For example, I just got this e-mail message:
Molly Angel has shared OneDrive files with you. To view them, click the links or images below.My thoughts went something like this:
OneDrive. Oh, yeah. Google's file sharing stuff that allows you to store thinggs on their servers and say who gets to look at them and download them. (Pushing the security feelings button.)The first thing you should do when you receive a message from someone you don't know is doubt it. Doubt everything about it. Even if it gets through your mail filters, doubt it.
Cool. No, wait. Onedrive is not Google, Google's service is Google Drive.
Look up Onedrive. Onedrive is Microsoft's wannabee service.
And wait a minute. I don't know any Molly Angel. I know a song called "Johnny Angel" that Shelley Fabares made a hit record with. (Pushing the good feelings buttons, there.) But why would a Molly Angel be sharing files with me? (Very likely intending to push the prurient interest button, there.)
Especially if it seems to be trying to push your buttons, doubt it.
Look at the return address. email@example.com? Other than that I do not recognize the address, and the potential button pushing, not a lot of clues there.
Look at the subject. No subject. Unfortunately, a lot of my good friends fail to use the subject line any more. Sometimes I even forget. Not a lot of clues there.
Look at the "To:" line. Ah hah! Lots of addresses in there, several that have my first name in them. I know none of them. Several red flags here:
- Sending to more than one address is convenient, but it exposes potentially private information.
- Especially when it is people you don't know, it's exposing addresses people may not want you to know. Breech of internet courtesy.
- Some of those have names in common with me. (firstname.lastname@example.org, etc.)
There are images in this. You don't allow images to be automatically displayed, do you?
- First, if the images are naked or near-naked images, that's more button pushing. Get you excited enough that you forget your caution.
- Second, if the images are included in the message, sometimes (especially Microsoft's) mail browsers can get fooled into executing bad programs hidden in them -- virus, backdoor, trojan, keylogger, etc.
- Third, if the image is a link to an image on some private server, the image can be monitored and, with clever tricks in the link, tell the sender that you looked at the image. If they were just guessing, they now know they have a live address that someone (you) might look at. And you didn't even click anything. (And then they send you more of this stuff.)
Unless you like to have people send you such things.
Are you that desperate for attention? That is not a good thing. If you are desperate for attention, you are going to do stupid and dangerous things.
Join a club, service organization, or even a church, where you can get face time with real people.
People you know can also do bad things to you, but they are less likely to do so. Getting to know people is an investment that they don't want to casually waste. Making new friends when they have a bad reputation gets hard for them, too.
Moving on, showing the source text for the message reveals more red flags.
The "To:" field actually does have something like fifty addresses in it.
You can see where the spammers are spoofing the dkim, spf, dmarc that are supposed to reassure you that the sender is valid.
(Of course that stuff is easy to spoof. You can write what you want in a header if you control the sending server.)
It also reveals some weaknesses in Microsoft's OneDrive.
The key to remember is that computers are just fancy paper and fancy pens. They person who controls the pen can write pretty much anything. Doubt first. Check.
Don't automatically display images.
Don't click on links unless you know the sender and are expecting him or her to send you a link, and then only if it's the kind of link you're expecting.
Other posts I've put up demonstrating the ways people try to fool you: