Q: Is anyone else receiving LinkedIn spam messages?

Anic264b wrote:

 

Alley_Cat wrote:

 

 

Safari has a Preference to Open "safe" files after downloading - I'd advise you to disable that in the General pane of Safari whether you use it or not, as last year malware tried to run an installer via this mechanism BUT required user intervention to install it.

 

Does Safari really considers an application a "safe file"? If yes, that's a mistake!

If no, then I really prefer these safe files to open automatically, as I dislike to go to the Finder to search the file in my "huge" download folder just to open it myself. Now, of course, if Safari considers an application a "safe file", it matters to think more…

 

I can't remember the exact mechanism but going to some websites resulted in automatic downloading of a zipped application - the archive was regarded as safe and hence unzipped  the 'legitimate sounding'  application then ran automatically and bombarded the user with unsavoury sites/popups - the application would then 'detect' malware and direct the user to a scam site to pay to get rid of all this rubbish.

http://support.apple.com/kb/HT4650

(refresh page if it doesn't work first time).

AC

Anic264b wrote:

Alley_Cat wrote:

 

In general if you get odd/unexpected e-mails that look official then never click on the links - hovering over them may show odd addresses. Aleways be wary/cynical and if an e-mail looks official go instead to that company's website and seek advice rather than clicking any unsubscribe buttons or links in the e-mail that will simply serve to confirm your e-mail address is real to the spammers or send you to a spoofed/unsavoury link.

Assuming you know the website from where the mail is "supposed" to come from, of course.

You gave me a good advice. I had often unsubscribed from advertising mails, because these were companies I really had visited before (I couldn't remember I had subscribed to anything, however). Thanks for your advice.

However, there are times where unsubscribing is really necessary. How else than clicking the link can one unsubscribe?

Sorry - I should have been clearer - I was really referring to e-mails from 'legitimate sounding/looking companies' (even famous names) that I'd never directly contacted or dealt with in case some scammer had copied a legitimate e-mail but altered links.

If it was from a company I regularly dealt with then I'd probably use the unsubscribe but you can never know for certain.

AC

Thanks for the reply. Fortunately, I don't know how to "open the message for reading and have elected to Display remote images in HTML messages" so I think I'm safe.

I will do as you suggested and click on the e-mail, highlight it, delete it, and then erase the message if it's in the trash. I really appreciate the help.

csfromma wrote:

 

Fortunately, I don't know how to "open the message for reading and have elected to Display remote images in HTML messages" so I think I'm safe.

Those are two different things. You open a message for reading by either having the preview panel open when you single-click on it or double-clicking the message. "Display remote images in HtML messages" is "Viewing" preference.

Just a tip in case anyone wants to read suspected spam before deleting.

Double click the dot at the bottom of the Mail window to expand it. When you put the cursor there, a yellow tool tip will say something about increasing the size of the message area. The cursor will turn into a cross with up down arrows.

Now, highlight the message in question and hit CMD-Shift-S. This will allow you to save the message harmlessly to the Desktop without ever opening it.

For those of you wishing to inspect the links before opening them in a browser, the new mail in lion lets you preview them. If you are using the new mail, hover over the URL and click on the little grey box that pops up to the right of the URL. It will display a preview of the page without it actually opening a browser window...

applefandan wrote:

 

For those of you wishing to inspect the links before opening them in a browser, the new mail in lion lets you preview them. If you are using the new mail, hover over the URL and click on the little grey box that pops up to the right of the URL. It will display a preview of the page without it actually opening a browser window...

If JavaScript is also rendered in the preview, this hint does not better than viewing the page normally.

Not sure if it renders javascript... although I don't believe it will download anything if you attempt to do so within the window...

applefandan wrote:

 

Not sure if it renders javascript... although I don't believe it will download anything if you attempt to do so within the window...

It does render javascript if you click a JS hyperlink and you can't disable that in the preferences. There may be a way of turning it off with a terminal command, but I haven't had time to research that. There is conjecture that an maliciously crafted email message could be executed simply by viewing it, without clicking a link, but I've not heard of that actually happening to anyone. Somebody with JS skills and some spare time could probably help us out here.

well, now they are in the same format, but coming from "youtube" and only on mac.com not me.com addresses.

I'm getting the same thing! One yesterday, and 2 more today!

miloks wrote:

 

I'm getting the same thing! One yesterday, and 2 more today!

No offense intended, but is it actually meant to help in any way?

I got a message the other day from Lidekin. It said to quite spamming me with my business mail. I did put the message into the trash.

Anic264b wrote:

 

miloks wrote:

 

I'm getting the same thing! One yesterday, and 2 more today!

No offense intended, but is it actually meant to help in any way?

"No offence", but was your comment meant to help?

And yes, it does help. It lets powerbook1701 know that other people are also receiving the same messages and that he/she is not the only one. It also indicates that this issue is more widespread. Jeeez.

miloks wrote:

"No offence", but was your comment meant to help?

If you consider how many people fills various forums with "me too" messages, then perhaps.

miloks wrote:

And yes, it does help. It lets powerbook1701 know that other people are also receiving the same messages and that he/she is not the only one. It also indicates that this issue is more widespread. Jeeez.

Actually, I could have said it to someone else, that's not against you. But it's already known many people receive these messages.