On Thu, Jan 23, 2020 at 3:21 PM Anne P. Mitchell, Esq. via mailop < mailop@mailop.org> wrote:
> > > > On Jan 23, 2020, at 3:38 PM, Jaroslaw Rafa via mailop <mailop@mailop.org> > wrote: > > > > Ah... I always forget that people use mobiles nowadays for sending mail, > > where you have separate contacts list at system level... By the way, > isn't > > mobile usage the root cause of most issues with sending messages to the > > wrong address? > > On a mobile client you often don't see the e-mail address of the > recipient > > at all... you only see the name (well similarly is for Gmail's web > > interface) - I always wondered why is this, because I see this as > primarily > > stupid - hiding from the user to whom he/she is actually sending mail > to... > > Those mail clients also help scammers spoofing inbound mail, because they > display the contact image and friendly name associated with the spoofed > email address (which is how one company was scammed out of over $4million > USD), as we write here in our caution to *not* have your email client > display contact images or so-called 'friendly' names: > > > https://www.theinternetpatrol.com/warning-having-email-display-senders-contact-image-and-info-helps-scammers-get-in-through-the-cracks/ Expecting users to be trained to catch this is... wishful thinking, perhaps? Maybe 1 in 100 will manage it, and even then, not all the time. I mean, it's nice if it's easier to tell, for those who know what they're doing... but that won't be everyone. You'd be better off putting in place other controls on things like how you process/receive/handle invoices than that. Brandon
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
