Digital Hero

As reported by Luke Dormehl in his article for Cult of Mac, the issue of evil twin routers and wifi hotspots is becoming another way for blackhat hackers or blackhats )Your old Bell POP account on your computer or mobile device cannot communicate properly with Bell’s new IMAP setup. You’ll need to set up a new IMAP version of your Bell email account on every device you currently have it in POP form. Period.

Here's why and how... up to Bell's

Still struggling with the duplicate email issue with your Bell account? Here's the step Bell forgot to mention: create an IMAP version of your account... wait, don't freak out... it's easy to do and will stop the duplicate email issue.

Here's why and how... up to Bell's transition date, they supported the POP (Post Office Protocol) for email. That meant that when you deleted an email in your Bell Account on your computer, you had to repeat the process on every other device that same account was on. On the other hand, IMAP (Internet Message Access Protocol) is better because with it when you delete or move an email on one device your action is mirrored on the server and so every connected device duplicates that action automatically. That means you don't have to!

Without setting up a Bell IMAP version of your account, your old POP account is trying to talk to Bell's new IMAP server and that's like, well, Apples and Oranges... they just don't speak the same language. So, when your existing Outlook or whatever email software you use pulled your mail down and tried to told the IMAP server that it had the new mail, the IMAP server ignored that since it doesn't speak POP and kept those messages marked as new or unread. The next time you checked mail... you got them again, the process repeated and so here you are with probably thousands of copies of the same messages all marked as new or unread.

Let's get to the steps (Mac users your instructions are here):

1. We need to stop your old POP account from trying to pull mail. To do that, open your Outlook, then click FILE then OPTIONS then ADVANCED.
   
   
2. The screen you should see is "Outlook Options". On the right side, Scroll down until you see the "Send/Receive" button then click it.
   
   
3. The screen you should see is "Send/Receive Groups". Click "Edit" and now you should be looking at "Send/Receive Settings - All Accounts." Find your existing Bell Sympatico account on the left side, click it once then on the right side uncheck "Include the selected account in this group", then click "OK", then click "Close" and finally click "OK" as you back yourself out to the main Outlook screen you are used to seeing.
   
   
4. Go to: https://webmail.bell.net and log into your NEW Bell webmail space. Under your inbox you'll see a folder called "POP" - that's where your emails from the old server are stored. You are now sitting in the new IMAP server. If you want to get rid of any really old emails, you can do that here before proceeding since the less mail you have here, the quicker it will be to complete the syncronization in step #6.
   
   
5. Go to your Outlook, then select FILE then ADD ACCOUNT then E-mail Account. Enter your name is you want it to appear, your full Bell email address and your password from step #1.
   
   
6. You'll get a couple of questions asking your permission to automatically setup the new account... select "ok" or "yes" and if you've done everything correctly, within a minute, you'll have your new Bell IMAP account setup and it'll start to pull mail. Depending upon how much old mail you have and your internet speed, this could take quite some time.7. Once you are satisfied that you have what you need from the old Bell POP account, you can delete it and the mail it contained... or keep it for as long as you need to.

Share this with others you know may be frustrated with having received repeated duplicates on their Bell email account.

Until next time!
Bob

Comment on this blog item.

Okay, I know I've already blogged about email phishing scams, but this one was close to home, so I thought I’d share. I received an email this morning, supposedly from ScotiaBank… NOT. Let’s review…

1. banks NEVER send requests for confidential information by email; and
2. banks aren’t going to make spelling and grammar mistakes on professional communications to clients.

So, here’s what the email looked like, marked up with the appropriate comments:

And how did this phishing scam of an email find yours truly? It took 6 jumps:

1. it originated in Germany
2. made a short visit to France
3. then to another server in France
4. it hopped across the Atlantic landing in Boston, Massachusetts
5. it scooted up to Burlington, Massachusetts
6. zipped from the east coast over to the west landing in one of Apple's servers in Cupertino, California
7. and finally was delivered to my Apple iCloud account from which my mail program pulled it down.

It's trip took only a couple of minutes start to finish.

I'm going to split into two directions now: for those that don't want to know how I traced this back, stop here and take with you five things:

1. if you receive an email from someone you don't recognize, DON'T OPEN IT, instead delete it
2. if you open an email and it's asking you to click a link... READ the email... did you order the product or service it's about? If not, delete it
3. if an email is asking you to click a link... hover over - DON'T CLICK - the click and check the URL in the yellow tool tip against what is displayed - if they aren't the same or at least look like they're going to take you to the intended website... you guessed it, delete it
4. governments, banks, cell phone companies, and pretty much EVERYONE doesn't use email to verify personal/private/confidential information because email is largely UNENCRYPTED and NOT SECURE - if you get an email asking ANYTHING to do with personal/private/confidential information, delete it
5. if you want to report the phishing attempt to the organization the attacker's email is pretending to be from, check the organization's website or call them since most have an abuse@ or phishing@ email address that you can forward the email to and they'll attempt to track the source and take appropriate action 

How did I trace the source of this email phishing scam?

If you've hung on to this point, then you want to know how I traced this email to its origin, so here we go. Every email has a header... the part at the top that contains the "From", "To", "Subject", "Date", information. What you don't realize is that there's WAY more in the header than just what we normally see.

Our email programs are set to display the "friendly" headers we are used to seeing. In fact, the header of each email contains its routing information that accumulates as the email travels from its origin to its destination. Spammers and scammers rely on the fact that most people don't know about the routing info in the headers, how to access it and how to use that information to trace the origin of their phishing emails.

Let's pick apart the detailed header of this email so you can see how I traced the path of this Geschenk (gift):

The only extra step was in #4... 10.20.15.2 and 10.20.13.1 are internal network IP addresses, so I had to look up the external IP address of the eigbox.net domain. This is where the link from my info@ address to my @me.com address took place.

To look up the IP addresses I used WhatIsMyIPAddress.com and for looking up the hostname to get the IP address in step #4, I used the hostname to IP address lookup page from the same website. This website also has a page that will attempt to trace the source of an email automatically by allowing you to paste the full header of the offending email into their webpage - what I did the long way - but in my case it wasn't able to figure out the route. You may want to try this before you roll up your sleeves and do it my way.

How do you display the full header information on your email program?

To set your own email program to display the full email headers, follow the instructions for your program by checking your help file. Here are the instructions for some of the more popular email programs borrowed from the Google Email Support Page:

Until next time!
Bob

Comment on this blog item.

Yes, Macs CAN be infected. Period.

Granted that because of the way their operating system is built (largely thanks to the UNIX core it draws from) it is more difficult to infect them, but none the less they can be infected. More importantly, your Mac can be a carrier for malware spreading that malware to others you email, etc.

One reader of my blog sent me an email they received, apparently from PayPal, telling them that a payment had been deposited into their account. Fortunately, after reading my earlier blog item about avoiding bogus emails and phishing scams, they were able to recognize the warning signs. First, they didn't recognize the person who had supposedly paid them. Second, they hovered over the links and none of them matched their displayed counterparts.

They wanted me to check out this phishing scam and forwarded me the offending email. When I received it, my anti-virus immediately kicked in and grabbed the attachment. Here's the payload that was trying to launch before I even opened the email:

Notice the "370163.emlx" piece... that was the attachment this email contained. As soon as the attachment was touched by my Mac's operating system, to write it to the hard drive, Kaspersky... my anti-virus-of-choice grabbed it allowing me the privilege of hitting the "Delete" button and bringing this potential nasty to a swift end. By the way... you can set your anti-virus to automatically deal with malware when it's detected. Don't think you need to be bothered every time one is found... I like to know because it's my business.

Here's what this malware was trying to do to my Mac:

I contacted the reader and told them to immediately update their anti-virus definitions, run a complete scan of their computer and told them what to look for. Sure enough, the outdated definitions had allowed the malware to run. Fortunately, the scan was run soon enough after that the compromise was stopped.

The moral of this story?

• Mac users still clinging to the old paradigm that our computers are invulnerable... wake up and smell the malware, baby! Stop being harbingers of malware for everyone you electronically connect with and throw down some anti-virus protection for your Mac. Here's a couple of the best choices: Kaspersky and Intego's Virus Barrier family of products. The latter is especially good right now because the app is also available for your Apple mobile devices. The tablet version of Kaspersky is being worked on for the iPad (no release date available), but currently they cover only Android devices.

Until next time!
Bob

Comment on this blog item.