Internet Efficiency, Privacy, & Avoiding Junk Email

This Web page can be accessed at http://www.minich.com/interneteducation/efficiencyprivacyspam

• Internet Efficiency
  • Reading your work-related email on your home computer or vice versa by using your email incoming server and username.
  • Read your email directly on the web at Mail2Web.com.
  • Using "disposable" email addresses such as mail.yahoo.com or Hotmail.
  • Dealing with pop-up windows. Are you sure that you want to disable pop-up windows?
  • How to organize your favorite places or bookmarks. Use the Favorites/Organize Favorites menu command.
  • Setting various Internet Explorer preferences under the Tools/Internet Options menu command.
  • How to inspect and delete files in the Internet "cache" on your computer. Use the Start/Search/Search for Files or Folders command to search for a folder named "Temporary Internet Files".
  • See my Practical Reasons to Use the Internet page for some more tips on using the Internet efficiently
  • There are few things that you can do to stop pop-up windows from annoying you while surfing the web. This government web page explains a couple of techniques including how to disable the Windows Messenger Service that may be enabled on your computer. You can also install the free and useful Google Toolbar that includes a feature that stops pop-up ads.
    
    
• Privacy on the Internet
  • What can web designers and web sites learn about you when you visit a web site?
  • Should you be concerned with "cookies"?
  • How to tell if an ecommerce web site is secure or not.
  • Should you use your email address on online forms?
  • Always protect your personal information. Only share your credit card, social security number or other personal information when making
    purchases from a company or financial institution that you know and trust.
  • Never send personal information to email requests. You should never be asked for a password, credit card number or social security number from a legitimate source via email. Beware of official-sounding notices that require you to reply with personal information.
  • Verify any transaction. If a Web site address looks different from the name of the organization that you're dealing with or if
    you have doubts about your transaction, look for a phone number on the Web site and call the organization to verify that the Web site is valid. Don't deal with any organization that doesn't clearly state its name, physical address and phone number on its Web site.
  • Do not allow "adware" to be installed on your computer. You can use the free program Adaware to sweep your computer free of spyware.
  • Programs such as McAfee's Privacy Service ($40/yr) or Norton's Privacy Control can be used to help you guard personal information.
  • Check out spywareinfo.com for information and reviews about spyware.
    
    
• Avoiding Junk Email (i.e. Spam)
  • Nearly 40% of all email is unsolicited up from 8% in 2001. Twenty-six states have anti-spam laws and federal legislation is in the works. However, it is difficult to define spam. In addition to unsolicited commercial advertisements, some people consider jokes and chain letters sent to you from your friends to be spam.
  • Nothing will stop ALL junk email
  • How they get your address:
    • from your registration at web sites
    • from newsgroup postings (such as groups.google.com)
    • from chat sessions
    • from spambots that crawl the Internet and find email address links in web pages
    • junk email lists that spammers can purchase
    • from mailing lists that you've subscribed to
    • by randomly trying various username combinations at the domain (i.e. adding "jsmith" to the front of "@aol.com"). This is called a "dictionary attack".
    • by harvesting all the email addresses on your company' server
  • To hide their identities, spammers send spam through unsuspecting third-party mail servers & relay mail through them. You can carefully read see the full header of the message to try to tell who really sent the email. Visit spamcop.net/fom-serve/cache/19.html to learn how to read the message's header in your particular email program. In the message header the Message-ID: line is difficult for a spammer to forge. If the domain name (i.e. the part after the @ symbol) in the From: area is different from the domain name in the Message-ID: area then it is a telltale sign that the sender is trying to remain anonymous. It is also difficult for a spammer to forge the Received: lines as well. Read the lines in the Received: block from the bottom up until you find the first line where the IP address (a 10-12 digit number in square brackets [ ] ) matches the domain server name. To tell whether an IP address "matches" a server name, use geektools.com/cgi-bin/proxy.cgi . The domain name of this first authentic domain server is most responsible for sending the email message. You can also copy and paste the message's full header to spamcop.net/anonsignup.shmtl.
  • Your ISP (e.g. AOL) may have installed filtering software or use blacklists to catch and delete suspected spam before it's delivered to you. However, this sometimes deletes good messages (i.e. false-positives). Hotmail offers three levels of filtering: default (only obvious spam is detected), enhanced (most is detected), and exclusive (you only receive email from predetermined addresses).
  • The dangerous aspect of deleting spam messages manually is "spam fatigue". In the process of quickly deleting 100 spam messages, you may accidentally delete a good message that's mixed in with the spam in your inbox.
    
    
  • What you can do to avoid spam:
    • DO NOT respond to spam, even in an attempt to take yourself off of their junk mail list. When you respond to the spam, it confirms that your email address is valid and will probably guarantee that you'll receive junk email from that spammer forever. If you receive an email after you have replied indicating that you do not want to remain on a mailing list, you can forward that email to uce@ftc.gov.
    • Never buy spam-advertised products! Aside from encouraging the spammers, this also makes more of your personally identifiable
      information-name, address, phone number, credit card numbers, etc.-available to spammers.
    • Do not give out your email address unnecessarily. Do not use your email address in an instant message, a newsgroup post, a bulletin board, or a chat room.
    • If you need to use an address when registering on a web site but you really don't need to receive a reply, then use a fake address such as john@doe.com. Be sure that you don't need to confirm to a verification message from that site though. (If you suspect that a verification will be necessary, use your disposable address.)
    • Don't post your email address on web sites! If you must then you could post it as john @ aol.com with spaces around the @ symbol.
    • Do not accept HTML-based email unless you trust the sender. Some spammers send Web bugs which are emails with image links that connects your email address with your computer's IP address. Also, if you use MS Outlook to read your email, you can disable the viewing of scripts and active content in emails under the Tools/Options/Security/Secure content.
    • Use a free, web-based, "disposable" email addresses for online registerations and such. Set up one or more free email addresses at mail.yahoo.com or hotmail.com. You can abandon this address anytime.
      • mail.yahoo.com - Yahoo detects and labels spam as "Bulk Mail".
      • hotmail.com - owned by Microsoft. Messages pass through the server's Brightmail server software and suspected spam is automatically deleted. Then other junk mail is placed in a Junk Mail folder. However, you can explicitly mark a message as being "not junk mail" if it is falsely marked as spam.
      • Emailias ($20/yr) - easily create disposable addresses with a toolbar button in Internet Explorer. Each disposable address (e.g. one per web site registeration) can be marked to automatically delete after a period of time (e.g. 2 weeks after a purchased product has been shipped to you.)
      • Mailshell ($35/yr) - you create as many disposable email addresses as you like such as whatever@john-doe.mailshell.com. You can read the email in your email program or on the web. Each address can be marked to automatically expire.
      • Spamex ($10/yr) - Allows up to 500 disposable addresses and messages must be less than 500 Kb. Addresses can be custom made or automatically generated and even associated with individual web sites.
      • SpamGourmet (free)
      • Spam Slicer ($20)
      • some colleges offer free, lifetime email to their graduates such as john_doe@alumni.harvard.edu
      • you can register your own domain name at www.doteasy.com and receive 10 email accounts for the $25/year. This allows you to have 10 email addresses and give out an address like junk@myname.com for online registerations but use bill@myname.com for correspondence with friends.
    • Opt out of receiving email when registering at web sites.
    • For the technical-minded person, you can examine the header of an email message to look closely for signs that it is spam. You may need to use a tool such as Sam Spade which can analyze email headers.
    • You can install software on your home computer that deletes or flags suspected spam (just like antivirus software separately guards against virus infected files and email attachments). This software can sometimes be regularly updated to work more efficiently and accurately. The following programs can be installed on your home computer to detect, flag, and/or delete spam. Unfortunately, on average they only catch 75% of spam and occasionally mark a legitimate message (i.e. false-positive) as spam. Most of these programs probably do not work with an AOL email account. Most will probably not work with web-based email like hotmail and yahoo. You can read recent PC magazine reviews of most anti-spam software.
      • SpamAssassin Pro ($30) - low false-positive rate and decent spam detection overall. Works well as a toolbar in MS Outlook. It is convenient with "Allow Recipient" or "Block Recipient" buttons on the toolbar. By default, it moves suspected spam to a folder named Junk Mail.
      • SpamKiller ($40) - This program, sold by McAfee, works independently of your email program (e.g. Outlook). A great spam blocking program that doesn't really on dedicated whitelisting.
      • Junk Spy 2.02 ($20)- analyzes your mail in the incoming mail server before your computer actually downloads it. It works independently of your email program (e.g. Outlook), running as a local POP3 server, and can cause conflicts with antivirus programs on your computer. Large attachments sometimes lock up the program.
      • MailWasher Pro 3 ($29) - sold by Firetrust, takes more time to process mail, deletes messages before they are actually downloaded.
      • Matador 1.0.0.89 ($30) - finds most spam but leads to a relatively high percentage of false-positives. Only works with MS Outlook 2000 and 2002 so far. If it gets a message from a suspicious sender, it sends a message that can only be answered by a human. If that answer isn't replied, the sender is blacklisted.
      • Norton Internet Security 2003 ($70) - In addition to acting as a personal firewall and virus protection, it attempts to stop spam.
      • SpamCatcher 2.1h ($20) - Very few false-positives but allows a lot of spam to get by. It works with MS Outlook 2000 or 2002. Works with web-based, disposable email addresses such as hotmail.
      • IHateSpam ($19) - works with Outlook & Outlook Express. It is rated as a PC World "Best Buy" with 4 out of 5 stars. It works very well with Outlook having blocked 91% of spam and blocked 0 out of 20 false positives in a review by Laptop magazine it
      • SpamBuster
      • SpamCon Foundation
      • Spam Sleuth 2.0 ($29) - sold by Blue Squirrel, in a review by Laptop magazine it blocked 84% of spam and blocked 0 out of 20 false positives.
      • Choice Mail One version 1.5 - sold by DigiPortal, in a review by Laptop magazine it blocked 100% of spam and blocked 0 out of 20 false positives. It only allows messages from people in your address book to get through. It sends everyone else a question which they must answer and reply in order for their original email to get through.
    • Don't send email such as joke lists, urban legends, etc. to groups of your friends. Definitely do not place their email addresses in the To: field but rather use the BCC: (blind carbon copy) field if necessary.
    • Use the mail filter capacities of your current email program. This is different from relying on your ISP to delete spam before it reaches you and this is simpler (though probably weaker) than purchasing one of the programs like SpamKiller above.
    • Use the following sites to find the origin of deceptive email: samspade.org, Visualware's eMailTrackerPro & VisualRoute, NSLookup, Whois, &Traceroute.