"Lu Wei" <
luwe...@gmail.com> wrote
| People using email distribute at large scale. My most colleagues know
| nothing about scripts in email, certainly not because they are a bit
| behind the times; in fact they tend to deem the use of email is a bit
| behind the times, not to say Windows XP, even Usenet which they never
| heard of.
|
Yes. That's a good point. If I want to reach my techie niece
I can do it in 40 seconds with a text, or 5 days via email. But
it takes me about 10 minites to write the text. And I have to turn
on my cellphone, wait for it to boot... :)
Actually, so many people use webmail these days that most
people are allowing script. I think TBird disables it by default.
And I disable HTML email. But most people I know are using gmail,
and doing it in a browser. They don't know any better.
There are spyware companies like Constant Contact that sell
spyware/mailing services, for example. Companies have their
email sent out from CC. CC embeds script and possibly web bugs
that allow them to track when the recipient opens the email and
how far down they scroll each time they open it. In traditional
email such tricks are useless. But apparently so many people
use webmail, with script fully enabled, that the CC fees are
worthwhile to companies.
| The sample link seems legitimate to me. Normally I wont click it unless
| it is from someone I trust. If my friend's uid needs clicking to gain
| some benefit, I would like to help.
It depends on what you call legitimate. I wouldn't
call it legitimate to secretly embed your name, email and address
in a link to identify you when you visit a webpage. This kind of
thing is becoming common. A typical example is fbclid tacked
on by Facebook as a kind of URL cookie when people click links
on FB.
Some are legitimate, in a sense. For example, my dentist requires
me to confirm my appt. My dentist, of course, pays another
company to handle all that. I get a link about 300 characters
long. If I don't load the whole link I'll have an angry dental
receptionst calling me. So I have to allow the 3rd-party company.
Though I run the URL in New Moon with script disabled.
Moral of the story being that I wouldn't just click a URL without
checking it to see the destination and details. In general, if there's
a "?", I'll snip off everything from there on.