| General > General Technical Chat |
| EEVblog Impersonation SCAM! |
| << < (5/18) > >> |
| ebastler:
--- Quote from: EEVblog on February 06, 2020, 05:10:21 am ---The way I figure something like this would work is that in the footer of my email there is a unique key generated with each email that is tied to my private key. The recipient then has the option to check that code against my private key held on some secure website somewhere. Does such a thing exist? Doesn't of course stop someone from ding exactly what they do in this case, as every recipient would have to know that I always include a verification key in the email footer for example. --- End quote --- I quite like the idea. You wouldn't actually need any private/public key; it would be more like a one-time pad: Generate a unique ID for each message and embed it in a link which you include in the message, in plain text. When the user clicks that link, the get directed to a web page (which would, of course, need to be on your domain, as a proof of authenticity), which displays some confirming bits of information to the recipient. Like "Yes, this is a genuine message from Dave, sent on ... at ... time to ... recipient". The real authentication and security lies in the fact that your server is protected from 3rd party access, and that information coming from your server/domain can be clearly linked to you. But as you say -- the weak spot is that recipients who don't even know of the existence of this scheme would still fall for phishing emails which don't include it. |
| EEVblog:
--- Quote from: AndyC_772 on February 06, 2020, 11:04:44 am ---I'm curious. What kind of information constitutes being tagged and treated as "confidential", but is nevertheless OK to send by email to a guy with a Youtube channel just because "he" asks for it out of the blue? --- End quote --- Basically it comes down to personal and business trust. Trust without a contract/NDA etc like this is done all the time in the industry. Legally it's called Commercial-in-Confidence, and is commonly marked on company documents, even resume's etc. Although whether or not the actual material is marked as such and how that stands legally is up to a judge to decide. |
| EEVblog:
UPDATE! Because people are inherently stupid (and my middle name is Sherlock Ohms), it didn't take me long to discover who impersonated me! I have their real gmail address, now what ever shall I do... I'm willing to bet it's a crime in the state of Illinois. |
| RoGeorge:
Send them a glitter/stink bomb! :-DD |
| mariush:
IS your email @ eevblog.com or @ gmail.com ? You should be able to use gmail with your own domain. Personally, I use fastmail.com with the 5$ a month subscription and tied that to a domain I bought, so I have several aliases ex marius@ my domain .com going to a single account. fastmail as far as i know was launched by the people that made Opera, and works fine for me. |
| Navigation |
| Message Index |
| Next page |
| Previous page |