Doing email — options

 Computer  Comments Off on Doing email — options
Nov 282017

When I ask some of my clients how they get to their email, a typical response is “AOL” or “hotmail” or “Google.” Or they might say “” or “” Well, that’s not what I’m trying to understand.

Knowing their preferred service company or email address is a start, but I’m more interested in whether they get to their messages on a desktop or notebook computer or on a smartphone or tablet (or all of those devices). And if on a desktop or notebook computer, whether they use a special purpose program (like Microsoft’s Outlook, Apple’s Mail, Mozilla’s Thunderbird) or a general purpose program — a Web Browser like Microsoft’s Edge, Google’s Chrome, Apple’s Safari, Mozilla’s Firefox, etc.

There are pros and cons to each option. When a Web Browser is used to access your email on a service provider’s Web site, this method is called Webmail. One advantage to this is that you visit other sites (web pages) using your browser and so webmail is just visiting a special type of site. And you can do this anytime and anywhere you have a device with an Internet connection and a browser. No special programs need to be installed and configured. You do not even need to use your own computer.

Webmail can be tedious, however, when you have many email addresses (and accounts with several email service providers) — going to separate sites to check each one.

A special purpose email program, however, can typically manage multiple accounts and Inboxes, which makes checking those accounts more convenient. A special purpose program also may in general be easier to use (a friendlier graphical user interface). That’s why many pepople still use the AOL Desktop program.

On smartphones you’ll generally want to use a special purpose app, like Apple’s Mail or Google’s Gmail app.

Here’s a drawing intended to clarify these email options (link to pdf version below).


email options-app_vs_webmail

Biggest data breach ever — Yahoo + some AT&T accounts

 Computer  Comments Off on Biggest data breach ever — Yahoo + some AT&T accounts
Sep 242016

Big news this week regarding data breaches. Yahoo revealed that account information for at least 500 million users was stolen by state-sponsored hackers two years ago. PC World’s article “Here’s what you should know, and do, about the Yahoo breach” discusses the breach and reviews best security practices.

An email compromise is one of the worst data breaches that a person could experience online, so here’s what you should know … there’s no way to tell if your account was among those whose passwords were hashed with bcrypt or not, so the safest option at this point is to consider your email compromised and to do as much as damage control as possible. … Large data breaches are typically followed by email phishing attempts, as cybercriminals try to take advantage of the public interest in such incident.

Here’s Yahoo’s official September 22 statement on the breach: “An Important Message About Yahoo User Security.” Their statement includes recommended actions.

UPDATE 9-27-2016: A CNET article today reminded me that some of my clients have AT&T high-speed Internet service (sometimes phone service as well) and their email service uses Yahoo.

Many AT&T customers use Yahoo accounts to manage their services and could be at risk. … It’s the outgrowth of a partnership formed 15 years ago between Yahoo and AT&T (then called SBC Communications), bringing AT&T broadband customers to Yahoo’s search engine and media services, including Yahoo Mail. … The hack puts AT&T in an uncomfortable position. The company is still waiting for data from Yahoo on the specific customers who may have been affected, according to a person familiar with their dealings. … For now, AT&T is offering little advice to its customers beyond the standard line: regularly change your passwords.

Email spoofing — a reminder to be alert

 Computer  Comments Off on Email spoofing — a reminder to be alert
Jun 162016

Malwarebytes Labs’ blog recently posted an article about email spoofing. It’s a good reminder about following best practices — ways to avoid scams.

Email spoofing basically comes down to sending emails with a false sender address. This can be used in various ways by threat actors. Obviously pretending to be someone else can have its advantages especially if that someone else holds a position of power or trust with regards to the receiver.

Phishing campaigns use email spoofing. The article lists other reasons for spoofing as well. Scammers and criminal organizations have different business models (typically to generate revenue) and use cons that have been around for centuries.

There are technical procedures to confirm a spoofed message, but these are not practical for most people. Sometimes I get messages claiming to be from a client. I am immediately suspicious because of the subject of the message (or the lack of a subject). Examination of the raw message usually reveals that it was indeed a spoof and sent to a bunch of addresses stolen from the alleged sender’s address book.

The industry has been working on technical countermeasures to detect and stop spoofed messages. Your Internet Service Provider (ISP) may use some. But they are not foolproof.

Remember that email was designed much like the delivery of paper letters by the United States Postal Service (USPS). Anyone can write any “to” and “from” addresses they like on the envelope. There’s no authentication by the USPS.

Spoofers also rely on “look alike” or “sound alike” names and other words, which can trick anyone not paying close attention.

And remember that Caller ID on your phone may be spoofed as well.

CA Verizon email users — moving to AOL Mail and more

 Computer  Comments Off on CA Verizon email users — moving to AOL Mail and more
Feb 232016

Are you using a Verizon email address (like If you have not already received an email message with the subject “Immediate action required to keep email active” from Verizon Notification (, then you should get one soon (deadline is in March)! Here’s what I received yesterday:


As a reminder, we are moving your email to AOL Mail. In order to continue using this account, you must activate your account within AOL Mail no later than [date]. You will lose access to your email account if you do not activate on or before [date].

Activating is easy.

  1. You will need access to an internet browser.
  2. Go to and sign in to your account.
  3. Simply click on “Get Started” to begin.

Note: If you have already activated your email with AOL Mail, please disregard this message.

Once activated, you can continue using your email address and receiving email through AOL Mail. This transition is free and will provide you with additional benefits such as more email storage space and advanced spam filters and virus protection.

You can find more information about your move to AOL Mail here.

Note these questions:

  • How will I know when my email is being moved over to AOL? How do I start the process?
  • What will happen to my email?
  • Will my email address and password change?
  • What will happen to my email if I do not complete the basic AOL registration to move my email to AOL?
  • Do I need to update my settings if I am using an email application such as Outlook, Thunderbird or the mail app on my mobile device?

Here’s the AOL Mail for Verizon Customers help page.

Hopefully you also noted the preparatory notice last year. On November 19, 2015, I received an email message with the subject “Introducing new, enhanced email service.” That message introduced the upcoming move:

We’re teaming up with AOL to provide you with AOL Mail, an enhanced email experience that we think you’re going to love.

Here’re some other references:

Verizon Move to AOL Mail – FAQs – AOL Help

Verizon Mail Using AOL Servers?

Oh, and don’t forget about the upcoming Frontier Communications acquisition:

“Just wanted to let everyone know that Frontier has made a little FAQ for the sale:” [FiOS] Verizon CA, TX, FL FAQ.

Here’s Frontier’s Residential FAQ.

When people say you’re sending spam

 Computer  Comments Off on When people say you’re sending spam
Jun 302015

June 29, 2015: Lincoln Spector, PCWorld Contributing Editor, repled to a reader’s question about “What to do when your email address sends spam.”

If spam is going out from your email address, the address has been either spoofed or hijacked. Either way, the spam isn’t going out from your computer, and probably not from the criminal’s computer, either. It’s probably going out from an unknowing victim’s malware-infected PC.

Read the full article for his advice.