and deliver your email. “POP” stands for “Post Office Protocol” and “IMAP” stands for “Internet Message Access Protocol”.

These protocols are only concerned with INCOMING email and they are only relevant if you deal with your email by using a program on your own computer or device. In other words, email protocols are not relevant if you connect to your mail server by logging onto a website (this is known as webmail). Some of the most popular email clients are:

  • Outlook
  • Windows Live Mail
  • Apple Mac Mail
  • Thunderbird
  • Outlook Express used to be a very widespread email client. It is no longer available, having been replaced by Windows mail and then Windows Live Mail

What is the difference between POP and IMAP?

With POP email (or, more likely, its latest incarnation – POP3) your email is downloaded from the mail server onto your own computer. After that, it may remain on the server or it may be deleted from the server either immediately or at some later time – eg one week or one month later.

With IMAP email, your email is stored on the mail server. It remains on the server until/unless you delete it.

What are the implications of the difference?

Harry Hill mouthing "fight" under a headline of "POP vs IMAP"With IMAP you can create email folders and sub-folders on the mail server itself. You can not do this with POP email. The folders and sub-folders you create with POP are on your own computer and only on that computer. So, if you check your email from lots of different places (eg a laptop at home and a smartphone and tablet when on the move) you can not see all of your folders if you use POP unless you manually replicate the folder structure on all your computers and devices. Moreover, you will need to do your filing into folders on each computer and device separately. With IMAP, on the other hand, the folder structure is created once on the server and then every device that you connect sees the same structure.

Another major difference is that when using POP email your “sent” email is not available on the server. The sent mail is stored on the computer or device that sent it. This has the drawback that you can not see on one computer the email that you sent from another computer. The way around this is to send a blind copy (a BCC) to yourself. This will arrive in the inbox of all your computers and devices. You can then move it to the “sent” folder on that device. This can be time-consuming and tedious.

If IMAP always shows all email in the same way to all computers and devices, why would you use POP instead?

POP vs IMAP - clipartThe main drawbacks of IMAP are speed and data file sizes Every time you open your email, the program has to synchronise the headers that you see at your end with the reality of what’s on the server. This can take time. Also, if you always file email rather than deleting it then your online store of emails is getting bigger all the time. It’s possible that your email provider only provides you with a specific amount of storage space. You could reach the limit. So, over time IMAP can become unwieldy.

There is also the aspect that I think of as “perceived control”. A lot of people are unwilling to trust that data stored “in the cloud” will always be available to them. They feel more secure knowing that all their data is stored on their own computer. For such people, POP email feels more safe.

Another factor that might sway the choice towards POP is that most people typically have one computer that they think of as containing everything and being their “main computer” or “mission control”. These people wouldn’t be expecting to see, or need, all their “sent” email on their smartphone, for instance. The mobile devices are more useful for just staying on top of what is coming in – not for storage. If an important message does need to be sent from a mobile device then a blind copy can always be sent to oneself for subsequent filing on the “main” computer.

Can I choose which to use?

It’s just possible that your email provider will not be able to provide IMAP. In that case, it’s POP or nothing. In reality, most email servers now offer a connection by either protocol.

PS: apologies for the rather odd email sent in my name in the middle of last week. This must have been triggered when I was trying to change my newsletter details to reflect the new “.london” domain name.

Do you use Gmail in your browser?

Gmail LogoI’ve said previously that I don’t think it’s worth learning loads of shortcut keys. This is for two reasons:

  • Unless you use them all the time it’s very easy to forget them
  • Different shortcut key combinations do different things in different programs, so it’s very easy to get confused

However, if you only use a few different programs (eg a web browser, an email program, a picture viewer, and a word processing program) then it may be worth latching on to a few important shortcuts that might become second nature if you use them often enough. If you become familiar with important keyboard shortcuts, then your typing will become more efficient as it is quicker to type a shortcut than it is to grab the mouse and click on a command that might be available on-screen. With that in mind, I’ve been looking at the shortcuts that are available in Gmail’s webmail program.

Some of these are always available and are the same as in Microsoft Word and other programs. These include:

Ctrl + b to turn on bold type.
Ctrl + i to turn on italicised type.
Ctrl + u to underline text
Ctrl + shift + 7 to create a numbered list
Ctrl + shift + 8 to create a list of bullet points

Mac Funny Symbol

On a Mac, look for this button instead of Ctrl

In all the above, type the command to turn the feature on, type the content that will be formatted, and type the command again to turn the format feature off. This is what you do if you wish to turn the feature on and off again as you are typing. An alternative to this is to write the text first, so that you’ve got all the wording down (“on paper”, as it were) and then go back over the text, formatting where necessary. In this case, highlight the piece of text that you wish to format (by depressing the left-click button on the mouse or trackpad and then dragging the mouse over the text to be formatted) and then execute the command (eg Ctrl + b). The command will then be applied to the highlighted text.

Note that if you ever see a shortcut written as (for example) Ctrl + u, this means depress the Ctrl key and keep it depressed while you tap the other key. Note also that if you are using a Mac then it is not the Ctrl key that you use, but the key marked with the funny icon on it (see illustration).

There are other shortcut keys in Gmail’s web interface that are only available if you turn them on. These include:

c = compose a new message
/ = place the cursor in the search box ready to type in a search term
u = close the message and go back to the message list
r = reply to the message
a = reply to all the message recipients
f = forward the message to someone else
# = delete the message
v = move the message to a different label (or “folder”, if that description makes more sense to you)
shift + i = mark the selected message(s) as read
shift + u = mark the selected message(s) as unread

Obviously, the above commands don’t work if you are currently creating a message, as a letter “c” or a “/” or a “u”, etcetera, would just be added to the message you are creating.

You don’t have to turn these shortcuts on individually. To turn them all on:

Gmail Shortcuts Settings

Turn keyboard shortcuts on

  • Click on the “settings” cogwheel near the top right of the Gmail window
  • Click on the “settings” command in the menu that pops up
  • Make sure you are on the “General” tab
  • Go down to the “keyboard shortcuts” option and click the button next to “keyboard shortcuts on”
  • Scroll down the page until you see the “save changes” button and click it.

Click on this link for a more comprehensive list of Gmail shortcuts

Ever had email messages bounce back to you when you didn’t sent them in the first place?

Spoofing - pretending to be someone elseFrom time to time you may receive emails that appear to be notifications that an email you have sent could not be delivered. You may quite possibly receive several of these in a short space of time. This is a rather puzzling and disturbing phenomenon. Your first reaction is, quite possibly, to think that your email has been hacked and that someone is sending messages from your account. It is definitely worth changing your email password just to make sure that the account is still secure. If you can’t get into it because the password has been changed then you are in a spot of bother and you will need to contact your email provider (Gmail, or Hotmail, for instance, or your own internet provider if you use their mail servers).

Another possibility, though, is that your account is still intact and that what has happened is that someone is sending out emails from somewhere else and pretending that they came from you by changing the “from” details in the header of the email. This is called “spoofing”. They have “spoofed” your email address.

How can this happen? It could be that someone that you know has had their email hacked. Your email address has been stolen from that person’s email. The hacker then sends out emails to the email addresses found in the account, spoofing the sender’s name by taking one of the addresses found in the account (in this case, yours).

If the hacker steals, say, 50 addresses, and sends out emails to all of them then 10 may bounce. Those bounces will come to you and you will wonder what’s happening. The phenomenon of receiving bounces in this way is known as “backscatter“. So, “backscatter” is a by-product of someone “spoofing” your email address.

This is not the only way that it can occur. You will send your email address to many people over time. If you’ve created an account on a website, for instance, and given your email address (possibly as the username for that website) then your email address can be stolen if that website is hacked.

What can you do about it? There’s no way that you can actually prevent it from happening. After all, you don’t have any control over the many individuals and organisations that have your email address – legitimately or otherwise.

No SpamThere are some things you can do, however, to mitigate the problem. To begin with, register a “disposable” email account with someone (Gmail or Hotmail, for instance) and use that email address for unimportant logins that you could afford to lose. Then, if that account starts getting overwhelmed with backscatter (or, indeed, other forms of spam), you can just stop using it.

If you have your own website, it is a good idea to publish a contact email address on the website that is disposable. The email address I publish on my website is only used on the website. If I start getting inundated with spam to that address (including backscatter), I’ll simply change it for another one and not check for email addressed to the older one any more.

Abine - Masking Email AddressAnother thing you can do is to use the services of a site such as DoNotTrackMe. Using the email aspect of that service you can use a unique, disposable, email address when signing up for an online account. Email to that address is forwarded to you and the sender never knows your real address. If you start getting spammed or get backscatter you simply stop the emails to that address from being forwarded to your real address. I’ve been testing this for a month or two and it seems to work. I must confess, though, that I feel a bit queasy about it as I’m depending on the service provider always being there and continuing to forward masked email to my real address.

In practice – although I can’t understand why this should be the case – it seems to be usual for backscatter to happen only occasionally. You would think that the problem would get worse and worse as the bad guys keep re-using your email address, but it doesn’t seem to happen that way.

It could be that just understanding what is happening when you get backscatter will be enough for you to accept the minimal nuisance of it happening to you, without getting too paranoid about your cyberlife. In other words, just doing nothing except deleting backscatter as it arrives may be the best policy.

© 2011-2017 David Leonard
Computer Support in London
Privacy Policy Suffusion theme by Sayontan Sinha