Tech Sense: Email Security 2025

Email Security 2025

Security on personal computers has gotten worse over the years. Between email, text messages, various social media, AI and mega-companies with sloppy software developers and bad practices the world is becoming less safe. 

Email and Spam

It is important to be able to recognize email spam when it arrives.  Most email providers have tools that can eliminate many spam emails, but emails still sneak through.  Spam email can be annoying and dangerous.  The following email is portion of a real, typical, and dangerous email spam.  The line numbers are references for discussion.

At a first glance, this may look innocent.

=== Example of Email Spam ===

1.  Norton Service Update <dataqy59@gmail.com> 8/11/2025 1:38 PM

2.  Done and Dusted – Norton Payment Complete

3.  To nortonbillinginfo@no-reply.com,   jaxxen999@comcast.net   and 451 others

4.  NortonLifeLock

5.  INVOICE NO:#JC9361728405

6.  Date: August 11, 2025

7.  Dear Norton User,

8.  You have received an order on NortonLifeLock

9.  Please Note: The charge will appear on your account statement as ‘NortonLifeLock  Inc.  If you have a question about your order status, please call us at +1 (###) ###-####

10.       For your convenience, we have included a copy of your order below.

=== End of Example of Email Spam ===

First note the email says it comes from “Norton Service Update”, but when I reveal the source address, it shows dataqy59@gmail.com.  It is very unlikely that Norton would use gmail.com to send its business correspondence.  Another note is that this same message went to 451 others.  Apparently with the same invoice number and other details not shown in the snippet above.  It appears that the real purpose of this is to get you to call the number (hidden) to cancel the $250 charge (not shown).  The person on the other end will likely try to collect personal information like name, address, phone and credit card numbers.  Other clues are that I do not have a Norton Account, “Done and Dusted”, is not a typical phrase for this type of business letter. 

I can also look at the mail source (an option on most email clients) and see a list of the 451 other recipients.  Any professional email service would have used BCC (Blind Carbon Copy) to hide the other recipients, making them invisible to the others.  Looking at these addresses it also reveals that the targeted users are all Comcast users.  I believe Comcast use to be better than this, detecting the email was targeted to their customers, and then blocking them.

Attachments

If you do not have a reason to trust and email please never open any attachments.  These are files, attached to an email, with the ability to carry all kinds of bad things.  If you need to inspect it, download it and do not open it.  Scan the downloaded file with a good virus-scanner and then decide if you still want to open it.  Since I need to do this sometimes, I download it to a special and isolated machine, where I can use anti-virus software and other tools to examine the files first. 

Do not trust photos, documents, or PDF attachments, again only if you know and trust the actual sender.  Recently a file compression utility was distributed, that caused compressed files to include malware. Unsuspecting users then sent these files as email attachments without the sender even knowing about the malware.  The recipients received the malware-tainted files.  So scan before you UnRar or Unzip and so on.

What Should You Do?

I have been dealing with these types of messages for years. I can recognize these types of messages quickly and only need deep examination of a few each week (remember that I also have a large number of active email accounts). 

I send these emails directly to my spam or junk folder.  I might have to process hundreds of spam mails a week.  If the email is clearly spam, then I immediately mark it as spam.  This will flag it and prevent message from repeated receipt by you and others. 

If you are not sure, delete it.  If you need to examine it delete it first and then examine it from within the deleted or trash folder.  Files in these folders normally reduce the harm that the message can do, so you can inspect it if needed. 

Domain Blocking

Domain blocking is a practice that prevents access to domains if they are blocked.  Many tools can do this.  I typically use OpenDNS.  You can also use firewall settings and tools like Pi-Hole. 

Domain blocking can also reduce the receipt of unsafe emails.  My email setups typically block all .ru (Russia), .cn China, .in (India), and .jp Japan emails.  I do not expect any legitimate emails from any of these countries.  I do not block the US domain or other domains that might send me legitimate messages. Your list may of course be different. 

Unsubscribe

Another easy way to stop email, especially ads is to unsubscribe.  Do you really need three or four emails a day; from your travel loyalty club, used car sales, or companies wanting to clean your ducts?  These legitimate businesses should provide a link to disconnect you from future emails from that company.  Goodbye Disney emails.  If they do not provide the unsubscribe link then it is spam so mark it as so and then your email system should block it from then on. 

Ending Bad Email

As far as email goes, it is broken.  There have been changes over the years but the basic tools are still broken.  They have remained broken for decades. Large companies including: Microsoft, Google, and other large IT companies are responsible.  Alas, the phone system has been broken even longer and I don’t expect to see it fixed either.