How to Spot Any Spoofed & Fake Email (Ultimate Guide)
Ғылым және технология
YOU'LL NEVER GET TRICKED AGAIN! (Scammers will hate this)
⇒ Become a channel member for exclusive features! Check it out here: kzread.infojoin
▼ Time Stamps: ▼
0:00 - Intro
1:49 - The "From" Domain
7:17 - The Reply-To Field
10:07 - Mailed By & Signed By
12:16 - Authentication Headers (Basics)
16:49 - SPF
17:47 - DKIM
21:32 - DMARC
23:46 - How SPF Works
24:59 - How DKIM Works
26:59 - How DMARC Works
27:53 - WHY BOTHER?
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
Merch ⇨ teespring.com/stores/thiojoe
⇨ / thiojoe
⇨ / thiojoe
⇨ / thiojoetv
My Gear & Equipment ⇨ kit.co/ThioJoe
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
Пікірлер: 1 500
Well this video ended up being way longer and way more work than I thought (I believe it’s the longest serious video I’ve ever made). Be sure to like it because if it flops I'm going to stick my head in the Large Hadron Collider
@usernameyoutuber
3 жыл бұрын
Ye long
@minisaiju7699
3 жыл бұрын
Man i love that emoji.
@Skoopyy.
3 жыл бұрын
i hate life
@minisaiju7699
3 жыл бұрын
@@Skoopyy. nobody asked.
@Drag0nmaster
3 жыл бұрын
@ThioJoe There is a bitcoin bot in the comments
Best policy: Never click on a hypertext link in an email.
@AlDunbar
3 жыл бұрын
And never reply to an email you are suspicious about
@BarrySwords
3 жыл бұрын
Best policy, just delete all emails automatically. Don't even read them.
@romoney
3 жыл бұрын
@@BarrySwords when you have a very important invite email
@Swanicorn
3 жыл бұрын
I have found my group of friends here I guess. You basically distilled the entire video in one sentence! Email is dinosaur technology. It's like governments making new currency designs when most people use digital payment systems. Pointless!! XD
@longliveclassicmusic
3 жыл бұрын
Precisely.
I did not know non-ASCII characters were allowed in email addresses. Thank you for such a detailed informative video.
@MatthewDeveloper
3 жыл бұрын
Congrats to got a scammer replying to your comment lol
@noelj62
3 жыл бұрын
@@MatthewDeveloper Reported
@Roule_n_Scratche
3 жыл бұрын
@@MatthewDeveloper what comment?
@MatthewDeveloper
3 жыл бұрын
@@Roule_n_Scratche A scammer with nearly the same username, and profile picture as ThioJoe said "About bitcoin investment, please kindly call. .............. " Yeah, general scammer.
@Roule_n_Scratche
3 жыл бұрын
@@MatthewDeveloper ah ok thanks
Yes, last week. I kept getting a message saying they were from Netflix and they were going to cancel my account if I didn’t update my address. Funny thing is I don’t have an account with Netflix
@Dave-um7mw
Жыл бұрын
I actually got one of these the day after I signed up for Netflix so I thought it was real. Bitwarden saved me though because I became suspicious when it didn't recognize the website that asked me to login.
@trixonx
Жыл бұрын
Maybe it's a Nigerian price giving you a free Netflix account. I won the coca cola lottery and my money should be arriving in a few days. I paid them some legal tax fees or whatever for this, but who cares... Soon I'll be rich and a top G.
@LootFragg
Жыл бұрын
@@trixonx I am actually a very attractive female top model and I am so attracted to your lottery winnings but also true love. I also want to share my crypto earnings with you or something.
@MeryP24
2 ай бұрын
I got received email too.@@Dave-um7mw
Wanna know what you do? Get a font that only has the a-z characters, and also a couple other important ones like 0-9 and some important symbols. Then set a fallback font to make the email address super obviously not latin characters. This is how you COULD do it.
@FoxGoesBrrr
3 жыл бұрын
ah yes... I use Windows 7 and it makes up weird looking boxes for emojis and characters which aren't from English transcript.
@Kitulous
3 жыл бұрын
sorry but I'm the speaker of a language that doesn't use a Latin script so that obviously wouldn't work for me so what do I do I copy the text, split it into characters using Node.JS and convert them into Unicode codes if any of the symbols is greater than 255 then that's obviously not an ASCII character
@DeactivatedCharcoal
3 жыл бұрын
I use a programing font for normal viewing that makes all characters VERY clearly distinctly different. so Capital O and the number ZERO and Lower Case L and the number ONE can never be confused. When I get a weird email I switch to a special "hand writing / cursive font" that looks really nice (but the author of the font did not do every single font just the standard ASCII. Any non-ASCII jumps out like a sore thumb.
@Roko131
3 жыл бұрын
@@DeactivatedCharcoal Which font?
@nightfox6738
3 жыл бұрын
You mean a font that only allows the basic 128 ASCII characters then a fallback font that highlights everything else red or something? Seems like a good idea.
Actually true, The Russian "a" and Greek "A" are pretty similar to the English one.
@DominicDeligann
3 жыл бұрын
Yeah -greek boi, 2021, colorised
@benjaminkim1
3 жыл бұрын
I mean, that’s how I get usernames. Only if the accept them 🤣🤣
@nikolasprogamer
3 жыл бұрын
I am from Greece and this is isn't true because: English/US/UK: a Greek: α
@CatsRobloxOther2nd
3 жыл бұрын
@@nikolasprogamer facts
@DominicDeligann
3 жыл бұрын
@@nikolasprogamer uppercase A... Not lowercase
I've been tracking spammers since the 1990s, and this video definitely covered the bases without getting too hairy for most folk. This can be an intimidating task, so simple straightforward examples are key and should cover most such threats. Good coverage of caveats, too. There are so so many angles, and limitations, so those this-but caveats are important. Something can look clean, but still fail the sniff test (BS Meter). Great job!
@mikeowens6291
Жыл бұрын
"without getting too hairy for most folk"? Certainly "too hairy" for me, and I would imagine MOST email users!😆
@ScotHarkins
Жыл бұрын
@@mikeowens6291 no, most email users do not get it. I work with reasonably technical people who have difficulty with some of the concepts. The engineers and senior sysadmins understand, of course, but lots of others can only grasp most of it. The lay people, on the other hand, don't even understand the idea of other typesets. They understand that Kanji is clearly different, but visually nearly identical characters mixed with English is a step too far to grasp. Many of these are older folk, often retired, all with degrees of various levels, one even a retired programmer for Wells Fargo. People come in all shapes and sizes, and their ability to grasp rises and falls with professional standing and life stage. It's just how things are.
This video is extremely informative, extremely well done, and is the kind of video that can make a difference for a lot of people. Thanks Joe, well done.
nice video! im gonna show this to my grandma
@Appalling68
3 жыл бұрын
LOL!
@dustlessbard007
3 жыл бұрын
Great
@theovermind7435
3 жыл бұрын
Gammie always needs to know!
@leeemery01
3 жыл бұрын
Good
@plutoidrepublic2765
3 жыл бұрын
@@theovermind7435 you mean grammie?
The sad part is that anyone who can follow your entire presentation without their eyes glazing over was already capable enough of avoiding scam email. It is simply too complex for average email users to keep in their heads.
@Jordan-Ramses
2 жыл бұрын
i just assume that every email is a scam. nice try mom, i'm not falling for christmas dinner
@marioluigi9599
2 жыл бұрын
Is that because most people are just dumb?
@Jordan-Ramses
2 жыл бұрын
@@marioluigi9599 - yes but also they prey on people with brain damage. From age usually.
@marioluigi9599
2 жыл бұрын
@@Jordan-Ramses So most people have brain damage too?
@wakeupuk3860
2 жыл бұрын
Sadly and having been in IT since 1982 and taught security plus I admire what ThioJoe is doing - I could not agree with you more. Most people are handicapped by the complexity of a system that is so handicapped because due to its complexity and is getting worse.
Normal person: just checks if the email makes sense and doesn’t click on the link and goes to the website directly ThioJoe: Makes a 30 minute investigation and reports them to the FBI
@Manche-De-Pelle
3 жыл бұрын
In my country they don't give a damn except if they achieved to still from you ... Had even local scammer who came at my home for fake "meldew" detection and police didn't investigate. If I had give them money they would had start an investigation in the bottom of the criminal cases because it's not a violent crime ... so maybe 10 years laters tehy would had started the case.
@Manche-De-Pelle
3 жыл бұрын
@Thɑт Spοk so you think you need to call every country that you think who try to scam ??? Maybe call the men in black ...
@SahajOp
2 жыл бұрын
u mean CBI?
@wakeupuk3860
2 жыл бұрын
Arrrr!! but sadly us 'normals' are on the decline, normality as checking the road three times before crossing was once a very normal and very sensible thing to do. So often I now see mainly young people with their nose in their mobile who just walk into a road with traffic and then screen and shot at a driver who has had to slam on their breaks and the pedestrians truly believes the driver is in the wrong. The same goes for people reading their emails who now instinctively as they do walking and looking at their mobiles click onto hypertext. Sadly, the day of 'normals, will soon be no more.e
It is getting to the point that flying to the sender and visiting them in person might actually be easier than exercising this level of scrutiny for every one of the hundreds of emails that show up every morning.
@davidschofield5194
2 жыл бұрын
Best comment! Couldn't the email client do some of this work?
@jpdemer5
Жыл бұрын
The idea is to run these checks when you come across something fishy, not for every email you receive. Problem is that what's shown here is pretty much all specific to gmail. (Thunderbird is my client software, and it's not even mentioned.) I check the full header when in doubt; it's mostly gibberish but the domains do stick out, and in my experience you'll find the usual suspects (.in .ru .cn .bg etc.) if it's spam or a scam.
@GeeEee75
7 ай бұрын
I have a Gmail account and the vast, vast majority of junk mail goes into the spam folder without me even seeing it. Perhaps you need a new email provider?
1:10 wow I laughed so hard over this part, I literally almost died from suffocation.
@user-eb6vc2gs9e
3 жыл бұрын
did you die from suffocation
@its_jasonBSF
3 жыл бұрын
@@user-eb6vc2gs9e yes
@doxyf
3 жыл бұрын
@@its_jasonBSF man dead people don't comment 🤫
@its_jasonBSF
3 жыл бұрын
@@doxyf how do you know that
@ThatNerdAlbert
3 жыл бұрын
@@doxyf how would you know? i also saw a man who commented that he died once, i believe him
Thanks Joe. I just finished upgrading our agency email system yesterday. You're video timing is impeccable!
I try to pass this knowledge on to the users in my company. But in the end, I just end up telling them "don't click on links or attachments in email" Only if they were expecting something from someone they have personally spoken to.
Wow man, You really did your homework on this one huh? 😁 I wanna say I am really thankful you are taking the time to make Videos like this, because there are SO MANY Tech people out there teaching people how to hack and scam, (I think just to they can Create the "Problem" so then THEY can become the "Solution") and no one is Teach people how to Defend themselves from these Hackers. I'm really glad you are fighting the good fight here man. Thanks!
This one is very important ❤️
Thanks You made this topic easy to understand. Very informative.
@ThioJoe
3 жыл бұрын
👍
@NicolasA346
3 жыл бұрын
👎
@nyizgobithedingus
2 жыл бұрын
@@NicolasA346 tf?
@KPB059
2 жыл бұрын
👎 nah it good
@mikeowens6291
Жыл бұрын
You think????
Thanks for having actual captions for the Deaf - makes video much easier to follow - thank you for your good work!
More power to your elbow. This is the most informative video on the subject I have found so far. Great presentation as well
Facinating - but so much information that at the end I just said “What’d he say?” It’s a difficult subject, and I think there’s a real opportunity for someone to incorporate these logic tree steps into mail clients.
@htcmlcrip
3 жыл бұрын
Nah its simple. Just remember where to look for and what must match. Ignore any explanations as of why and you good to go.
@19lazyboy91
3 жыл бұрын
as he said in the video you don't really need to know what they stand for or how it actually works, just keep an eye on it and check if it does pass.
This is giving me a headache, but thank you.
Also you should watch out for if the domain has zero-with spaces because those have no width so they are invisible
@Zorro_no
Жыл бұрын
width*
@atpray
Жыл бұрын
😱
Wanted a video specifically like this for so so long, ty so much.
Thanks for informing us about these scams! Your a lifesaver! Love from SA
@Preinstallable
3 жыл бұрын
cj?
I liked this, watched it entirely. Although I already knew most of what's it about, it was very informative.
Man, this was a thoughtful and well put together presentation. I can't wait to get lazy, get scammed, and then go back to do these tests on the phishing email that got me and say "....yup, there it was, all along. 😑"
This is great , as a person who used to play with other companies open SMTP gateways for fun this is interesting, but they have tightened up the rules now with these SPF/DKIM and DMARC records. Thank you for this as it was fun to get a refresher for SMTP.
The fact that there needs to be a 30 minute video explaining all of this tells me that these big tech companies have some interest in not protecting their users. Most, if not all of this, seems like checks that could be built into our email clients fairly easily.
@ccgarciab
Жыл бұрын
Don't attribute to malice what can be easily explained by stupidity or incompetence. There's not enough (market) pressure on them to offer a good security UX, so they don't, because it costs development time, which is also money.
@jonnygiantrobot
Жыл бұрын
Whats the old adage for companies and scientists, "publish or parish." They have to keep cranking out stuff all the time.
@jonnygiantrobot
Жыл бұрын
If end users have to know this stuff then 2 things: 1) we should have jobs with these companies doing development or security. & 2) it saves the company money so they dont have to hire developers, security, IT people, or more customer svc reps to handle these issues. We do it for them for free. And content creators get paid to talk about it all, see everybody's happy. 🎉😂😊😊😊
Man this is seriously needed nowadays and an absolute incredible job. Glad to be a subscriber
Thanks for this amazing video! I really like this longer and more in-depth style. Also realized that when I configured my email I just took the recommendation to use "~all" in the spf entry. I really didn't understand the meaning of all those things back then and was glad that I could just copy stuff per tutorial. Thanks to you, I know can confidently know what those entries mean and also changed the "~all" to "-all"!
@ThioJoe
3 жыл бұрын
Yep just make sure to test the emails to make sure they go through and pass. ~all is ideally just used during a testing phase so you can see if the emails pass or not without outright blocking them
Thank you for making this video. I think this topic is very important and everyone should know about this.
I set up my domain to do email not too long ago. I had to jump through all these hoops to set it up correctly. Happy to finally know what I was verifying. Apparently security is super important if you want to run your own mail server and also for stuff not to land in spam boxes. I passed all checks with the only caveat that I have to use an SMTP relay because no static IP. It doesn't show any via text, but it does show mailed-by.
This video is a real eye-opener
The no.1 spot channel to learn the very useful thing, thanks for the tutorial!
this video is amazing , I always thought that I know my stuff and can't be scammed but I learned a lot thank you , this video deserve a billion views and likes
Actually in outlook, if you just hover the mouse over each sender in the inbox, it will show you who the real sender is. So if the return email doesn't match the actual sender, then you know its a phishing email without ever having to open it.
@njbrad007
2 жыл бұрын
Also, after you open the email, select File - Properties. Lots of interesting information. (Have to make sure you aren't automatically downloading images, before you open the email)
@MikeWiggins1235711
Жыл бұрын
Also, in Outlook, I have found that using the "RULES" feature helps to keep the repeat offenders away. It's a pain to set up an exclusion rule for each of the dozens of bad players per day the first time around, but after a while you will notice that you don't get "re-visited". It IS useful. Also, for some reason, most spam (for me) originates from Gmail. I tried setting up a rule to exclude any mail from Gmail, but that backfired. I now create a rule for each jerk who sends their trap-laden tripe my way.
Now I have to explain all of this to my parents.
@jimybobjim
3 жыл бұрын
Good luck
Nice video! I set up my own mail server domain with DKIM, DMARC and SPF (-all!). But I guess I'll watch this video every year now just as a refresher, it's so hard to remember what each of these are doing. Thanks!
Excellent video about a very important subject! We need a lot more exactly like this one!
Interesting stuff, Joe . I managed to follow the encryption part much thanks to that I used PGP in the nineties. An encryption program built on the same principle.
@Solaceon
2 жыл бұрын
I think it's so wild that PGP is still a thing, albeit mostly on the dark web
*Joe, I thank you for explaining the difference between cyrillic "a" and latin "a." in a comment below, and I am paraphrasing, most of us know not to get involved with spoof emails, although I do report spoofs, for instance, from my bank. I have no idea what they can do with the knowledge; I just feel like a good scout for doing it*
In the first 7min its already information overload... 👌👌👌
Thanks very much for this. All your detailed info is appreciated
I need this guy to be my teacher, never could I pay attention for a whole half hour
"Nike" has bee BLOWING me up lately on my KZread channel email 🤣
@barteqt
3 жыл бұрын
lol
@TheRealOderless635gnat
3 жыл бұрын
Looks like there aren’t anyone saying Hello verified youtuber Guess it’s me then to be stupid noob Hello verified youtuber
@Smiledyy
2 жыл бұрын
Lol
@UmVtCg
2 жыл бұрын
Same goes for your mom
i guess i will watch this video again, a few months later. Thanks a lot ThioJoe!
Several years from now, the fact that this video was necessary will be a source of amusement.
I remember the time in 7th grade where my language arts teacher got a typical phishing email, and he printed it out and made copies for us to pass around so we know what those emails look like generally and to never listen to them
@yuriythebest
Жыл бұрын
I thought the story was going to be how the teacher got scammed, the fact that he instead used it to educate students about this is awesome
@Jenna2k
Жыл бұрын
Hope your teacher told this to the scammer lol
I have long been annoyed that email software doesn't easily and prominently show the actual email address of the sender and reply-to. Some only show the alias and not even the email address! Shameful because they know full well that this aids scammers. Definitely learned a number of things from this video and am now even more annoyed that email software doesn't make this easier.
Glad you made this video. I checked and two of my domain names were announcing old spf records. Thanks!
Wow, this is very thorough, I honestly love it. Although maybe a tiny bit too much for the biggest target audience (those who easily fall for spoofed emails), but then again I don't know how else to teach avarage email users all the important safety measure.
Gonna defend a paper which contains Phishing info next week, great timing for video haha
As mailserver admin, overall a solid video. I do think it's a bit...weird to show the "X% of domains use SPF" statistic when the absolute majority of domains have never and never will send mails. Most people outsource their mails to providers nowadays, because, as you've shown brilliantly in this video, email is a pain.
Probably your best video yet!
Totally awesome video! Joe is my hero! Fabulous channel!
A great tip for everyone is when you get a email that claims it's from Paypal or something they will always address you with the name you put in the account not your email address which is Another clear hint it's not from the actual company I noticed that from some Paypal emails when trying to sell something
@AlDunbar
3 жыл бұрын
Agreed, salutations like "dear customer" and "dear client" are basically code for "we have no idea who you are" That said, I recently received a fake email that addresses me by my actual name. I knew it to be fake as it purportedly came from a company that would have no reason to know either my email address ot my name. Lesson learned: don't assume I am. Skeptical enough.
@rebeccamcvey8600
Жыл бұрын
Paypal emails several times in the kast couple of days. Only one had my real email but I don't use ir even like PayPal so I knew it wasn't from them .They said i had a money request from people not known to me but yhey are trying to say send $599.99 to be unsubcribed if you didn't sign up for their product. I wouldn't do what they are asking anyway .I watch Scammer channels such as Scammer Payback, Kitboga, Pappamonkey, etc. So I know wherethey are going!!!
@LootFragg
Жыл бұрын
I usually notice the scam content long before I notice the sender is off. I always check for what it is the mail wants me to do and that just removes 99% of mails from the list immediately. Also, my mail client shows me the link text if I hover over hyperlinks, so that's a huge thing. If anything points anywhere in a country I don't know, it most certainly is a scam.
Love this guy
Nice refresher! Thanks for putting this up.
Long can be good and this is one of the good ones. Thanks for the much needed extra info on identifying fake emails.
"major email clients" **ignores Thunderbird** But still a good video. Paying attention to the sender address and if other header fields match can already filter out most spam/scam mails.
@nicholaskroeplin81
3 жыл бұрын
thunderbird is not very popular but ever since I use mozilla firefox, I kinda am in their entire ecosystem
@subhanjawad4666
3 жыл бұрын
wtf is thunderbird?
@mehregankbi
3 жыл бұрын
i use springmail. it's open source, it's cute and it shows the original message of hotmail better than microsoft app.
@NiyaKouya
3 жыл бұрын
@@subhanjawad4666 I really hope you're kidding/trolling. If not, try searching for Thunderbird and be amazed by an open source mail client that's made by the same company as Firefox.
@duckmeat4674
3 жыл бұрын
@@subhanjawad4666 do you know how to use google? It goes Futher than comments
I use a open source spamfilter, I get like 97% less spam now.
@christopherstrange3233
3 жыл бұрын
Like 97% is more like 60%. When somebody says 'like" there exaggerating.
@ThioJoe
3 жыл бұрын
I've found Gmail has almost perfect spam filtering
@moneybilla
3 жыл бұрын
@@ThioJoe yea gmail's filter is pretty good tbh shit it be flagging sum non spam ones jus to be safe lmao
@albertkleyn111
3 жыл бұрын
ThioJoe thanks very much for this most informative video!
@user-eb6vc2gs9e
3 жыл бұрын
@@moneybilla wow smart
I'm sending this to my mom and dad since they might fall for something like this. It's good to keep them informed! My dad once got one but it was for something he didn't have so luckily he asked my brother about it and he could tell it was a scam. Thanks for making this video!
I have kind of fallen out of the Internet loop, this channel is a very good pointer to keep me from failing too much. thx
Quite useful information-- you have matured well beyond your original "How to make your internet connection faster" gag video, which-- for a while, at least-- did no favors for your reputation.
Oh boy. Thumbs up BUT despite your hard work and detailed explanations it's all beyond my understanding. I did learn a few things though, some of them that I actually have the capacity to absorb. I know that people who really know their subject want to pass the information to their audience which results in going into overtime. It's what happens when you know your stuff. It's obvious that you know it. I have screwed up my computer in so many ways and so often (I'm in the middle of screwing up my outlook) that I don't even know how to reverse it or how to fix it, or how I got there in the first place. Although, from videos like yours I've learned to do a couple of things with questionable email. I don't open anything and I block the sender. Mine is just for home use though, and I can imagine that business computers and their email have to be scrutinized. See, I went further than I intended to as well.
@LootFragg
Жыл бұрын
I think the most important thing you can do is be skeptical. Ask twice. If you don't know how to verify something, get someone tech savvy to do it for you. It's what I do when people write really scammy-looking mails but it isn't clear whether they're real: I just ring them on the channels I know, asking if the thing is from them. Mails are never urgent. If someone writes a scammy-looking mail, they will have to live with you not responding to it.
Hi ya Theo! I just discovered your cannel and whish that I had found it sooner. It is absolutely brilliant!
Thank you. I don’t get most of this. The steps you take us through is something I can do even if I don’t understand it. Again thank you
I used to work for a big organisation and colleagues did get hacked and have their emails used for scam purposes. It does happen. Always do more checks because sometimes companies are filled with technophobes who get hacked easily lol.
@LootFragg
Жыл бұрын
Often the people in charge of moving large sums of money fast. Lol. I'm amazed at what we got told in our internet safety tutorial. "If Bob tells you to urgently wire 15.000€, don't immediately do it. First, go through the protocols and..." Like that's an actual thing? People can just wire thousands of moneys without any safety in place and they do so at the behest of someone mailing them to do so? I am on the wrong side of this. Send me all the money via Western Union immediately; it is I, your supervisor boss! P.S.: Don't call me on my phone because I'll be angry if you do.
Hey Joe: You should consider starting a security consulting business targeting corporations as clients. Robert
Wow finally somebody who explained SPF DKIM and DMARC in an understandable way
So yes, I finally subscribed - great video
My approach is to treat each email that I receive as suspicious. This prompts me to do the security checks.
Thanks for getting rid of that bot in the previous video it was really annoying to see.
@ThioJoe
3 жыл бұрын
Yea i delete them as soon as i see them
@minisaiju7699
3 жыл бұрын
Which bot?
@Drag0nmaster
3 жыл бұрын
There a bitcoin bot i see
Honestly, you have to carefully look at the email. There are other ways to spot that the email is fake, such as who they are addressing to (sir/madam), grammar, punctuation, etc. You covered a lot about gmail pretty well!
Thank you so much for sharing your knowledge to us. I've learned so much from you.🙏
I have an idea for a video: you should explain different types of viruses, worms, Trojans and what they are
@overnightdelivery
3 жыл бұрын
Look up BotNets. A cyber criminal can basically turn your computer into a Zombie that will download malware, log your passwords, use your connection to attack other websites, and many other malicious things without you even knowing it. One of the signs is a very slow or overloaded CPU even though you are not running many programs. I got them on my PC once when I shared an open wifi connection and it was hell trying to get rid of it.
Speaking of similar looking unicode characters. It would be cool if they color coded or used bold/italics for any character outside the ascii range. For example: Standard ascii characters would just be black like it usually is and other character would have a color, like red for example. Also, it would give you a warning to let you know what it means like "NOTICE: Colored/bolded character(s) detected. Phishers may use this to their advantage.". It would help alot since I have bad vision and the examples you've shown look pretty much the same (The fake 'a' and real one).
Comprehensive and detailed, well done
One of your best videos Thio. Thanks
Have to remember that some emails also "act" or "release" bad stuff as soon as you open them
@kennethsrensen7706
3 жыл бұрын
Thats why running a snadbox system is important so nothing can enter your system .
@MissxLariz
3 жыл бұрын
Wait how? Do you see something downloading or its secretly in background?
@kennethsrensen7706
3 жыл бұрын
@@MissxLariz It can be executed secretly i background as part of the data you normally download when open the email so yo wont notice it . Those few Kb is hidden within the email itself . yes scary to know that .
@ILikeGuns1992
2 жыл бұрын
Are they though? How? Wtf?
@ILikeGuns1992
2 жыл бұрын
@@kennethsrensen7706 how anything would happen if you just opened it and clicked nothing though?
"Dear friend" in the subject line is a red flag
Excellent video. If people remember just some of it, that'll do. Thanks Joe.
Well worth 30mins and 31sec of my time....Don't miss this!
"It's a fake!" Or just use inbox filters...
7:53 F in chat for those scammers who are getting their emails used as "bad scammer" examples. im sure they worked real hard on this project to scam people.. and your like "pretend it doesn't have a big warning.." and then continue to shit all over their hard work! *"STOP KILLING HIM, HE'S ALREADY DEAD!!!"*
Thanks, just finished setting up DKIM, Spf and DMARK for my email domain.
I got a sponsorship email from Nike a couple days ago so this is super useful!
Thx yo.
@vampirethespiderbatgod9740
3 жыл бұрын
YO YO YO YO MR WHITE YO
Hello Thio Joe! What do you prefer: Cats or dogs iPhone or Android Spotify or Apple Music.
@ThioJoe
3 жыл бұрын
Too many questions
@that_swiftie13
3 жыл бұрын
@@ThioJoe 😅
Shared it with our user base - good info.
I personally think this is your best video that was serious.
"yes this is a 20+ minute video" the video: *30:32*
@DestopLine
3 жыл бұрын
r/technicallythetruth
@norb3695
3 жыл бұрын
This is the first time I seen a time stamp in the Bold font
@cycrothelargeplanet
3 жыл бұрын
@@norb3695 _99:59:59_
Thio: this video is 20+ minutes Video: 30 minutes
@ballsofplastic
3 жыл бұрын
He said 20+...
@ballsofplastic
3 жыл бұрын
20 and above
@markusTegelane
3 жыл бұрын
@@ballsofplastic but then why not say 30+? While 20+ is technically correct, generally, when people say 20+, they mean 20-29 minutes
@ballsofplastic
3 жыл бұрын
@@markusTegelane That doesn't change that 20+ is correct, It's basically like ≤20 in math.
@markusTegelane
3 жыл бұрын
@@ballsofplastic Yes, but that is math and not spoken language. If I say that I'll arrive in 10+ minutes and actually arrive in 8 hours, I'm obviously too late to whatever meeting I was attending.
Excellent video! Bravo for educating internet users how to do these checks. On Apple Mac Mail there is a little drop down arrow right of the sender Name, clicking on it reveals the original address, so this is easy to do without hitting reply as suggested in the video.
This explanation saved me from being hacked. Thanks so much!
Fun fact: this "g" is not a g.
@parkpakh7775
3 жыл бұрын
Fun fact this ”Α” is not an A
@Nova_2022
3 жыл бұрын
fun fact: this "Y" is not a y
@earthandstar3392
3 жыл бұрын
Fun fact: This “М” is not an M
@GNick06
3 жыл бұрын
Fun fact, many Greek letters look really alike with Latin ones. The Greek i (ι) when capital is the same with capital i and almost the same with lowercase L. The lowercase v looks like the Greek lowercase N (ν). Uppercase K, Z, P (in Greek that character is used for R), B, A, E, T, Y, H and X. So if someone wants to scam you in Greek, they can but only in a handful of letters and mostly capital.
@Mecal21
3 жыл бұрын
This Α is not an A
Why would they allowed to use non-ASCII characters in email address?
@AijeAstralos
2 жыл бұрын
Because email addresses aren't country-locked, so if they want to support emails from, say, Russia, they need to support the Cyrillic alphabet.
@gorilladisco9108
2 жыл бұрын
@@AijeAstralos The US could force airplanes use English for communication all around the world because the US was the one that come up with it. The same story with the internet. Why don't e-mail use ASCII characters for its addresses?
This was very in-depth. Thank you. My father, who is 72 years old, fell for a phishing email. Fortunately I noticed it just a few minutes later, and had him cancel his card, and change is email password. That could have been bad.
Been waiting for this video for so long , going to pass it to my 5 old niece , Thanks Joe