Thanks

The dead give away is always some variation of "Dear Valued Customer"
If you do have an Amazon account they know your name and will address you by it. Same goes for any other people you do business with on line.

I don't have anything in the pipeline right now but my wife might. I was suspicious enough to check this one out, but many will probably just click without realizing it's not the real thing.

Last edited Tue Feb 2, 2016, 06:49 PM - Edit history (1)

Undoubtable an amalgamation of all.

Saw Phish up close (second row) opening for Santana, and Carlos Santana graciously offered them to have the join Santana on-line.

Grew up on the Dead, so Phish isn't quite the same, but I appreciate them trying to continue the legacy, and Carlos Santana for giving them stage time.

"Better yet, if you turn off your browser to automatically show inline images, it'll minimize how you can get tracked. If anything else wants to know more, reply and I'll elaborate, but for now, at least don't click the damn links."

I use Ubuntu and firefox

And I worked for an email firm, where this was a legitimate (but pretty much anyone can use it) technique.

If you DON'T show inline images, it'll just show fonts and text and so forth.

If you DO show inline images, what happens is that usually a little pixel is embedded with a unique identifier that goes back to you (and back to the sending company). Every single email, even if it seems unique, if they're using this technique, can see that that pixel address requested an image (usually a white pixel or something you won't notice) but what you really realize is that it tells that server that that particular pixels was requested.

Since they match the pixel ID to your email (even if it's the same ultimate stupid white pixel for everyone) they know from your unique address that the pixel meant that you must have read the mail if you're asking for that pixel. That confirms the validity of your email address to the bad guys, and they can send more.

Further, in more advanced situations, although probably used with more established companies than just phishers, the pixel link can be set to redirect to another particular pixel in x amount of time, and maybe yet another or two after more time. So, what that tells an advanced email company is that you opened the email (the first pixel), kept it open to read or at least glance at it for another period of time (maybe 20 seconds), and if they make the third redirect they know you're keeping the email open, if only to read it.

What you can do is set your browser to not render inline photos/graphics/pictures. Thus, the pixel will never get rendered, thus never sending feedback that you actually opened the email.

Now, of course, there are images you want to see, maybe kittens from your niece or whatever, and you almost always get a message saying "inline images were blocked - click to see inline images". Do that with people you know, and you'll see what they sent.

For everything else, though it keeps you from being reported as having "seen" (and thus validated) an email from your email address.

Hope this helps.

- Tab

Is what I want to know

Thanks in Advance.

Thanks for the heads up to begin with.

firefox and thunderbird is what I use

but for thunderbird, go to (on the menu bar) Tools | Options | Privacy and the top of Privacy options says "Mail Content". There's a checkbox for "Allow Remote Content in Images". Uncheck that.

Now when you look at an email with remote content (former images will display as squares/outlines, maybe with text alternatives) and there should be a bar at the top of the message that says something like "Remote Content could not be Displayed - Allow Remote Content" or somethimes "Not all images could be displayed - Options" and use those to turn it on for the messages you want to see content from and then you'll get all the kitten pictures in that email your little heart can stand

it's a firm pretending to be Amazon. Amazon itself has always been above board.

This pfishing crap can happen to any company - they don't have any control over what someone in eastern Europe wants to float out. Don't blame them, just make sure when you're talking to someone that says they're Amazon that it really is. I only have praise for Amazon itself.