I would be more than willing to debate that with you. The password and username is stored by IE if you allow it to do so, this is more than the cookie that is set when you check remember me. The MS email programs will run several different programs if you allow then to be previewed, you do not have to do anything. They will also execute any scripts imbedded in the HTML if you preview any HTML message. Your information is correct but somewhat out of date. The people who are getting burned now are the people running a stock system that has not been modified for secuity, they are still using the default settings.
On Wed, 24 Oct 2007 16:50:00 -0700, Daniel Melvin wrote: >The previous post wasn't completely accurate, but there was some good >advise. Change settings on any email reader to not show the content of the >email unless you open it. All the issues mentioned below go away. Also, if >you use Automatic Update with any operating system you have the likelyhood >of such issues go way down as well. Caution is the the key. Don't open or >respond to emails from anyone you don't know. Don't click on links in emails >you don't trust. It's fairly simple. >Also, the ebay password is not on your computer in a cookie unless you say >remember me on this computer. Something I never do on any computer for any >password. That again is not unique to windows. The password is stored on >your computer by the web page when you click on the remember me on this >system part of the login page. >Dan >----- Original Message ----- >From: "Rich" <[email protected]> >To: "Antique Phonograph List" <[email protected]> >Sent: Wednesday, October 24, 2007 2:53 PM >Subject: Re: [Phono-L] Record Price for Edison Army-Navy?? >> If using Windows and either Microsoft email programs, Outlook or Outlook >> Express, you need to be aware >> that Internet Explorer stores login information. The email program will >> run a script if you open or view, >> an email. The script will go extract your login info and ship it off >> through the internet. see the linkage >> of the email and the browser? That is the hole. The script in question >> is usually a .vbs routine >> embedded in an HTML formatted email. Outlook / Outlook Express run the >> ,vbs by default, you can turn >> this "feature" off. Also turn off displaying HTML emails. >> >> This is how you loose your ID and Password and never filled in anything. >> >> >> On Wed, 24 Oct 2007 14:48:20 EDT, [email protected] wrote: >> >>>Bruce, I had my eBay identity AND password hijacked recently and someone >>>used it to put a bunch of Mercedes, Jaguars and Rovers up on eBay for >>>sale by >>>......me! I still haven't figured out how they would benefit from this. >>>But >>>I was told by eBay that you don't even have to click on the links given >>>on >>>the phishing site for them to find your password. You just have to OPEN >>>a >>>phishing email for them to gain that information. I certainly don't >>>understand >>>how they can do that. I'm opening fewer emails now! >>>---Art Heller >> >> >> >> _______________________________________________ >> Phono-L mailing list >> http://phono-l.oldcrank.org >_______________________________________________ >Phono-L mailing list >http://phono-l.oldcrank.org
