Intro
| Welcome to the magical world of email. I have been using email since around 1984, so that’s a long time getting on for 40 years. Ten years is a long time. | My personal solution to email is to use Instant Messaging (IM) instead, because it is one-to-one, but this page is limited to email matters. I will write another page about IM. |
Spammers - who are they?
| Did you know that something like 70% of email is unsolicited bulk messages? In other words “spam”. I gather also that say 80% of it is generated by less than a dozen sources. Whatever the exact numbers it seems to me we are each using what amounts to an advertising system as a means of sending private messages to each other. | So how to receive only the 30% and not the 70%? It is a continuing day to day battle between the spammers and the anti-spam service providers e.g. Spamhaus and many others including “Tools” from the likes of MxToolbox and serverside applications such as Immunify360. |
Authorised spam?
| Then we have “grey mail” which is email we have solicited and over time can become as much of a problem as spam, because the senders in the end send us too much. |
I am finding that the “unsubscribe” links in my greymail do tend to be simple and effective. A few offer a list of choices and another few try to avoid bing unsubscribed by asking for the email address to be removed. However, generally these work, except for the few who are indeed out and out spammers. |
The law is doing its best
| GDPR is a brave attempt at controlling all sorts, but given the nature of the web it is only respected by the well behaved senders. The less well behaved (i.e. paying lip service) abuse the process by: requiring international phone calls to “unsubscribe/cancel” or having unexpected “notice” periods, or automatic payment renewals taken without warning a year later, requiring complicated information in order to get off a mailing list (instead of simply “unsubscribe” from the related link in the email). It can be surprising who these “less well behaved” turn out to be. Mostly it seems to be an attempt either to get paid for another year by an unwilling buyer or unwilling recipient. Follow the money. | I think it is great that the law-makers are attempting to address this worldwide problem. Sadly as with any law it is only the law abiding who comply while the ne’er-do-wells take no notice while making every effort to give an appearance of compliance so that their non-compliance is obscrured until one tries to stop them by unsubscribing. |
70% is p o r n, but not what you think
| Speaking of another aspect, apparently the security services sought to examine image content of private emails being sent in the belief they were illegal types of p o r n (most unpleasant) . Guess what? It turned out that it was nearly all consenting couples exchanging pics of each other typically when separated by distance. Then we have the “dark web” which while I know it exists I know nothing much about it. I suppose one could view it as an extreme method of keeping one’s private matters private, but it is largely seen as the realm of crooks and ne’re-do-wells. | I guess this is actually not an area that is a problem, though I would recommend innocent senders use encryption so as to prevent their private images being stolen for nefarious use. |
Hack attack results on the dark web.
| For example I gather the dark web is where vast lists of private information such as usernames and passwords are offered for sale after successful hack attacks of major systems. Check https://haveibeenpwned.com/. Consider this: every organisation is going to be hacked and their private data stolen. What that means is that YOUR info is going to be acquired (so this is “when” not “if” and probably already) and shared (sold) for criminal purposes such as stealing your identity and your money (emptyng your bank accounts and credit cards). I will offer a defence against this (using only unique login credentials, i.e. always use unique email addresses and unique passwords.) |
The “classic” (i.e. well known) method of use of stolen credentials such as login email addresses and usernames with associated passwords is to use them to attempt access to hundreds of other internet access points for banks, credit cards, payment systems and other web sites, not least Ebay. The excellent Have I been Pwned service will inform you if and how many times and from which sites your details are known to have been stolen. Bear in mind this is likely to be far more than just credentials and can include passport and driving licence copies and other personal identifying information useful for identity theft. USE UNIQUE LOGIN CREDENTIALS everywhere. |
An inside job?
| We have had various “whistleblower” publications of enormous amounts of banking and private data. For example the “Panama papers”, the “Credit Suisse leak”, and several others. These are/were not hacks, but insiders (i.e. employees) publishing private data because they view activity by their employers and their customers/clients as wrongful. Indeed it may be so, but one wonders how innocent customers (and there are many) are protected in such blunderbus type disclosures to the media. Guilty until proven innocent springs to mind: I am not sure where that line is. |
Thankfully while interesting this is not something us small businesses have to worry about since we tend not to have any employees. Of course matrimonial fallouts can be egregious and are famous for this, given the complainant spouse usually has every internal piece of confidential information in detail. Regardless of that my suggested test of activities is to establish the reasons parliament wanted to encourage behaviours by means of encouragement through law enactments. Most recently the highly beneficial (pun intended) arrangements for 100% electric cars. |