Not only is the use of HTML in electronic mail contrary to convention and against the principle of "What You See Is What Your Correspondent Sent", for some it is dangerous. It can cost them money.
Quite simply, HTML in electronic mail makes scams easier. I discovered this when I received a message that purported to come from support@ebay.com. It started out by saying,
‹html›
‹br›Dear valued eBay member:
‹/p›
Since I am not a member of eBay, I looked at the message's `Received' line. That said:
mt2.adaptive-techs.com ([210.175.252.190])
That did not sound like eBay. Indeed, when I ran the `whois' command on the IP address, I found that the address was allocated in Japan.
Then I looked at the contents:
‹br›To update your eBay records click here:
‹br›‹a HREF=http://195.98.60.158/asp/ebayDLLupdate/index.html
target="_self"›http://cgi1.ebay.com/aw-cgi/ebayISAPI.dll?UPdate‹/a›
‹br›
If you followed the URL, you would be directed to a site with an IP address of 195.98.60.158. The message claims this site is cgi1.ebay.com but by running the `whois' command on 195.98.60.158, I found that it is an IP address controlled by `Commercial Information Networks, Ltd.' in Nizhny Novgorod, Russia.
Perhaps eBay uses a strangely numbered server in Japan to reach the US rather than any of its own block of nearly 8000 IP addresses. But I doubt it. Also, perhaps eBay is attempting to reduce its costs and, as a side effect, to reduce poverty in the former Soviet Union, by employing a server in Nizhny Novgorod, Russia. But I doubt that, too.
All this was evident to me since I seldom view electronic messages as HTML. But I think of my mother, shortly before she died. In her earlier life, she was shrewd and careful, perhaps more than me. But as she aged, she became less alert.
Suppose she had had an account on eBay and received a message purportedly from cgi1.ebay that asked her to update her records? She might well have attempted to comply.
Return to: Notions
Or return to: Rattlesnake Home Page