photo RSMAtnWebAdRed13.jpg

The Computer Corner

COMPUTERS

By Charles Miller

There is a feature of the popular free email service Gmail that allows users to customize their name so that its appearance is more appealing or perhaps easier to read. Every user of Gmail needs to be aware of this feature and constantly vigilant of how this feature is being used to rip off unsuspecting account holders.

First, a little background information:

A typical email address like janedoe@gmail.com is made up of three parts. Everything in front of the @ sign is the name, so in this example, “janedoe” is the name. Immediately after the @ sign is the domain name, “gmail.com,” which is composed of the name “gmail” and the top level domain “.com”.

Email addresses are not necessarily case-sensitive. This means if your email address is janedoe@gmail.com it is okay to write that address as JaneDoe@gmail.com or JANEdoe@gmail.com or janeDOE@gMAIL.com if you care to do so. It will not matter to Gmail. They will send mail to all these versions of your address to the janedoe@gmail.com account.

An additional Gmail feature is that any periods in the name portion of the email address (before the @ sign) are completely ignored. This means that mail sent to janedoe@gmail.com and jane.doe@gmail.com both go to the same address.

This business of allowing users to add extra periods to Gmail addresses is a feature (some say “quirk”) not part of standard email addressing protocols. Google’s decision to allow this was made as Google is wont to do—unilaterally and contrary to established Internet procedures and rules. This has created a small problem, one of which every Gmail user needs to be aware.

Many companies, some of the biggest in fact, use your email address as your username on their web site. Apple, Amazon, eBay, Microsoft, Netflix, and others use your email address for your login name. The problem Google created is this: to Gmail, the addresses jane.doe@gmail.com and Ja.ne.d.oe@gmail.com and J.a.n.e.D.o.e@gmail.com are all the same address. To all the rest of the world, the addresses jane.doe@gmail.com and Ja.ne.d.oe@gmail.com and J.a.n.e.D.o.e@gmail.com are three entirely separate and unassociated addresses.

Some petty crooks have figured out that, with a little luck, they are sometimes able to set up, say,  an Apple or Netflix account using your Gmail address but with an extra period in the ID. They use a prepaid credit card to open the account for j.a.ne.doe@gmail.com; when the prepaid credit card expires, the company sends a request to update the account to the real Jane Doe, because an email notice to j.a.ne.doe@gmail.com will go to the real Jane Doe at janedoe@gmail.com. If the real Jane Doe is not paying close attention, she might update the fake account with her real credit card number, thus enabling the crooks to make charges that the real Jane Doe then pays for.

This scam does not represent a huge threat, because it does not work for banks or any websites with better security. The scam depends on the real Jane Doe not noticing when an extra $20 dollars or so appears on her credit card bill. Such petty theft often does go unnoticed or unreported. But it pays for users to be vigilant.

Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981, and now practically a full-time resident. He may be contacted at 044 415 101 8528 or email FAQ8 (at) SMAguru.com

 

Comments are closed

 photo RSMAtnWebAdRed13.jpg
 photo RSMAtnWebAdRed13.jpg

Photo Gallery

 photo RSMAtnWebAdRed13.jpg
Log in | Designed by Gabfire themes All original content on these pages is fingerprinted and certified by Digiprove