Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • April 24, 2017, 12:26:33 PM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: How SneakEmail Once Saved Me From A Phishing Attack  (Read 508 times)

holt

  • Member
  • Joined in 2015
  • **
  • Posts: 190
    • View Profile
    • Donate to Member
How SneakEmail Once Saved Me From A Phishing Attack
« on: December 19, 2016, 04:42:44 AM »
I've been a https://sneakemail.com/ client for about 10 or 12 years now; it's $2 per month, or only $24 per year.
It's not an email server, but an anonymizing 'front end'; for each new contact you need, it creates a random address prefixed to the *.*@snkmail.com suffix/domain, which you can preserve or delete at will. Also for each new contact you get to name it, as; 'AnyName' <*.*@snkemail.com>.
So I've got one for Paypal, as; 'PayPal' <xxxxxxxxxxxx@snkemail.com. I created the 'PayPal' title, and SneakEmail created the random, unique alpha-numeric address represented by the 'xxxxxxxxx' part.
SneakEmail receives incoming or outgoing emails, and 'rolls them over'  to or from my Desktop email server, my 'core', real email address which nobody ever sees or gets.

So one day, I received a Paypal request warning me of phishing attacks and asking me to click on the attached link and log in to authenticate my account; it may have also asked me to update my password.
Believe me, I am not stupid, but the entire presentation was so 'authentic', I would have fallen for it hook, line, and sinker, except for one teensy tiny little detail; the email prefix should have been 'PayPal', and instead it was one of my other unique shopping account SneakEmail addresses. The entire come-on was true-blue Paypal, absolutely, positively, down to the last detail... ...except that the optional prefix which should have said 'PayPal', was one of my seldom-used 'any store' prefixes (ie Amazon, Ebay, 'acme hardware', and so on).
Instead of clicking on the enclosed Paypal link included in the email, I went to the Google web search page (I've since switched to 'Duckduckgo'), looked up Paypal, found their scam-phishing report email address, and reported the entire suspect email, header and all, to the real Paypal.
Within a few hours, the real Paypal with the proper 'PayPal' prefix as created by me in SneakEmail, reported back to me with a confirmation that said basically, "You're right; it's a phishing attack."

As follow-up, I went and logged into my personal SneakEmail account, brought up the phishing attack email address (which was originally created for a hijacked legit store front email address), and deleted it.
My 'real' email address, the 'core' one nobody ever sees, remains safe and confidential.
"This is the best bad idea we have, sir. By far." (cf. 'Argo'.)

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 36,921
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: How SneakEmail Once Saved Me From A Phishing Attack
« Reply #1 on: December 19, 2016, 10:52:04 AM »
It is a great idea to use different email addresses for different websites, whether that's by using a mail service like sneakmail, or one that allows you to use prefixes like PREFIX-name@domain.com.  Doing so also makes it easy to see when one company/site has sold your email address to another.  Makes it easier to figure out where your spam is coming from and block it.

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 6,454
  • Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: How SneakEmail Once Saved Me From A Phishing Attack
« Reply #2 on: December 19, 2016, 04:42:07 PM »
Yes, I have used opayq (now blur) from https://abine.com
It's proved very handy, and it's $FREE - though there are $PAID options.

4wd

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 4,560
    • View Profile
    • Donate to Member
Re: How SneakEmail Once Saved Me From A Phishing Attack
« Reply #3 on: December 19, 2016, 09:10:33 PM »
SpamMotel is similar, used to be free now $9.99/year.

These days I find it easier just to use GMail accounts, I have 20 or so and except for one, I regard them all as temporary, (and even that 'one' could be dropped without a problem even though I've had it 10+ years).

Advantages are the spam filtering, (including phishing), I don't think I've seen anything spam/phishing related in months, and I've never had a GMail address be rejected on a website - which I have had with MaskMe (now Blur).