El dic 1, 2018, a las 12:37 PM, Ryan Cunningham <storybox703(a)yahoo.com&gt; escribió: CORRECTION: You should instead file the complaint with the Internet Crime Complaint Center (IC3) at ic3.gov.

On 12/1/18 12:51 PM, home user via users wrote: If you're not expecting this message, I expect that it's going to be some kind of scam message. However, as for safety, if I'm curious, I will take the hostname of the url and use Firefox private mode to check it. In this case, "https://encrypt.barracudanetworks.com". It appears to be a messaging system, so I assume that the site is "ok". Try loading the url, again in private mode and see what happens. It is extremely unlikely that going to a website using Firefox on Fedora is going to harm your system. Just of course be wary of entering information unless you're very sure of the site you're on. I've never found "anti-virus" to have any use on a Linux system other than a way to use up CPU time. I've personally never used it or installed it on any systems I have setup for other people and there have never been any issues in the more than 20 years I've been doing this. People that I know have tried using it have generally disabled it because it's annoying and a CPU hog. It has the same effect on Windows systems, but there it appears to be useful.

home user via users writes: How did you determine that this is the destination URL? That's what you see, in the HTML-formatted E-mail? I'll be happy to send you an HTML message with a link whose destination URL seems to be https://www.whitehouse.gov, but once clicked you'll wind up on https://pornhub.com Would you like to conduct this harmless experiment? Well, if you were running MS-Windows it would definitely be not safe.

On Sun, 2018-12-02 at 11:05 +0800, Ed Greshko wrote: AFAIK most MUAs do that (at least those I've seen), as well as most browsers. poc

On Sun, 2018-12-02 at 12:59 -0500, Howard Howell wrote: I'm now on F29 (Evolution 3.20.3) and it definitely does do that. AFAIK it has done so for the last several years, but of course I can't be sure without rolling it back. poc

On Tue, 2018-12-04 at 00:29 +1030, Tim via users wrote: I'd forgotten that could even be turned off :-) poc

On Mon, 2018-12-03 at 10:59 -0800, Howard Howell wrote: I'm seeing five options: - Show Menu Bar - Show Tool Bar - Show Status Bar - Show Side Bar F9 - Show To Do Bar poc

On Tue, 2018-12-04 at 10:11 -0800, Howard Howell wrote: If you still have problems you might want to ask on the Evolution mailing list. See: https://mail.gnome.org/mailman/listinfo/evolution-list poc

On Wed, 2018-12-05 at 15:20 +1030, Tim wrote: Thanks for the reply Tim, unchecked, rechecked, still no hover function on links. Don't worry about it. I'll check out using another user later. Regards, Lesh

On 12/1/18 3:51 PM, home user via users wrote: If you're using Thunderbird, then a simple control-U works wonders. It shows the email "source code" unmasking any HTML hiding the link. This is only useful if you can read/understand HTML. -- Kevin J. Cummings cummings(a)kjchome.homeip.net cummings(a)kjc386.framingham.ma.us kjchome(a)icloud.com Registered Linux User #1232 (http://www.linuxcounter.net/)

Howard: Thank Kevin, not me. Kevin (and everyone else), View -> Message Source and More -> View Source do the same thing as Control-U. Unfortunately, what I get (after the header) is three blocks of seemingly random characters, not html. Changing the View -> Text Encoding setting at the top of the window created to display the message source makes no difference. Bill.

copy link and paste this link to Tor browser(if possible otherwise any browser in private window) and make sure link end with barracuda.com and there is a green lock on your browser address bar. -------- Original Message -------- On 2 Dec 2018, 1:53 AM, home user via users wrote:

On 01Dec2018 13:23, home user <mattison.computer(a)yahoo.com&gt; wrote: 1: You've never heard of them. This is usually an indication that it is bogus. 2: Look at your message headers. Is the To: address to your real email address, with your full and correct name? If not, also suspicious. 3: _Mouse over_ the link. Is it the same domain as the From:? If not, sus again. 4: Are you expecting an encrypted message from someone you've never heard of? I've never received one, and if I did I would expect it to be encrypted _to me_ i.e. GPG encrypted with _my_ public key. The key take here is that to retrieve it I don't have to go anywhere: I have the message in the email and I have my personal private key to hand. You can't "go to a web site" to fetch an encrypted message, because said site doesn't have any of _your_ private information. However, you can bet that such a site will _ask_ for your personal imformation: that is usually the point, to get information that can then be used for fraud or identity theft. 5: Look at the headers, particularly the Received: headers. How did this message reach you? Note that any of these may be forged, but those for you and/or your immediate ISP will be real, and will show the immediate source. 6: Look at the spelling/grammar. Is it at all dodgy? If so, almost always sus. Corporate communications, especially automated ones, are usually well prepared before getting to run. 7: Is there a good rationale for viewing this message? Just "you have a message" doesn't reach that bar for me. 8: You can fetch the target page with curl or wget. Example: wget -S -O - 'paste URL here between single quotes' Depending on your knowledge, this may be revealing or not. Phishing sites are usually set up to closely resemble the organisation they are pretending to be. But there are often signs of forgery. I had a look at "whois encrypt.barracudanetworks.com". No record. barracuda.com at least has a whois record. This isn't very definitive. Myself, I would not trust this. I've received quite a few resembling what you describe. Cheers, Cameron Simpson <cs(a)cskk.id.au&gt;

I pasted the link into the Tor Browser. The only info I had to give was to set a password. Sometime last month, I used the web site for the Colorado consumer complaints office to ask where/how to file a federal complaint about national-brand canned food products sold in supermarkets being significantly underweight. I could not find an appropriate federal web site for this. The "encrypted" message was their reply. I wish companies and government agencies would quit putting links into messages. It's very difficult to know when it's legitimate and when it's a spoof or phishing attempt. A few years ago, friends received messages "from me" that I did not compose or send: spoofs. But I did not find any hint of unauthorized logins to my e-mail account. In one case, the spoofs were sent after I had deleted the account, and no one else had taken that login name. But the spoofs cost me friendships. I hope y'all understand my being uncomfortable and wary. Thank-you, all 4 of you, for the tips. Some specific comments.... Ryan: Good to know where to report phishing attempts. Samuel: I understand what you said about anti-virus software. I was incorrect about wanting it for Thunderbird. In this case, it would be for the browser. I think you're mostly correct, but I still wish for something to protect against some things such as coin mining and spyware. I also do not like that web site owners know when I'm using ad blockers. finn: I used Tor in this case. But in retrospect, one thing I was concerned about was the site downloading something malicious without me knowing it. Would Tor have protected me against that? Cameron: Great tips in most cases. This was one of those odd exceptions. Strange that the Colorado consumer protection office would go through Barracuda rather than simply sending the message directly to me. spoofing, phishing, ransomware, spyware, cryptojacking, browser fingerprinting, evercookies, steganography, clickjacking; what's next? I've even received phone calls from myself, and I surely didn't call myself! Bill.

Sorry for the top post, but my phone seems to insist on it using K9 mail. Anyway, I keep an old smartphone that I no longer use -- I have moved my SIM card to my current phone. It can still connect to WiFi, though. I use it to try out dodgy links. I figure there's little loss if it gets screwed up. At worst, I'll circular file a $10 phone. Of course there's the issue of the "reset your password" scam. My firm rule is to never enter or change a password following a link I didn't initiate. Another intriguing attempt at isolation is QubesOS, which puts windows in different virtual mavhines. There is thus a default "untrusted" domain that is isolated from other windows. It was too slow for me using my older hardware. You really need an SSD, it seems. But the idea is appealing. On December 2, 2018 12:44:26 AM EST, finn via users <users(a)lists.fedoraproject.org&gt; wrote: -- Sent from my Android device with K-9 Mail. Please excuse my brevity.

home user via users writes: You can safely determine that this is 100% chance of a malicious attachment. It won't really do much harm, it's likely some MS-Windows payload, which won't really do much, on Linux.