How to Send an Email with a Different “From” Address in Outlook by ROB WOODGATE

If you have multiple email accounts in Microsoft Outlook, you can change the “From” address in a new email. This is quicker than swapping to a different inbox, and lets you send emails from different addresses, even if they aren’t your own. Here’s how—with some caveats.

Outlook lets you send emails from any account you’ve set up in the email client, but also from any other email address, even if you haven’t set it up. That sounds worrying—and in some circumstances it is—but there are legitimate reasons to use this functionality as well as nefarious ones.

We’ll go through how this works, and how email providers prevent people from using it for harmful purposes.

RELATED: How to Set Up a POP3 or IMAP Account in Microsoft Outlook

Quickly Switch between Email Addresses

First, let’s go through the entirely legitimate process. To change the “From” address, you need to make the “From” field visible. Open a new email in Microsoft Outlook and then click Options > From. This will make the “From” field visible.

To change the “From” address, click the “From” button and select one of the email addresses you’ve added to Outlook.

The email address in the “From” field will change, and when you send an email, it will be sent from that address.

If all you want to do is quickly switch between your email accounts when you’re sending emails, that’s all there is to it.

But, what if you want to send an email from an account that you haven’t added to Outlook? Well, Outlook will let you do that, too, under certain circumstances.

Compose a new email and then click on the “From” button again. From there, select the “Other Email Address” option.

In the panel that opens, type in the address you want to send an email from and click “OK.”

Now send the message as normal. Will the email send, or will you get a delivery failure notification? And if it does send, will the recipient see it as coming from the email address you used, even if it’s not yours?

Both of those answers are dependent on who your email provider is.

How Email Providers Handle Messages Sent From a Different “From” Address

Microsoft Outlook itself, and other email clients like Thunderbird or Apple Mail, don’t do any checking on the email address from which you send. The client simply sends the email to your provider’s SMTP server (Simple Mail Transfer Protocol server, often called a mail server), and lets the SMTP server decide what to do with your email.

What will happen with your email is entirely dependent on how your email provider’s SMTP server is configured.

The big email providers, such as Google, Microsoft, Apple, and Yahoo, use something called SPF (Sender Policy Framework), DMARC (Domain-based Message Authentication, Reporting, and Conformance), and DKIM (Domain Keys Identified Mail) to prevent (among other things) people from sending emails from addresses (spoofing) that aren’t theirs. How each provider handles this situation is a bit different.

RELATED: Why Am I Getting Spam From My Own Email Address?

Google simply ignores the new email address you’ve used, and the recipient will see your Gmail address. In our example in the screenshots, Outlook sent the email to Gmail’s SMTP server, which worked out that the email address we were sending from—SomeoneElse@gmail.com—doesn’t belong to us, and so instead the recipient received an email from our original Gmail address.

Microsoft-hosted email accounts do things a bit differently. If you try to send an email from an address that you don’t have permission to access, a Microsoft email server (commonly referred to as an Exchange server) will not send the email. You’ll receive a Delivery Failure Notification instead.

However, if your company uses a Microsoft Exchange server to handle its email, it’s normally configured to allow you to send an email from any account you have access to, even if that account has not been added to your Outlook.

For example, if you have permission to send emails from “no-reply@mycompany.com,” Outlook will send the email to the Exchange server and check that you have permission to send emails from the address. The server will then send the email to the recipient, regardless of whether you’ve added the “no-reply@mycompany.com” account to Outlook.

Other email providers will usually handle emails with the “wrong” address in a similar way to either Google or Microsoft. The easiest way to find out is to try it in Outlook and see what happens. Check your provider’s terms first though, as some might have a provision against doing this.

How Do Scammers Use Fake “From” Addresses?

Large email providers have all kinds of checks and protocols to try to find spam and phishing emails, including emails sent from a fake address. Scammers and phishers don’t use the big providers—they set up their own SMTP servers and send emails through those instead.

Scammers set up their SMTP servers to allow all of their emails though, forcing large providers like Google and Microsoft into a constant arms race to detect and stop scam and phishing emails from getting into your inbox.

RELATED: How Scammers Forge Email Addresses, and How You Can Tell

Your email provider, be that Microsoft, Google, Apple, Yahoo, or any other provider, scans the email headers of every email you receive. One of the things these companies look for is that the “From” address matches the “Sender” address. If they don’t match, especially if they’re from completely different domains, that’s a red flag. It’s not the only thing that email providers use to determine if an email is suspicious, but it’s one of the more important checks they do.

Read More

eNewsletter

 High Tech House Calls eNewsletter

Click this link to display newsletter: https://www.scribd.com/document/474299522/High-Tech-House-Calls-ENewsletter

Read More

Remote Support Primer by Carl Thorne

High Tech House Calls uses two different methods to connect to client computers remotely:

1. Team Viewer
2. Chrome Remote Desktop

I prefer the Chrome Remote Desktop application. The connection must be allowed by the client I am connecting to. There is a way that Team Viewer can be configured so that the Team View connection program is running all at times and the connecting remotely can be accomplished without the knowledge of the client. I consider this a huge security issues.

Team Viewer is used as a backup to Chrome Remote Desktop. To use Chrome Remote Desktop, you must have a Gmail account and the Chrome browser must be installed. Some clients may have privacy concerns with having a Gmail account.

Read More

Tech how-to: Send money to friends and family using your phone BY JAMES GELINAS

Which Peer-To-peer Payment ... by James Gelinas on Scribd

Read More

Zoom security: Your meetings will be safe and secure if you do these 10 things By Charlie Osborne for Zero Day

As the novel coronavirus spread across the globe, the business landscape was forced to make a number of swift changes.

Lockdowns and social isolation measures, restricted travel, and the closure of firms not considered to be "essential" services proved to be a catalyst for home working, of which many of us were woefully unprepared to accommodate. 

At the time of writing, there are 1.9 million coronavirus cases worldwide. The United States, Spain, Italy, and France are the hardest hit. 

Stringent measures that prevent employees from going into offices have required many companies, large and small, to adopt remote and virtual alternatives to stop operations from grinding to a complete halt. 

Email and the use of Virtual Private Networks (VPNs) aren't enough; workers and management need to be able to hold meetings, too. 

There is a range of virtual conference solutions out there, including Skype, Microsoft Teams, BlueJeans, and GoToMeeting. (ZDNet's top enterprise picks can be accessed here).

Enter Zoom. 

A few weeks ago -- although it may seem like a lifetime -- Zoom was not a well-known virtual conference option in the enterprise space. Almost overnight, however, it seemed everyone had adopted the platform as the go-to option to hold lessons, business meetings, and sensitive discussions.

Over 2020, the company has added 2.2 million new monthly users, outstripping the entire 2019 new user base of 1.19 million.

Zoom's explosive surge in popularity, however, has created security ramifications. You could almost feel sorry for the company -- with its unexpected growth, the spotlight has also been shone on Zoom's security practices, some of which have fallen short of modern expectations.  

CNET: Jobless after coronavirus layoffs, then struck by identity theft 

In July 2019, a researcher disclosed a severe security issue in which Zoom opened up webcams to persistent spying and compromise; a bug that stayed in place even if the software was uninstalled due to a leftover local web server.

Now, more issues have been uncovered, including security flaws in the Windows 10 build of the platform's software, iPhone user data being sent to Facebook whether or not they had an account with the social media network, and a bug in URL generation that permitted attackers to eavesdrop on private conferences. 

Zoom has also acknowledged that the company's "end to end encryption" marketing practices masked the truth. AES-256 encryption was meant to be implemented to keep video calls secure, but instead, a substandard AES-128 key in ECB mode was actually in use. Encryption remains a sticking point that the company insists it is working on. 

Google, SpaceX, the New York City Department of Education, the Taiwanese, Australian, and German governments, to name but a few agencies, have banned employees from using the software until Zoom's security posture improves. 

TechRepublic: The end of passwords: Industry experts explore the possibilities and challenges

Zoom has tried to clean up its act, and quickly. To try and prevent Zoom-bombing -- the hijack of meetings and a practice the US Department of Justice recently deemed a crime -- meeting ID numbers will no longer be shown in address bars. 

A dedicated security tab has also been introduced to streamline the process of changing security settings for hosts and meeting attendees. 

Zoom has also promised an upcoming change to where data is stored. Starting April 18, paid subscribers can opt-in or out of specific data center regions. China, too, has been geofenced to stop information outside of the country from being transferred to the area. 

We've covered the basics and some useful tips for experienced users in a guide here. To maintain the security of your next meeting, our recommendations are below:

1. PASSWORD PROTECT YOUR MEETINGS

The simplest way to prevent unwanted attendees and hijacking is to set a password for your meeting. Passwords can be set at the individual meeting, user, group, or account level for all sessions. In order to do so, first sign in with your account at the Zoom web portal. If you want to set up a password at the individual meeting level, head straight over to the "Settings" tab and enable "Require a password when scheduling new meetings", which will ensure a password will be generated when a meeting is scheduled. All participants require the password to join the meeting. Subscription holders can also choose to go into "Group Management" to require that everyone follows the same password practices. 

2. AUTHENTICATE USERS

When creating a new event, you should choose to only allow signed-in users to participate. 

3. JOIN BEFORE HOST

Do not allow others to join a meeting before you, as the host, have arrived. You can enforce this setting for a group under "Account Settings." 

4. LOCK DOWN YOUR MEETING

Once a session has begun, head over to the "Manage Participants" tab, click "More," and choose to "lock" your meeting as soon as every expected participant has arrived. This will prevent others from joining even if meeting IDs or access details have been leaked. 

5. TURN OFF PARTICIPANT SCREEN SHARING

No-one wants to see pornographic material shared by a Zoom bomber, and so disabling the ability for meeting attendees to share their screens is worthwhile. This option can be accessed from the new "Security" tab in active sessions. 

6. USE A RANDOMLY-GENERATED ID

You should not use your personal meeting ID if possible, as this could pave the way for pranksters or attackers that know it to disrupt online sessions. Instead, choose a randomly generated ID for meetings when creating a new event. In addition, you should not share your personal ID publicly. 

7. USE WAITING ROOMS

The Waiting Room feature is a way to screen participants before they are allowed to enter a meeting. While legitimately useful for purposes including interviews or virtual office hours, this also gives hosts greater control over session security.

8. AVOID FILE SHARING

Be careful with the file-sharing feature of meetings, especially if users that you don't recognize are sending content across, as it may be malicious. Instead, share material using a trusted service such as Box or Google Drive. At the time of writing, Zoom has disabled this feature anyway due to a "potential security vulnerability."

9. REMOVE NUISANCE ATTENDEES

If you find that someone is disrupting a meeting, you can kick them out under the "Participants" tab. Hover over the name, click "More," and remove them. You can also make sure they cannot rejoin by disabling "Allow Removed Participants to Rejoin" under the "Settings: Meetings - Basic" tab.

10. CHECK FOR UPDATES

 As security issues crop up and patches are deployed or functions are disabled, you should make sure you have the latest build. In order to check, open the desktop application, click on your profile in the top-right, and select "Check for updates."

Read More

Remote Support and Curb Service

High Tech House Calls Announces Remote Support and Curb Service For Computer and Network Issues

Remote support is now available to address any computer issue. You download install a program that allows us to connect to your computer remotely. 

For more involved problems, we can pick up from computer from your front door. Once all issues have been resolved in our lab, your computer is sanitized with a CDC approved disinfectant and return to you with a minimum of human interaction.

Read More