Displaying items by tag: gmail - AIRS
Website Search
Research Papers
Articles
FAQs
Easy Profile - Search plugin
Courses & Exams
Pages
Specialized Search Engines
Events Calender
Upcoming Events

Including Clever Search Operators

If you're good at collecting emails, the Archive button in Gmail is really helpful. Fortunately, most of these archived emails are never to be seen or searched again. But others we need to get back to later. Using easy search and clever operators, Gmail lets you find emails precisely and fast.

Usually, the big search field that runs across Gmail's top border works. Sometimes, however, the number of emails returned is just too large.

Maybe you can add a further term or the name of the sender? That's possible but do it wisely. Using some clever search operators, you can narrow your search significantly and precisely. You can search in the Subject line only, for example, or combine that with a date range, a particular sender, and exclude all messages with attachments.

Search Mail in Gmail

To find messages in Gmail:

  • Type search terms in Gmail's search field.
  • Hit Enter or click the magnifying glass button.

Gmail Search Options

To specify some search criteria for narrowing results in your Gmail search:

  • Click the Show search options down arrow in the Gmail search field.
  • Search senders' email addresses and names using the From field.
  • Search direct (To: field) recipients' names and addresses using the To field.
  • Search email subjects using the Subject field.
  • Search emails' body text using the Has the words field.
    • Search for a phrase with quotation marks.
    • Search for emails that contain one word (or phrase) or another, use "OR".
      '"shepherd macaroni"' (excluding the outer quotation marks) finds all emails that contain the phrase "shepherd macaroni", for instance;
      'shepherd macaroni' (again excluding the quotation marks) finds all emails that contain both words, but not necessarily in that form;'shepherd OR macaroni' (without the quotation marks), finally, finds all emails that contain either "shepherd" or "macaroni" (or both).
  • Search for emails that do not contain certain words in their text using the Doesn't have fielded.
  • Make sure Has attachment is checked to find only emails that contain attached files.
  • Search emails' sent date using the Date within fields.
  • Click the Search Mail button below the search fields.
    • You can now narrow your search further in the main search field using the operators below.
    • Of course, multiple search options can be combined to find, say, emails from a certain sender that contain attachments and were sent during the past year.

    Gmail Search Operators

    In the Search Mail field, you can use the following operators:

    • subject: - Search the Subject line.
      Example: "subject:bahamas" finds all messages with "Bahamas" in the Subject.
    • from: - Search Gmail for sender name and email address. Partial addresses are okay.
      Examples: "from:heinz" finds all messages from "heinz@example.com", but also all messages from "This email address is being protected from spambots. You need JavaScript enabled to view it."; "from:me" finds all messages sent by yourself (using any address set up for use in Gmail).
    • to: - Search the To line for names and addresses.
      Example: "to:quertyuiop@gmail.com" finds all messages sent directly (not via Cc: or Bcc:) to quertyuiop@gmail.com.
    • cc: - Search recipients in the Cc field.
      Example: "cc:quertyuiop@gmail.com" finds all messages that were sent to quertyuiop@gmail.com as a carbon copy.
    • bcc: - Search Gmail for addresses and names in the Bcc field. Note this only works with emails you sent to Bcc recipients from Gmail.
      Example: "bcc:heinz" finds all messages that you sent with, for example, "hein@example.com" in the Bcc field.
    • label: - Search Gmail for messages assigned a label. (Replace whitespace characters in label names with hyphens.)
      Example: "label:toodoo-doll" finds all messages labeled "toodoo doll".
    • has:userlabels - Search Gmail for emails that have any labels except those used by default (i.e. not including labels such as "inbox", "trash" and "spam" but including Smart Labels).
    • has:nouserlabels - Search for messages that have not been labeled with any labels except those that Gmail uses by default.
    • is:starred - Search Gmail for messages that are starred.
    • Further stars:
      • has:yellow-star - Search Gmail for messages with a yellow star.
      • has:red-star - Search Gmail for messages with a red star.
      • has:orange-star - Search Gmail for messages with an orange star.
      • has:green-star - Search Gmail for messages with a green star.
      • has:blue-star - Search Gmail for messages with a blue star.
      • has:purple-star - Search Gmail for messages with a purple star.
      • has:yellow-bang - Search Gmail for messages with a yellow exclamation mark.
      • has:red-bang - Search Gmail for messages with a red exclamation mark.
      • has:purple-question - Search Gmail for messages with a purple question mark.
      • has:orange-guillemet - Search Gmail for messages with two orange forward arrows.
      • has:blue-info - Search Gmail for messages with a blue i.
    • is:unread - Search Gmail for new and unread messages.
    • is:read - Search Gmail for messages that have already been opened.
    • is:important - Search Gmail for messages that are marked important for Priority Inbox.
    • has:attachment - Search Gmail for messages that have files attached to them.
    • filename: - Search within file names of attachments. You can also search for file name extensions to restrict your search to certain file types.
      Example: "filename:.doc" finds all messages with word processing attachments.
    • is:buzz - Search Gmail for Google Buzz posts.
    • is:chat - Search Gmail for chat logs.
    • in: - Search in a standard "folder". You can search in DraftsInboxChatsSentSpamTrash and anywhere (for everything, including Spam and Trash).
      Example: "in:drafts" finds all messages in your Drafts folder.
    • circle: - Search mail sent to you from people in the given Google+ circle. (Use quotation marks to specify Google+ circles that include a whitespace in their name; escape quotation marks in the name with a backslash (\) immediately preceding each quotation mark.)
      Example: 'circle:"my \"sailing\" circle" turns up all emails from people in your 'my "sailing" circle" Google+ circle.
    • has:circle - Search Gmail for messages from somebody in any of your Google+ circles.
    • after: - Search for messages sent on or after a date. The date must be given in YYYY/MM/DD format.
      Example: "after:2005/05/05" finds all messages sent or received on or after (i.e. including) May 5, 2005.
    • before: - Search Gmail for messages sent before a date.
      Example: "before:2005/05/05" finds all messages sent or received on May 4, 2005 and earlier.
    • larger: (or larger_than:) - Search for emails exceeding the given size. (Specify the size in bytes without suffix or using "k" for kilobytes (as 1,000 bytes) and "m" for megabytes (as 1,000,000 bytes.)
      Example: "larger_than:200k" finds all messages that exceed 200,000 bytes in size.
    • size: - Search for messages exceeding the given size in bytes.
      Example: "size:500000" finds emails bigger than 500,000 bytes or half a megabyte.
    • smaller: (or smaller_than:) - Search for messages smaller than the specified size. (Specify the size in bytes (no suffix) or using "k" for 1,000 bytes and "m" for 1,000,000 bytes.)
    • deliveredto: - Search Gmail for email with a certain email address in a "Delivered-To:" header line.
      Example: "deliveredto:me@example.com" finds messages that have "me@example.com" in a "Delivered-To: header, because it has been forwarded from that address, for example.
    • rfc822msgid: - Search for the message with the — just about certainly unique — message ID. Gmail will not search for messages that refer to the message ID (replies, for example). Example: "rfc822msgid:wW28fb6uf@mail.example.com" finds the message with "wW28fb6uf@mail.example.com" in the "Message-ID:" header field.

    How to Combine Operators and Search Terms

    Operators and search terms can be combined with the following modifiers:

    • By default, Gmail combines terms with (an invisible) "AND".
      Examples: "shepherd macaroni" finds all messages that contain both "shepherd" and "macaroni"; "before:2005/05/05 AND after:2005/05/04" finds all messages sent or received on May 4, 2005.
    • "" - Search for a phrase. Case does not matter.
      Examples: "shepherd's macaroni" finds all messages containing the phrase "shepherd's macaroni"; 'subject:"shepherd's macaroni' finds all messages that have "shepherd's macaroni" in the Subject field.
    • + - Search for a term exactly as typed.
      Example: "+shepherds" finds all emails that contain "shepherds", but not those containing just "shepherd" or "shehperds" alone.
    • OR - Search Gmail for messages containing at least one of two terms or expressions.
      Examples: "shepherd OR macaroni" finds messages that contain either "shepherd" or "macaroni" or both; "from:heinz or label:toodoo-doll" finds messages that either come from a sender that contains "email.guide" or appear under the label "toodoo doll".
    • - - Search Gmail for messages that do not contain a term or expression.
      Examples: "-macaroni" finds all messages that do not contain the word "macaroni"; "shepherd -macaroni" finds all messages that contain the word "shepherd" but not "macaroni"; 'subject:"shepherd's macaroni" -from:heinz' finds all messages with "shepherd's macaroni" in the subject that were not sent from an email address or name containing "heinz".
    • () - Group search terms or expressions.
      Examples: "subject:(shepherd macaroni)" finds messages that have both "shepherd" and "macaroni" somewhere in the Subject line (but not necessarily as a phrase); "from:heinz (subject:(shepherd OR macaroni) OR label:toodoo-doll)" finds all messages from a sender who has "email.guide" in their name that either have "shepherd" or "macaroni" (or both) in the Subject line or appear under the label "toodoo doll".

    Historical Gmail Search Operators

    Gmail once included support for the following search operates that, sadly, no longer work:

    • lang: - Search Gmail for messages in a particular language. (Specify the language in English; "Chinese" worked, but "中文", "Putonghua" or "Mandarin" do not, for example.)
      Example: "lang:French" returned all emails that contain at least un peu de Français.

    Saved Searches

    You can also bookmark Gmail searches easily for later repetition.

    Source: This article was published lifewire.com By Heinz Tschabitscher

    Published in How to

    No matter how popular and easy to use an email platform like Gmail may be, having to actually go ahead and manage email on a day-to-day basis can be a daunting, dreadful task. Using extra email management tools that work with Gmail may not make you fall in love with email, but it will certainly help take some of the headache out of it by giving you back some of your precious time and energy.

    Whether you use Gmail for personal or professional reasons, on the web or from a mobile device, all of the following tools may be of great benefit to you. Take a look to see which ones catch your eye.

    Inbox by Gmail

    Inbox by Gmail is basically a must-have if you regularly check your messages from your mobile device. Google took everything it new about how its users were using Gmail and came up with a brand new, super intuitive, highly visual email platform that simplifies and speeds up email.

    Group incoming email messages in bundles for better organization, see highlights at a glance with card-like visuals, set reminders for tasks that need to be done later and "snooze" email messages so you can take care of them tomorrow, next week, or whenever you want. More »

    Boomerang for Gmail

    Boomerang
    Photo © drmakkoy / Getty Images

    Ever wish you could write an email now, but send it later? Instead of doing exactly that – leaving it as a draft and then trying to remember to send it at a specific time – just use Boomerang. Free users can schedule up to 10 emails per month (and more if you post about Boomerang on social media).

    When you write a new email in Gmail with Boomerang installed, you can press the new "Send Later" button that appears next to the regular "Send" button, which allows you to quickly pick a time to send (tomorrow morning, tomorrow afternoon, etc.) or the opportunity to set an exact date and time to send it. More »

    Unroll.me

    Mailbox
    Photo © erhui1979 / Getty Images

    Subscribe to too many email newsletters? Unroll.me not only allows you to unsubscribe from them in bulk, but also lets you create your own "rollup" of email newsletters, which brings you a daily digest of all the newsletter subscriptions you actually want to keep.

    Unroll.me also has a nifty iOS app you can use to manage all your email subscriptions while you're on the go. If there's a particular subscription you want to keep in your inbox, just send it to your "Keep" section so Unroll.me doesn't touch it. More »

    Rapportive

    Profile
    Photo © runeer / Getty Images

    Do you communicate with a lot of new people via Gmail? If you do, sometimes it can feel eerily robotic when you don't know who's on the other end of the screen. Rapportive is one tool that offers a solution by connecting to LinkedIn so it can automatically match profiles based on the email address you're communicating with.

    So when you send or receive a new message, you'll see a short LinkedIn profile summary in the righthand side of Gmail featuring their profile photo, location, current employer and more — but only if they have filled out that information on LinkedIn and have their account associated with that email address. It's potentially a nice way to put a face to an email message. More »

    SaneBox

    Folder
    Photo © erhui1979 / Getty Images

    Similar to Unroll.me, SaneBox is another Gmail tool that can help automate your organization of incoming messages. Instead of creating filters and folders yourself, SaneBox will analyze all of your messages and activity to understand which emails are important to you before moving all of the unimportant emails to a new folder called "SaneLater."

    You can also move unimportant messages that still show up in your inbox to your SaneLater folder, and if something that gets filed into your SaneLater folder becomes important again, you can move it out of there. Even though SaneLater takes the manual work out of organization, you still have full control for those messages you need to specifically put somewhere. More »

    LeadCooker

    Email
    Photo R?stem G?RLER / Getty Images

    When it comes to online marketing, it's no question that email is still massively important. Many email marketers send messages all at once to hundreds or thousands of email addresses with the click of a button using third-partyemail marketing platforms like MailChimp or Aweber. The downside to this is that it's not very personal and can easily end up as spam.

    LeadCooker can help you strike a balance between emailing lots of people and keeping it more personal. You still get a lot of the features of traditional email marketing platforms like automated follow-ups and tracking, but recipients won't see an unsubscribe link and your messages come straight from your Gmail address. Plans start at $1 per 100 emails with LeadCooker. More »

    Sortd for Gmail

    Stack of Papers
    Photo © CSA-Archive / Getty Images

    Sortd is an amazing tool that completely transforms the look of your Gmail account into something that looks and functions much more like a to-do list. With a UI that's as simple and as intuitive to use as Gmail itself, the aim of Sortd is to offer people who struggle to stay on top of email a better way to stay organized.

    Sortd is the first "smart skin" for Gmail that divides your inbox into four main columns, with options to customize things the way you want. There are also apps available for both iOS and Android. Since it's currently in beta, the tool is totally free for now, so check it out while you can before pricing is put in place! More »

    Giphy for Gmail

    Animated GIF
    Image made with Canva.com

    Giphy is a popular search engine for GIFs. While you can certainly go straight to Giphy.com to search for a GIF to embed in a new Gmail message, a much easier and more convenient way to do it is by installing the Giphy for Gmail Chrome extension.

    If you love using GIFs in Gmail, this is a must-have to help you save more time and compose your messages more efficiently. The reviews of this extension are pretty good overall, although some reviewers have expressed concern about bugs. The Giphy team seems to update the extension every so often, so if it doesn't work for you straight away, consider trying it again when a new version is available. More »

    Ugly Email

    Eye
    Photo © ilyast / Getty Images

    More email senders are now using tracking tools so they can get to know more about you without you even knowing it. They can typically see when you open their emails, if you clicked on any links inside, where you're opening/clicking from, and what device you're using. If you really value your privacy, you may want to consider taking advantage of Ugly Email to help you easily identify which Gmail messages that you receive are being tracked.

    Ugly Email, which is a Chrome Extension, simply puts a little "evil eye" icon in front of the subject field of every tracked email. When you see that little evil eye, you can decide whether you want to open it, trash it, or maybe create a filter for future emails from that sender. More »

    SignEasy for Gmail

    Signature
    Photo © carduus / Getty Images

    Receiving documents as attachment in Gmail that need to be filled out and signed can be a real pain to work with. SignEasy simplifies the whole process by allowing you to easily fill out forms and sign documents without ever leaving your Gmail account.

    A SignEasy option appears when you click to view the attachment in your browser. Once you've filled out the fields that need completion, the updated document is attached in the same email thread. More »

    Source: This article was published lifewire.com By Elise Moreau

    Published in Others

    The new Personal tab will show search results from one’s Google accounts.

    Aiming to help people find what they are looking for, Google has added a “Personal” tab in search results to show content from private sources like Gmail account and Google Photos library.

    “Similar to the Images, News and Maps tabs, the Personal tab narrows down search query and shows results from your Google accounts instead,” technology website theverge.com reported.

    The “Personal” tab can be found behind the “More” menu and will surface results like Gmail messages and calendar events from users signed-in accounts. For photo searches, users can either immediately open an image result or click through to do a deeper search in Google Photos. In March, Google introduced shortcuts on the Google Search app for Android, iOS and Google.com on the mobile web that gives users the ability to explore deeper within topics they care about.

    {youtube}hufHXB0jfwY{/youtube}

    With shortcuts right on the home screen, users now have access to in-depth experiences across sports, eat and drink, entertainment and weather sections. Android users will find other useful shortcuts too like translate, nearby attractions, flights, hotels, internet speed test, currency converter and more. 

    Source: This article was published bgr.in By IANS

    Published in Search Engine
    An unusually sophisticated identity phishing campaign appeared to target Google's roughly 1 billion Gmail users worldwide, seeking to gain control of their entire email histories and spread itself to all of their contacts, Google confirmed Wednesday.
     
    The worm — which arrived in users' inboxes posing as an email from a trusted contact — asked users to check out an attached "Google Docs," or GDocs, file. Clicking on the link took them to a real Google security page, where users were asked to give permission for the fake app, posing as GDocs, to manage users' email account.
     
     
     
    To make matters worse, the worm also sent itself out to all of the affected users' contacts — Gmail or otherwise — reproducing itself hundreds of times any time a single user fell for it.
    Screenshot 3 
    The strategy is a common one, but the worm that was released Wednesday caused havoc for millions of users because of its unusually sophisticated construction: Not only did the malicious link look remarkably realistic and trustworthy, but the email that delivered it also appeared to come from someone users already know — and the payload manipulated Google's real login system.
     
     
    Google said it had "disabled" the malicious accounts and pushed updates to all users. The vulnerability was exposed for only about one hour, and a spokesperson told NBC News on Wednesday night that it affected "fewer than 0.1 percent of Gmail users" — which would still be about 1 million.
     
    "While contact information was accessed and used by the campaign, our investigations show that no other data was exposed," the spokesperson said.
     
    It could have been a potential calamity for unsuspecting victims: With control of your Gmail account, scammers can harvest any personal data you've ever sent or received in an email. That can allow them to generate password-reset requests on scores of other services, potentially letting the hackers take over, for example, your Amazon, Facebook or online bank accounts.
    View image on Twitter
    View image on Twitter
    Phishing (or malware) Google Doc links that appear to come from people you may know are going around. DELETE THE EMAIL. DON'T CLICK. 
     
    Employees and others connected to large companies, especially educational institutions and journalism organizations, began flooding social media about 2:30 p.m. ET reporting that they'd received the malicious email.
     
     
    Employees and others connected to large companies, especially educational institutions and journalism organizations, began flooding social media about 2:30 p.m. ET reporting that they'd received the malicious email.
    View image on Twitter
     
    View image on Twitter
    Be careful, Twitter people with Gmail accounts! Do not click on the "doc share" box. It's a solid attempt at phishing. 

    What you can do

    While the malicious email was a dead ringer for a real message from a trusted friend, there was one key giveaway: The mail was sent to a fake email address in the main recipient field — This email address is being protected from spambots. You need JavaScript enabled to view it.. Users' addresses were included in the BCC field.
     
    If you received a Gmail message with the mailinator.com address as the main recipient, report it as phishing by clicking the down arrow beside the reply button and selecting "Report phishing." Then delete it.
     
    If you do click on the malicious link, don't grant permission when the fake GDocs app asks for it.
     
    If, unfortunately, you fell for the scam and granted permission to the hackers, go to your Google connected sites console and immediately revoke access to "Google Docs." (If you don't trust the embedded link here — which is generally a good thing — you can manually type the address into your browser: https://myaccount.google.com/security?pli=1#connectedapps)
     
    While you're at it, it's a good idea to revoke permission for any app listed there that you don't recognize.
     
    Finally, change your Google password.
     
    Source : This article was published in cnbc.com By Alex Johnson
    Published in Internet Privacy

    You now have a new way to split the bill for dinner: Gmail for Android. While the ability to send money using Google Wallet has been available for quite a while in Gmail on the web, you can now send money from within the mobile app.

    Once you've received the latest update, you'll be able to send and request money within the email compose screen. This feature is not currently available outside the US or for Gmail for iOS.

    send-money-gmail-2.jpgTaylor Martin/CNET

    To send or request money in Gmail for Android:

    • Open Gmail and tap the compose button in the bottom right corner.
    • Tap the paper clip button in the upper right corner.
    • In the dropdown menu, select Send money or Request money.
    • Enter a dollar amount and hit Continue.Add a memo for what the payment is for, such as coffee, pizza or rent.
      • If you don't yet have a payment method set up in your Google Wallet account, you'll be prompted to add a debit card before proceeding. Tap Add Debit Card, enter all the required information and tap Save.
    • Tap Attach Money.

    Since this is just an attachment to an email, you can add a recipient, subject and message in the email body either before or after attaching the payment or money request. The recipient doesn't need to be a Gmail user or have a Google Wallet account to receive funds.

    send-money-gmail.jpgTaylor Martin/CNET

    Money sent to a Gmail address will be deposited directly into the recipient's Google Wallet account. Google says that those without a Gmail account will have the option to have the funds transferred straight to their bank account, free of charge.

    After the email has been sent, you and the recipient will both receive an email confirmation from Google Wallet containing the amount, the payment method, the recipient, the memo and the transaction ID.

    Source : cnet.com

    Published in Others

    A dark web vendor is reportedly selling millions of decrypted Gmail and Yahoo accounts in an unspecified underground marketplace. Over 20 million Gmail accounts and five million Yahoo accounts from previous massive data breaches are now reportedly up for sale.

    A dark web vendor going by the name "SunTzu583", who has previously also allegedly listed over one million decrypted Gmail and Yahoo accounts on the dark web, now appears to have ramped up his efforts.

    According to a HackRead report, in separate listings, the cybercriminal is allegedly offering 4,928,888 and 21,800,969 Gmail accounts, of which the latter has been listed for $450 (0.4673 Bitcoins). While the first listing includes email addresses and clear text passwords, 75% of the second listing allegedly contains decrypted passwords and 25% hashed passwords.

    The Gmail data reportedly corresponds to those stolen in previous breaches, including the Nulled.cr hack and the Dropbox data breach.

    The cybercriminal is also allegedly selling 5,741,802 Yahoo accounts for $250 (0.2532 Bitcoins). Most of the accounts listed were allegedly disabled and appear to have been stolen from MySpace, Adobe and LinkedIn data breaches.

    For both the Gmail and Yahoo accounts, the dark web vendor claims that not all the email and password combinations work directly, warning potential buyers to not expect them to match in all cases.

    The data has reportedly been matched against those on popular data breach notification platforms such as Have I Been Pwned and Hacked-DB. However, the data has not been independently verified by IBTimes UK.

    How to keep your data safe

    Cybercrime ramped up to alarming levels last year, which also saw a slew of massive cyberattacks. Those concerned about keeping their accounts and data safe should incorporate safe security practices. In the event of a breach, or even a potential one, it is recommended that passwords be changed immediately. It's also essential that you not reuse passwords, instead use unique passwords for each of your accounts.

    Author : Ashok
    Source : https://www.yahoo.com/news/over-20-million-gmail-5-091238421.html

    Published in Deep Web

    A new phishing technique is fooling internet users into giving hackers access to their Gmail accounts. According to WordPress security plugin creator Wordfence, the way that the attack works is that hackers send emails to the contacts of compromised accounts containing a seemingly innocuous attachment. When the user clicks the attachment, a new tab opens in the browser that looks nearly identical to the Google sign-in page. If the user inputs their log-in information, it goes straight to the attacker.

    On Hacker News, a commenter describes an incident that occurred at his school last year in which several employees and students were tricked into handing over their account information to attackers after receiving compromised emails and opening the attachments, thus perpetuating the cycle:

    “It’s the most sophisticated attack I’ve seen. The attackers log in to your account immediately once they get the credentials, and they use one of your actual attachments, along with one of your actual subject lines, and send it to people in your contact list.For example, they went into one student’s account, pulled an attachment with an athletic team practice schedule, generated the screenshot, and then paired that with a subject line that was tangentially related, and emailed it to the other members of the athletic team.”

    While the idea of having your Gmail account serve as a host for the chain of hacks to continue is frightening enough, the hackers will also have the ability to download and read through all of your private emails, as well as gain access to other information connected to your Google account (or whichever service is hacked).

    Here’s what you need to look out for in your address bar to avoid this attack:

    As you can see, not only is the beginning of the string odd, but there is a script hidden behind a long wall of whitespace. You won’t be able to see the script in your address bar without tapping on it and scrolling to the right, but there are several other signs to watch out for that are even more obvious.

    For example, here’s what my address bar looks like when I navigate to Gmail in Chrome:

    See the green text and the “Secure” label in front of the address? That indicates that I’ve reached a safe, secure website, as opposed to the black text up above. Not every site is going to be certifiably secure like that, but if you are visiting a Google log-in page specifically and don’t see it, alarms should go off in your head. Google might fix this eventually, but for now, just pay attention and look for green text.

    Furthermore, if you don’t have two-factor authentication on your Google account (or any other account which contains sensitive information), treat this as a wake up call and set it up immediately.

    Author: Jacob Siegal
    Source: https://www.yahoo.com/tech/insidious-gmail-phishing-attack-tricking-even-most-careful-151309071.html

    Published in Internet Privacy

    Gmail Supports a plethora of search operators to help you instantly find that elusive email message buried in your mailbox. You have size search – like larger_than:5mb – to find the big messages in your account. File search – like has:attachment filename:doc – will locate email messages that contain file attachments of specific types. This graphic illustrates all the known search operators that work both on Gmail and Google Inbox.

    Date Search in Gmail

    Date search in Gmail helps you locate emails sent or received in a specific period. Here are some examples:

    • newer_than:7d from:me – Emails sent in the last 7 days
    • after:2016/12/01 to:me – Emails received in the month of December 2016

    Specify Time Modifiers in Gmail Search

    Gmail also supports time-based searches allowing you to find emails in the specific hour, minute or second. For instance, you can limit your Gmail search to emails that were received between Dec 10 8:15 PM and Dec 10, 2016 8:45 PM.

    To get started, convert the date and time to Epoch time and then use the timestamp with the standard after or before search operator of Gmail.

    For instance, the Epoch time for Dec 10, 2016 8:15 PM is 1481381100 and the Epoch time for Dec 10, 2016 8:45 PM is 1481382900. Use the search query after:1481381100 before:1481382900 and you’ll get a list of all emails received during that 30-minute period.

    Epoch time is the number of seconds that have elapsed since January 1, 1970 (UTC). Use the Epoch converter to represent a human readable date and time in Epoch and use that timestamp with the before or after search operator of Gmail to find that elusive email.

    Author:  Amit Agarwal

    Source:  http://www.labnol.org/internet/gmail-search-tips/29206/

    Published in Online Research
    One of the many advantages of email is that you can send a message to anyone, anywhere, as long as you have an internet connection. Of course, instantaneous delivery has consequences — once you send an email, you might not be able to take it back. Perhaps, in the heat of the moment, you send your boss a profane screed about their management practices. After a night of drinking, you might confess, in disgustingly florid prose, your love for your best friend. Maybe you sent your credit card information to that scammer claiming to be an Apple representative. It happens.

    Gmail users should be happy to learn that they can reach out and snag an email afterhaving clicked Send, although the feature is hidden and the timing is strict. Also, users should note that this process only works for messages sent via Gmail, not Google Hangouts. Either way, here’s how to enable the Undo Send feature.

    Step 1: First, log in to your Gmail account as you would normally and access your settings by clicking the gear icon in the upper-right of your inbox. Then, select Settings from the drop-down menu.

    unsend-gmail-messages-step-1

     

    Step 2: Under the General tab, scroll down until you find the option for Undo Send. Check the box directly to the left of Enable Undo Send.

    unsend-gmail-messages-step-2


    Step 3: Choose the cancellation period — i.e. the amount of allotted time before you can no longer undo send — from the resulting drop-down menu. Your options range from 5 to 30 seconds.

    unsend-gmail-message-step-3

     

    Step 4: Scroll down to the bottom of the settings page and click the Save Changes button.

    unsend-gmail-messages-save-changes

    Step 5: To test the feature, try sending a message. After you send an email, you will receive a notification in a yellow box near the top of your screen, which will include a button marked Undo. If you click this, Gmail will not send the message, and instead, reopen it as a draft. That’s all there is to it!

    unsend-gmail-messages-step-5
    Source : digitaltrends
    Published in Others

    On March 19 of this year, Hillary Clinton’s campaign chairman John Podesta received an alarming email that appeared to come from Google.

    The email, however, didn’t come from the internet giant. It was actually an attempt to hack into his personal account. In fact, the message came from a group of hackers that security researchers, as well as the US government, believe are spies working for the Russian government. At the time, however, Podesta didn’t know any of this, and he clicked on the malicious link contained in the email, giving hackers access to his account.

    Months later, on October 9, WikiLeaks began publishing thousands of Podesta’s hacked emails. Almost everyone immediately pointed the finger at Russia, who is suspected of being behind a long and sophisticated hacking campaign that has the apparent goal of influencing the upcoming US elections. But there was no public evidence proving the same group that targeted the Democratic National Committeewas behind the hack on Podesta—until now.

    The data linking a group of Russian hackers—known as Fancy Bear, APT28, or Sofacy—to the hack on Podesta is also yet another piece in a growing heap of evidencepointing toward the Kremlin. And it also shows a clear thread between apparently separate and independent leaks that have appeared on a website called DC Leaks, such as that of Colin Powell’s emails; and the Podesta leak, which was publicized on WikiLeaks.

    All these hacks were done using the same tool: malicious short URLs hidden in fake Gmail messages. And those URLs, according to a security firm that’s tracked them for a year, were created with Bitly account linked to a domain under the control of Fancy Bear.

    THE TRAIL THAT LEADS TO FANCY BEAR

    The phishing email that Podesta received on March 19 contained a URL, created with the popular Bitly shortening service, pointing to a longer URL that, to an untrained eye, looked like a Google link.

    A screenshot of the Bitly link used against John Podesta.

    Inside that long URL, there’s a 30-character string that looks like gibberish but is actually the encoded Gmail address of John Podesta. According to Bitly’s own statistics, that link, which has never been published, was clicked two times in March.

    That’s the link that opened Podesta’s account to the hackers, a source close to the investigation into the hack confirmed to Motherboard.

    That link is only one of almost 9,000 links Fancy Bear used to target almost 4,000 individuals from October 2015 to May 2016. Each one of these URLs contained the email and name of the actual target. The hackers created them with with two Bitly accounts in their control, but forgot to set those accounts to private, according to SecureWorks, a security firm that’s been tracking Fancy Bear for the last year.

    SecureWorks was tracking known Fancy Bear command and control domains. One of these lead to a Bitly shortlink, which led to the Bitly account, which led to the thousands of Bitly URLs that were later connected to a variety of attacks, including on the Clinton campaign. With this privileged point of view, for example, the researchers saw Fancy Bear using 213 short links targeting 108 email addresses on the hillaryclinton.com domain, as the company explained in a somewhat overlooked report earlier this summer, and as BuzzFeed reported last week.

    Using Bitly allowed “third parties to see their entire campaign including all their targets— something you'd want to keep secret,” Tom Finney, a researcher at SecureWorks, told Motherboard.

    It was one of Fancy Bear’s “gravest mistakes,” as Thomas Rid, a professor at King's College who has closely studied the case, put it in a new piece published on Thursday in Esquire, as it gave researchers unprecedented visibility into the activities of Fancy Bear, linking different parts of its larger campaign together.

    This is how researchers have been able to find the phishing link that tricked Colin Powell and got him hacked. This also allowed them to confirm other public reports of compromises, such as that of William Rinehart, a staffer with Clinton’s presidential campaign. As The Smoking Gun reported in August, Rinehart received a malicious Google security alert on March 22, according to a screenshot Rinehart shared with the site. SecureWorks found a URL that had Rinehart’s Gmail address encoded, which had the same date.

    A screenshot of the phishing email received by Rinehart. (Image: The Smoking Gun)

    A screenshot of the malicious Bitly URL received by Rinehart.

     

    Similar malicious emails and short URLs have also been used recently against independent journalists from Bellingcat, a website that has investigated the incident of the shootdown of Malaysian Airlines Flight 17 (MH17) over Ukraine in 2014, finding evidence that Russian-backed rebels were behind it.

    A screenshot of a phishing email received by a Bellingcat journalist.

     

    Other journalists in eastern Europe have also recently been targeted with phishing emails trying to break into their Gmail accounts.

    These malicious emails, just like the ones used against Podesta, Powell, Rinehart and many others, looked like Google alerts, and contained the same type of encoded strings hiding the victims’ names.

    It’s unclear why the hackers used the encoded strings, which effectively reveal their targets to anyone. Kyle Ehmke, a threat intelligence researcher at security firm ThreatConnect, argued that “the strings might help them keep track of or better organize their operations, tailor credential harvesting pages to specific victims, monitor the effectiveness of their operations, or diffuse their operations against various targets across several URLs to facilitate continuity should one of the URLs be discovered.”

    The use of popular link shortening services such as Bitly or Tinyurl might have a simpler explanation. According to Rid, the hackers probably wanted to make sure their phishing attempts went past their targets' spam filters.

    THE SMOKING GUN?

    None of this new data constitutes a smoking gun that can clearly frame Russia as the culprit behind the almost unprecedented hacking campaign that has hit the DNC and several other targets somewhat connected to the US presidential election.

    Almost two weeks ago, the US government took the rare step of publicly pointing the finger at the Russian government, accusing it of directing the recent string of hacks and data breaches. The intelligence community declined to explain how they reached their conclusion, and it’s fair to assume they have data no one else can see.

    ”They don’t want to understand the evidence.”

    This newly uncovered data paints an even clearer picture for the public, showing a credible link between the several leaking outlets chosen by the hackers, and, once again, pointing toward Fancy Bear, a notorious hacking group that’s widely believed to be connected with the Russian government. While there are still naysayers, including presidential candidate and former reality TV star Donald Trump, for many, the debate over who hacked the DNC, and who’s behind all this hacking, is pretty much closed.

     

    “We are approaching the point in this case where there are only two reasons for why people say there’s no good evidence,” Rid told me. “The first reason is because they don’t understand the evidence—because the don’t have the necessary technical knowledge. The second reason is they don’t want to understand the evidence.”

    UPDATE, 10/20/2016, 4:31 p.m.: After publication of this story, Bitly sent Motherboard a statement to say the company can only do so much to prevent malicious actors from using its service, as it "cannot proactively police our customers’ private data without compromising our commitment to their privacy."

    "The links and accounts related to this situation were blocked as soon as we were informed. This is not an exploit of Bitly, but an unfortunate exploit of Internet users through social engineering. It serves as a reminder that even the savviest, most skeptical users can be vulnerable to opening unsolicited emails," the statement read. 

    Get six of our favorite Motherboard stories every day by signing up for our newsletter.

    Source : motherboard

    Published in Internet Privacy
    Page 1 of 2

    airs logo

    AIRS is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

    Subscribe to AIRS Newsletter

    Receive Great tips via email, enter your email to Subscribe.
    Please wait

    Follow Us on Social Media

    Read more content?
    Register or Login as "AIRS Guest"
    Enjoy Guest Account
    or

    x
    Create an account
    x

    or