Outlook’s new phishing filters

I installed Office 2003 Service Pack 2 and the latest junk e-mail filters for Outlook. The process was painless. And the anti-phishing features are interesting.

Details about bug fixes are in this KB article. After a five-minute search I can’t find any documentation of how the new anti-phishing features work. But these are my observations:

All messages that appear to be phishing attempts are moved to the Junk E-mail folder.
All HTML-formatted messages in the Junk E-mail folder are displayed in plain text. This is a crucial change, because it denies the scammer the opportunity to steal the look and feel of a legitimate site. Even if the scammer tries to steal a site’s graphic, the effort is in vain, because all you see is a link to the graphic.
Links are broken up into the link text and the link target, which appears in brackets. As this screen snippet shows, it’s pretty easy to spot the phony links. As a bonus, the link text is not clickable. You have to copy the URL and paste it into a browser’s Address bar to actually visit the site.

Phishing attempt in Outlook 2003

The forced conversion to plain text also renders a lot of spam unreadable, which is good. So-called online drugstores that try to disguise their content by burying the message text in a bunch of pseudo HTML just turn into so much gibberish.

What if the junk/phishing filters catch a legitimate message by mistake? No problem. Drag it back into the Inbox or any other folder and it’s displayed in its original format, complete with clickable links.

This is a simple but very effective fix. If you use Outlook 2003, go get it!

Update: Thanks to Rick in the comments for finding this link to Microsoft’s brand-new Help topic: Block or unblock links in suspicious phishing messages. In addition to the features I noted above, there’s a new link-blocking behavior that applies to messages that contain suspicious links but aren’t moved to the Junk E-mail folder. Here’s a screen from the Help topic:

Unlike the spam filtering, this classification isn’t retroactive; it applies only to new messages as they’re received. So I won’t be able to see it in action (and show it to you) until I receive a new, suspicious phishing attempt that doesn’t get classified as spam. We’ll see how long that takes.

Google stops counting

John Battelle says Google has stopped bragging over the size of its index.

Good. Now why not go one step further and stop telling us how many results we got for a given search term, which leads to the silly misuse of raw results to “prove” dubious assertions. Especially in courts of law, as in this Ohio case:

[The] judge who ordered a mother not to smoke near her 8-year-old daughter cited medical journals and a Google search that lists 60,000-plus links for “secondhand smoke” and 30,000-plus links for “secondhand smoke children.”

There should have been plenty of expert testimony to make that judgment. Throwing about Google numbers was unnecessary.

Bonus tip of the day: Manage Firefox downloads better

In yesterday’s Tip of the day: Find a file, jump to its folder, I forgot to mention Firefox, which also has a hidden Open Containing Folder menu.

After you download a file in Firefox, you see the Downloads dialog box.

The two visible commands give you a chance to open the file immediately (handy if you want to install a download right away) or remove it from the list of downloads. But right-click and you get two extra choices.

Firefox Downloads dialog box

The Open Containing Folder option opens Windows Explorer in the folder where you saved the file. The Properties dialog box tells you where the file came from and where you saved it.

Good stuff to know!

Office 2003 Service Pack 2 is out

If you subscribe to Microsoft Update, this should show up automatically in the next few days, but you can download it here:

Office 2003 Service Pack 2

The most interesting change is the addition of a new Phishing Protection feature to the Outlook 2003 Junk E-mail Filter. If you have Office 2003 SP2 and the latest Outlook 2003 Junk E-mail Filter Update, this feature will be turned on by default. I’ll get a screen shot and more details after I’ve had a chance to look at it.

Toolkit for a shared computer

Microsoft’s Microsoft Shared Computer Toolkit for Windows XP is now available. It looks like a nice collection of tools that a parent can use to keep kids (and other “untrusted users”) from monkeying with disks and system settings.

I haven’t tried it yet, and I wish we had known about this when we were putting the finishing touches on Windows XP Networking and Security Inside Out!

If anyone wants to post a review here, feel free to use the comments section.

Welcome back, Dwight!

Dwight Silverman and his cohorts have done an exceptional job with the Houston Chron’s Hurricane Rita Special Coverage. But I’m delighted to hear he’s fine, the Rita coverage is winding down, and he can get back to geekier stuff.

Tip of the day: Repair a hung network connection

What do you do when your broadband connection stops working? Your first troubleshooting step should be the automatic Repair option available with all network connections.

Open the Network Connections folder from Control Panel, right-click the connection icon, and choose Repair from the shortcut menu. (Alternatively, you can double-click the connection icon, click the Support tab, and click the Repair button.)

Repair net connection

Selecting this option has the same effect as typing the following commands from a command prompt:

ipconfig /renew Automatically renews your IP address from a DHCP server
arp -d Flushes the Address Resolution Protocol cache
nbtstat –R Reloads the NetBIOS name cache
ipconfig /flushdns Clears the DNS cache
ipconfig /registerdns Registers the computer’s name on the appropriate DNS server

Collectively, this set of repairs takes care of most common network problems. If it doesn’t work, move on to more elaborate troubleshooting steps. A word of caution: The Repair button disables the current network connection first and then reenables and resets it. If you’re in the middle of a download or other important network activity, don’t try this!

When should you opt out?

Prof. Froomkin tells the story today of a publicist who sent unsolicited e-mail messages on behalf of a professional organization to a large group of law professors. He’s right that the act of blasting out promotional e-mail to a group of people who haven’t already established a business relationship with you takes you perilously close to being legitimately called a spammer. If you’re going to promote your organization via e-mail, there are better ways to do it.

But I did want to call attention to a statement that appeared in the post:

Trouble is, smart users know you should never click on the opt-out info, it just encourages the spammers.

As a blanket statement, I don’t agree. (And I think that Prof. Froomkin may have been exaggerating to make a point.) But opting out of some e-mail lists is not only safe, it’s also smart.

In this case in particular, everything lined up in favor of using the opt-out link. The message came from a known organization. The sender made no attempt to hide his true identity. The product was legitimate. The mailing was sent using list-server software that accepts automated unsubscribe requests. So why not unsubscribe?

In my experience, there are at least three categories of spammers:

Out-and-out crooks selling snake oil using hijacked computers as servers, using a forged sender’s address. Clicking the opt-out link on one of these messages, if it exists, won’t do anything good or bad. It usually goes to a phony address.
Legitimate (and occasionally overzealous) merchants with whom you already have a business relationship. When you make a purchase, many companies ask whether you want to receive promotional mailings in the future. Some leave this option on by default. If you change your mind later, why not use the company’s unsubscribe link to get off their list? In most cases, this works. In the rare cases where it doesn’t, it’s usually incompetence on the part of the list manager, and you’re not going to get more junk e-mail because you try to unsubscribe.
And then there are the quasi-legitimate “marketing” companies that blast out spam by the millions on behalf of legitimate companies, often using flawed affiliate agreements. These are the companies that actively build lists and offer the illusion of opting out. In fact, clicking the opt-out link may get you off this week’s batch of mailings, but the company will change its domain name and use a different mail drop next week, and your name will appear on that list once again, regardless of whether you opt out.

If I recognize the company that’s sending e-mail to me, I have no problem clicking the opt-out link. For those that I don’t recognize, or who I suspect are scam artists, I don’t bother because it usually does no good. That’s when I try to filter the junk at the server if possible.

The “never respond to a spammer” advice may have been valid at one time, but not anymore. If you’re getting spam, your e-mail address is already out there on the Internets and there’s not much you can do to protect yourself. With one noteworthy exception: If you’re foolish enough to actually buy something from a spammer, or to click a personalized link that take you to a Web site for more information about something advertised via spam, you may indeed graduate from the ordinary junk-mail list to a more exclusive “sucker list.”

My advice? Don’t be a sucker. Don’t buy stuff from spammers.

Tip of the day: Find a file, jump to its folder

These days, Windows is littered with search utilities. You can use the ~~Find~~ Search tool in Windows Explorer to hunt for individual files. You can do the same in Outlook and Outlook Express. If you really want top-notch search capabilities, you can add a third-party utility like those from Copernic, MSN, Google, and X1.

Every single one of these tools produces a list of individual items. And every single one has an incredibly useful command hidden away. Right-click any file name in your list of search results and choose Open Containing Folder from the shortcut menu. That option opens Windows Explorer and displays the contents of the folder that contains the item you selected.

This option comes in very handy when you’re searching for all the files associated with a project, or when your search turns up a file that’s related to the one you’re looking for but isn’t quite right. If you’ve organized your files by folder, you’ll have better results by switching to Windows Explorer than by trying to refine your search.

If you’re searching using the built-in Find tools in Outlook Express, you’ll have to dig a little deeper. In Outlook Express, the Open Containing Folder option is buried on the File menu and not available via right-click shortcut menus. The Open Containing Folder option isn’t available at all in Microsoft Outlook’s Advanced Find window, but this feature shows up on right-click menus if you use X1 or Copernic Desktop Search.

It’s another example of the axiom every Windows user knows: When in doubt, right-click.

Update: It works with Firefox downloads, too.

The two lamest words in the English language

“After rebate.”

I’ve written about this before, but over the past week I was reviewing some receipts for technology purchases over the past year and realized that I no longer make any purchase decisions based on “after rebate” prices. Even if you follow all the rules, you could still wind up getting screwed out of a rebate you deserve. It’s happened to me more than once, and I’ve read countless horror stories about other people who were denied a promised rebate or whose check simply never arrived.

The hassle of filling in rebate forms and then tracking their progress isn’t worth it to me, so I don’t bother anymore.

So these days, when I’m in the market for just about anything, I ignore any deal that contains the words “after rebate.” Life’s too short.