Stupid Earthlink tricks

Trying to be helpful when displaying a message, if the “To:” address lacks a display name, Earthlink Web Mail uses the name in the user’s profile as the display name.

For example, suppose a message is sent to [email protected] with only the e-mail address as opposed to something like “User Name <[email protected]>”

Web Mail “helpfully” shows the To" address as “Name from Profile <[email protected]>” instead of just the address.

Phishing remains a major security problem. Displaying messages in this way gives the potential victim the impression that the sender knows the name of the recipient.

It’s not just Earthlink. Try to find this information on an ios device, or from many mail clients. ios goes so far as to substitute contact information making it even harder to determine the actual from address.

And there is a similar trend in browsers to aggressively mask URL content.

sigh<

I am Mr. Transparency. This is so disturbing…

I believe the stated motivation is along the lines of simplification for users, and people don’t look at that clutter anyway. It’s a UI argument that I understand and disagree with. It’s OK to mask it on the surface, It’s not OK to hide it completely or even make it hard to find.

The last time I had anything to do with Earthlink it was their intensely stupid whitelisting mechanism where FROM addresses had to be individually approved prior to email being accepted. I assumed this was because the service was too cheap to implement spam filtering like everyone else.

What makes it OK to access my profile to synthesize a display name?

The only benefit I can come up with is lessening the confusion for those who use multiple e-mail addresses within a single inbox. Not worth the added vulnerability to phishing.

They still offer that feature as “Suspect Email Blocking.” Fortunately, it is optional - I totally agree that it is annoying.

Their spam filter “Known spam Blocking” works well most of the time.

I agree completely.