[Cryptography] Well Known Bad Idea: ask users to make security decisions, or If you *work* for Apple, please update your email software

[Jerry Leichter]

Just now I received (with horrible Apple Mail.app) a spam message with headers

From: "Nationwide Appraisal" <accounting at noreply.com>
Subject: Bill Payment

If only the full email address - rather than just the name - had appeared!  I wouldn't have clicked on a link in the message and sold my soul to the devil, and for so little!

(Seriously, spam messages continue to be puzzling after all these years.  The same message also included:

Reply-To: andrewfleech at lycos.com

The "Received" lines show the message started at mail.agrico.org <http://mail.agrico.org/> and was originally from sv72.asakaway.net <http://sv72.asakaway.net/>.  Why did I have to go through the trouble of pulling down the View menu bar, select Message, then selecting Raw Source, just to see that.

The entire body of the message was a block of HTML so dense I didn't try to decipher it - though it included no instance of "http" and some kind of hidden box that may or may not be a link to a fake pdf of a fake fax message.

Oh, and of course I have no dealings with Nationwide Appraisal anyway.

Challenge should you decide to accept it:  Use an LLM to actually do something useful and translate header lines into a format that people without years of experience in decrypting this stuff can use to actually get some reasonable indication of message bona fides.
                                                        -- Jerry

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20251009/507f127f/attachment.htm>