[Source: This article was Published in mashable.com BY KARISSA BELL - Uploaded by the Association Member: Deborah Tannen]

Here's something you might want to think about next time you check your email: chances are, at least some of your messages are being tracked.

From how many times you open a message, the time of day, and even what city you're in, the very act of reading an email can send a surprising amount of data back to the sender, even if you never respond. 

That unsettling fact was recently thrust back into the spotlight thanks to a much-hyped email startup called Superhuman. The $30/month invite-only email software beloved by Silicon Valley VCs and "inbox zero" adherents are so hyped, there's currently a waiting list more than 180,000 people long, according to The New York Times.

Then Mike Davidson, a VP at design platform Invision, pointed out that the email app had originally enabled its users to track who is opening their emails by default. The feature, which Superhuman dubbed "read receipts," allows message senders to see exactly when their messages are opened, what kind of device recipients are using, and where they are. And unlike, say, iMessage read receipts, which are opt-in, Superhuman's feature is enabled by default.

Davidson, who was previously VP of design at Twitter, penned a lengthy critique of Superhuman's "spying" on his personal blog, saying Superhuman "has mistaken taking advantage of people for good design." 

In response to criticism from Davidson and others, Superhuman CEO Rahul Vohra said the company would update its software so “read receipts” would no longer be enabled by default and location information would be removed. 

But the fact is, Superhuman is far from from the only company quietly surveilling your email habits. Though it's relatively unheard of for an email platform to offer this level of tracking by default, it's astonishingly easy to embed tracking software into emails.

What is pixel tracking?

Most email-tracking programs use something called pixel tracking. Here's how email marketing company SendGrid explains its version of the feature:

Open Tracking adds an invisible, one pixel image at the end of the email which can track email opens. If the email recipient has images enabled on their email client and a request to SendGrid’s server for the invisible image is executed, then an open event is logged.

So when one of these "invisible" images is added into an email, the person who sent it is able to keep track of how often you open the message. It's also common to track whether or not you click on any links in the email. 

Marketers love these kinds of tools for obvious reasons, but there are a ton of similar tools out there that anyone can start using. But just because it's commonplace doesn't make it any less creepy or less of a massive privacy invasion. 

And while you might expect these tactics from email marketers, there's something even more troubling when you consider the implications of people using these in their personal lives. As Davidson outlines in his blog post, email tracking could in some cases pose a safety risk to people who don't realize they are being tracked just by opening their inbox.

Luckily, there are a few ways to block this type of tracking without ignoring your emails entirely.

Image blocking is your friend

One of the most straightforward ways to prevent email tracking software from working is to block images from displaying by default. This is a setting you can enable in just about every email service., though you should note that it means loading images in your email will require an extra click.

Prevent images from automatically loading in Gmail.

In Gmail, click on the settings gear to open up your email preferences. From the "general" tab, scroll down to images and check the box that says "Ask before displaying external images." Scroll down to the bottom of the page and click "save changes."

If you use a non-Gmail email provider, you should be able to find a similar setting. Just look for something that says something like "ask before displaying external images." 

It's also important to note that if you use a third-party email client like Outlook or Apple's Mail app to check your email, you'll need to enable this setting in that email app as well. Again, you can typically do this in the app's settings. 

How to block external images in Apple's Mail app.

In Apple's Mail app for iOS, you can disable images by going to the main Settings app, selecting "Mail," and scrolling down to "load remote images." (Instructions for disabling images in the MacOS Mail app can be found here.)

Track the trackers

If fiddling with your email settings is too inconvenient, or you're extra curious about who might be keeping tabs on how often you're reading your emails, there's another option available as well. There are a number of browser extensions that will also block the tracking pixels while alerting you to which emails contain trackers. 

PixelBlock is a simple Chrome extension that blocks images from loading and displays a red eye at the top of messages when it detects a tracker.

Similarly, Trocker, which is available for Chrome and Firefox, will show you pixel trackers and identify links that are being tracked. 

And Chrome extension Ugly Email, alerts you to the presence of possible trackers in your inbox before you even open a message. 

Even with extensions, some trackers may still be able to slip through, but they tend to be pretty adept at identifying the most obvious offenders. Using these is also a pretty eye-opening look at just how commonplace email tracking is:

Categorized in Internet Privacy

Internet Phishing Scam, Example 1

Here they are, revealed: the phishingcon games of the Internet. They prey on ignorance, tug your heart strings, and promise professional services while secretly taking your account numbers and passwords. Don't get suckered by these convincing phish emails and web pages! Take ten minutes and see what internet phishing and email scams really look like.

Probably the most damaging kind of email spoof is the "phishing" email. With this type of attack, a clever con artist is trying to lure you not to buy something, but to enter your account and password information, which can then be used for financial gain. Although eBay and PayPal are common targets, any company is fair game. This example above only shows one of many ways phishermen will attempt to con you into divulging your private information.

Be skeptical about any email that asks you to login through a link in the email. No legitimate online financial service will ever ask you to login this way.

Internet Investment Scam, example 2: Pump and Dump Investment

Like all con games, be they online or in person, the con man is trying to deceive you somehow. In this case, by artifically generating excitement around a stock, the con men can lure hundreds of people to purchase a particular stock. This purchasing excitement artificially inflates and "pumps up" the value of the stock, whereupon the con men will "dump" sell their own shares to reap the dishonest profits. This "pump and dump" spamming is a form of "phantom trading", which is illegal.

Be skeptical about any random unsolicited email that promises stock tips. If these were legitimate investment planners with legitimate stock advice, they would be dealing with their own existing clients, not recruiting via random email. As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet Lottery Scam, example 1

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.

Be skeptical about any email that claims you have won a prize. A legitimate lottery would not contact you via email; they would be calling you via telephone. And keep in mind: if you never entered the contest, how did you win? As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet Job Offer Scam, example 1

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.\

Be skeptical about any email that promises high profits for minimal investment. If it's too good to be true, it probably is a scam.

Internet 419 Scam, Example 1

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.

Be skeptical about any email that asks you to move money, especially large sums. A legitimate financier would use legitimate means to move that kind of money. Even if they were only semi-legitimate: why would they find random people through random email to move millions of dollars? As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet Phishing Scam, example 2

Like all "phishing" emails and web pages, a clever con artist is trying to lure you into entering your account and password information. While eBay and PayPal users are the people most targeted by phishermen, anyone is fair game for them. This example above only shows one of many ways they will attempt to con you into divulging your private login information.

Be skeptical about any email that asks you to login through a link in the email. No legitimate online financial service will ever ask you to login this way.

Internet Phishing Scam, example 3

Like all "phishing" emails and web pages, a clever con artist is trying to lure you into entering your account and password information. While eBay and PayPal users are the people most targeted by phishermen, anyone is fair game for them. This example above only shows one of many ways they will attempt to con you into divulging your private login information.



Be skeptical about any email that asks you to login through a link in the email. No legitimate online financial service will ever ask you to login this way.

Internet Lottery Scam, example 2

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.

Be skeptical about any email that claims you have won a prize. A legitimate lottery would not contact you via email; they would be calling you via telephone. And keep in mind: if you never entered the contest, how did you win? As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet Phishing Scam, example 4

Like all "phishing" emails and web pages, a clever con artist is trying to lure you into entering your account and password information. While eBay and PayPal users are the people most targeted by phishermen, anyone is fair game for them. This example above only shows one of many ways they will attempt to con you into divulging your private login information.

Be skeptical about any email that asks you to login through a link in the email. No legitimate online financial service will ever ask you to login this way.

The 419 Internet Scam, Example 2:

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.



Be skeptical about any email that asks you to move money, especially large sums. A legitimate financier would use legitimate means to move that kind of money. Even if they were only semi-legitimate: why would they find random people through random email to move millions of dollars? As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet 419 Scam, example 3

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.

Be skeptical about any email that asks you to move money, especially large sums. A legitimate financier would use legitimate means to move that kind of money. Even if they were only semi-legitimate: why would they find random people through random email to move millions of dollars? As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet Scam: 419, example 4

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.

Be skeptical about any email that asks you to move money, especially large sums. A legitimate financier would use legitimate means to move that kind of money. Even if they were only semi-legitimate: why would they find random people through random email to move millions of dollars? As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet 419 Scam, example 5

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.

Be skeptical about any email that asks you to move money, especially large sums. A legitimate financier would use legitimate means to move that kind of money. Even if they were only semi-legitimate: why would they find random people through random email to move millions of dollars? As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet 419 Scam, example 6

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.



Be skeptical about any email that asks you to move money, especially large sums. A legitimate financier would use legitimate means to move that kind of money. Even if they were only semi-legitimate: why would they find random people through random email to move millions of dollars? As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet 419 Scam, example 7

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.

Be skeptical about any email that asks you to move money, especially large sums. A legitimate financier would use legitimate means to move that kind of money. Even if they were only semi-legitimate: why would they find random people through random email to move millions of dollars? As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet 419 Scam, example 8

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.

Be skeptical about any email that asks you to move money, especially large sums. A legitimate financier would use legitimate means to move that kind of money. Even if they were only semi-legitimate: why would they find random people through random email to move millions of dollars? As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet 419 Scam, example 9

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.

Be skeptical about any email that asks you to move money, especially large sums. A legitimate financier would use legitimate means to move that kind of money. Even if they were only semi-legitimate: why would they find random people through random email to move millions of dollars? As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet Lottery Scam, example 3

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.



Be skeptical about any email that claims you have won a prize. A legitimate lottery would not contact you via email; they would be calling you via telephone. And keep in mind: if you never entered the contest, how did you win? As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet Investment Scam, example 3: Pump and Dump Scamming

Like all con games, be they online or in person, the con man is trying to deceive you somehow. In this case, by artificially generating excitement around a stock, the con men can lure hundreds of people to purchase a particular stock. This purchasing excitement artificially inflates and "pumps up" the value of the stock, whereupon the con men will "dump" sell their own shares to reap the dishonest profits. This "pump and dump" spamming is a form of "phantom trading", which is illegal.

Be skeptical about any random unsolicited email that promises stock tips. If these were legitimate investment planners with legitimate stock advice, they would be dealing with their own existing clients, not recruiting via random email. As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet Lottery Scam, example 4

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.

Be skeptical about any email that claims you have won a prize. A legitimate lottery would not contact you via email; they would be calling you via telephone. And keep in mind: if you never entered the contest, how did you win? As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet Investment Scam, example 4

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.

Be skeptical about any random unsolicited email that promises stock tips. If these were legitimate investment planners with legitimate stock advice, they would be dealing with their own existing clients, not recruiting via random email. As with any smart skepticism: if it's too good to be true, it probably is a scam.

Internet Investment Scam, example 5

Like all con games, be they online or in person, the con man is trying to get you to entrust him with your cash or access to your cash.

Be skeptical about any random unsolicited email that promises stock tips. If these were legitimate investment planners with legitimate stock advice, they would be dealing with their own existing clients, not recruiting via random email. As with any smart skepticism: if it's too good to be true, it probably is a scam.

Source: This article was published lifewire.com By Paul Gil

Categorized in Internet Privacy

Phishing attacks are more rampant than ever before, rising by more than 162 percent from 2010 to 2014. They cost organizations around the globe $4.5 billion every year and over half of internet users get at least one phishing email per day.

The best defense companies have against phishing attacks is to block malicious emails before they reach customers with the DMARC (Domain-based Message Authentication Reporting and Conformance) standard. Brands must also work with a vendor that can offer email threat intelligence data revealing attacks beyond DMARC (e.g., attacks that spoof their brand using domains outside of the company’s control).

Unfortunately, no matter what companies do, some phishing emails will always make it to the inbox. And those messages are extremely effective—97% of people around the globe cannot identify a sophisticated phishing email. That’s where customer education comes in.

Here are 10 tips on how to identify a phishing or spoofing email. Share them externally with your customers and internally with your company.

Tip 1: Don’t trust the display name
A favorite phishing tactic among cybercriminals is to spoof the display name of an email. Return Path analyzed more than 760,000 email threats targeting 40 of the world’s largest brands and found that nearly half of all email threats spoofed the brand in the display name. 

Here’s how it works: If a fraudster wanted to spoof the hypothetical brand “My Bank,” the email may look something like:

screen_shot_2015_09_22_at_2_16_17_pm

Since My Bank doesn’t own the domain “secure.com,” DMARC will not block this email on My Bank’s behalf, even if My Bank has set their DMARC policy for mybank.com to reject messages that fail to authenticate. This fraudulent email, once delivered, appears legitimate because most user inboxes only present the display name. Don’t trust the display name. Check the email address in the header from—if looks suspicious, don’t open the email.

Tip 2: Look but don’t click
Hover your mouse over any links embedded in the body of the email. If the link address looks weird, don’t click on it. If you want to test the link, open a new window and type in website address directly rather than clicking on the link from unsolicited emails.

Tip 3: Check for spelling mistakes
Brands are pretty serious about email. Legitimate messages usually do not have major spelling mistakes or poor grammar. Read your emails carefully and report anything that seems suspicious.

Tip 4: Analyze the salutation
Is the email addressed to a vague “Valued Customer?” If so, watch out—legitimate businesses will often use a personal salutation with your first and last name.

Tip 5: Don’t give up personal information
Legitimate banks and most other companies will never ask for personal credentials via email. Don’t give them up.

Tip 6: Beware of urgent or threatening language in the subject line
Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or your account had an “unauthorized login attempt.”

Tip 7: Review the signature
Lack of details about the signer or how you can contact a company strongly suggests a phish. Legitimate businesses always provide contact details.

Tip 8: Don’t click on attachments
Including malicious attachments that contain viruses and malware is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Don’t open any email attachments you weren’t expecting.

Tip 9: Don’t trust the header from email address
Fraudsters not only spoof brands in the display name, but also spoof brands in the header from email address. Return Path found that nearly 30% of more than 760,000 email threats spoofed brands somewhere in the header from the email address with more than two-thirds spoofing the brand in the email domain alone.

Tip 10: Don’t believe everything you see
Phishers are extremely good at what they do. Just because an email has convincing brand logos, language, and a seemingly valid email address, does not mean that it’s legitimate. Be skeptical when it comes to your email messages—if it looks even remotely suspicious, don’t open it.

Want to learn how to block phishing threats before they reach your customers? Check out our guide, Getting Started with DMARC.

Source: This article was published blog.returnpath.com By Estelle Derouet

Categorized in Internet Privacy

Do you still have a Yahoo Mail account? The tech company made its way onto the scene in 1994 and became a popular search engine and email service. However, it's had a very rough year.

First we learned of a massive data breach that could have impacted billions of users. Then we found out Yahoo was allegedly complying with a government security agency's request to spy on all incoming emails. Now, there is more troubling news coming out about the tech giant.

Security researcher Jouko Pynnonen recently discovered a severe security vulnerability with Yahoo Mail. The flaw would allow an attacker to access the victim's email account.

This was a cross-site scripting (XSS) attack, similar to the one discovered by Pynnonen around the same time last year. Watch this video to see a brief detail of last year's discovery:

Why this flaw is so alarming

What's terrifying about this is the victim wouldn't even need to click on a malicious link to be affected. You only had to view an email sent by the scammer for your Yahoo Mail account to be compromised.

Yahoo filters HTML messages, which is supposed to keep malicious code from making its way into a user's inbox. However, Pynnonen discovered a vulnerability that kept the filters from catching all malicious code. It had to do with different types of attachments that could be added to emails.

The good news is once Pynnonen reported the flaw, Yahoo fixed it. The tech giant also paid him $10,000 for discovering the vulnerability through its Bug Bounty Program.

Even though these flaws have been patched, it's been a rough stretch for Yahoo. If all of these problems worry you, you might want to close your Yahoo accounts. Here are instructions on how to do that:

  • How to close your Yahoo account:
  • Go to the "Terminating your Yahoo account" page.
  • Read the information under "Before continuing, please consider the following information."
  • Confirm your password - if you forgot your password, you can recover it with the Yahoo Sign-in Helper.
  • Click Terminate this Account.

Remember, if you do close your Yahoo account, you will not be able to use services associated with it. So if you decide to keep your account, at the very least make sure you have a strong password. Here are three proven formulas for creating hack-proof passwords.

You can also enable two-step verification, set up a Yahoo Account Key, or use a password manager. It's always better to be safe than sorry!

Author:  Mark Jones

Source:  http://www.komando.com/

Categorized in Internet Privacy

Absurdly Driven looks at the world of business with a skeptical eye and a firmly rooted tongue in cheek.

Knowing the truth isn't enough sometimes.

You need academics to point out the obvious so that you can huff that, of course, their conclusions are obvious and then you go back to doing nothing about it.

This, therefore, is how you might react to research from the Future Work Centre, a group of psychologists who analyze how work is affecting you.

Thanks to technology, it's not affecting you well.

Indeed, these researchers suggest that the mere existence of the email system leads to enormous stress.

Dr. Richard MacKinnon, the lead author of the study, declared: "Our research shows that email is a double-edged sword. Whilst it can be a valuable communication tool, it's clear that it's a source of stress or frustration for many of us."

You knew that, of course. But what have you done about it? Nada, perhaps?

Consider this, then.

MacKinnon concluded: "The people who reported it [email] being most useful to them also reported the highest levels of email pressure. But the habits we develop, the emotional reactions we have to messages and the unwritten organizational etiquette around email, combine into a toxic source of stress which could be negatively impacting our productivity and well-being."

He's British. He was being nice. It isn't that it could be negatively impacting our well-being. It is.

You know that it is. You feel the mental burden every morning when you open your laptop or stare at your phone in bed and see that there are 50 or 60 emails demanding your eyes and mind.

Do you remember what it was like when you just woke up and wondered: "I wonder what today will bring?"

Now, today has already brought a ton of problems before you've even had a chance to brush your teeth.

There's a certain tragedy in reading MacKinnon's assertion that those who find email most useful feel the most pressure.

Indeed, he and his team found that the two worst habits are keeping your email app open all day and checking your email first thing in the morning and last thing at night.

It's in this area that researchers want you to stop and think. And even do.

They suggest switching your email off and opening it only when you actually have a positive reason to be using it.

But that requires effort and discipline. You're too weak to do that, aren't you? It's so hard when your bosses are workaholics -- either naturally or out of fear -- and expect you to be always "on."

Moreover, technology is often designed to hook you and keep you hooked. It's created the notion that you could be missing out on something very important, something that could affect your day, your week, or even your career.

We live with only one eye on our lives. The other eye is always on the lookout for, well, something else -- a problem, a danger, a demand, or even an opportunity.

And then we wonder that we're slowly going mad.

We begin to loathe our dependence on gadgets, even as we sit in a restaurant with our lovers completely ignoring them in favor of, oh, a work email.

One tiny light of hope emerged from this research. It was that the youngest people feel the most email stress.

Perhaps the older ones know how to handle it better because they know that 99 percent of all office communication is simply windbaggery and balderdash.

Source:  http://www.inc.com/chris-matyszczyk/emails-are-killing-you-researchers-say.html

Categorized in Online Research

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.
Please wait

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Newsletter Subscription

Receive Great tips via email, enter your email to Subscribe.
Please wait

Follow Us on Social Media

Book Your Seat for Webinar GET FREE REGISTRATION FOR MEMBERS ONLY      Register Now