1
00:00:01,920 --> 00:00:06,480
Speaker 1: Welcome to brain Stuff, a production of iHeart Radio, Hey

2
00:00:06,559 --> 00:00:10,920
Speaker 1: brain Stuff, Lauren vog Obam. Here. Your typical email program

3
00:00:11,000 --> 00:00:14,600
Speaker 1: has several options to simultaneously message more than one person.

4
00:00:15,040 --> 00:00:17,599
Speaker 1: You can load up the two box with many recipients

5
00:00:17,600 --> 00:00:20,520
Speaker 1: and then blast away. Or you can put some or

6
00:00:20,680 --> 00:00:23,400
Speaker 1: one in the two spot and then see ce the

7
00:00:23,440 --> 00:00:27,880
Speaker 1: rest or b C C some or all. That b

8
00:00:28,080 --> 00:00:30,840
Speaker 1: C C might be the trickiest, as it means that

9
00:00:30,880 --> 00:00:33,960
Speaker 1: not everyone is privy to the same information, and it

10
00:00:34,040 --> 00:00:37,160
Speaker 1: has some of the biggest risk for pitfalls. So when

11
00:00:37,159 --> 00:00:39,120
Speaker 1: do you CEE CEE and when do you b C C?

12
00:00:40,400 --> 00:00:44,280
Speaker 1: First the basics, the C C field probably stands for

13
00:00:44,440 --> 00:00:47,559
Speaker 1: carbon copy and the b c C field stands for

14
00:00:47,680 --> 00:00:51,320
Speaker 1: blind carbon copy. The carbon copies were common prior to

15
00:00:51,360 --> 00:00:54,920
Speaker 1: email communication, and even more so prior to photo copying.

16
00:00:55,600 --> 00:00:57,920
Speaker 1: In those days, if you wanted to distribute copies of

17
00:00:57,920 --> 00:01:00,800
Speaker 1: a typed or handwritten document, you might writer type them

18
00:01:00,840 --> 00:01:04,039
Speaker 1: on stacks of thin sheets of paper with a piece

19
00:01:04,080 --> 00:01:08,800
Speaker 1: of pigmented carbon paper sandwiched between each sheet. The pressure

20
00:01:08,840 --> 00:01:10,880
Speaker 1: of writing or typing on the top sheet of paper

21
00:01:11,000 --> 00:01:13,880
Speaker 1: would transfer pigment from the carbon paper to the blank

22
00:01:13,959 --> 00:01:17,880
Speaker 1: sheet underneath. Creating a carbon copy of the inked original.

23
00:01:18,480 --> 00:01:21,160
Speaker 1: You can still find carbon copies in some memo pads

24
00:01:21,280 --> 00:01:25,160
Speaker 1: or similar technology in more modern checkbooks and restaurants server pads.

25
00:01:26,319 --> 00:01:29,560
Speaker 1: But these days, an email CC means you sent a

26
00:01:29,560 --> 00:01:31,959
Speaker 1: copy of a message to someone other than the direct

27
00:01:32,000 --> 00:01:34,400
Speaker 1: recipient in the two line. It's an easy way to

28
00:01:34,480 --> 00:01:37,840
Speaker 1: keep vested parties in the loop on a subject. Notably,

29
00:01:37,920 --> 00:01:40,960
Speaker 1: the CC format allows everyone to see each other's email

30
00:01:40,959 --> 00:01:46,120
Speaker 1: addresses as well. BCC works the same way as CC,

31
00:01:46,680 --> 00:01:50,000
Speaker 1: except the direct recipient in the two line doesn't know

32
00:01:50,240 --> 00:01:54,480
Speaker 1: that anyone was BC seed on the message. So, for example,

33
00:01:54,680 --> 00:01:57,280
Speaker 1: if you emailed the subordinate at work about being late

34
00:01:57,320 --> 00:02:00,000
Speaker 1: with the project and bcced your own boss to show

35
00:02:00,000 --> 00:02:02,920
Speaker 1: them that you were being diligent about tardiness, your subordinate

36
00:02:03,000 --> 00:02:05,760
Speaker 1: wouldn't know that their lateness was being pointed out to

37
00:02:05,920 --> 00:02:10,840
Speaker 1: your own superior. If that sounds a little secretive or tattily,

38
00:02:11,320 --> 00:02:14,959
Speaker 1: it can be. BCCs usage can be loaded with etiquette

39
00:02:14,960 --> 00:02:19,200
Speaker 1: pitfalls and potential backlash. It might be perfectly innocent. Let's say,

40
00:02:19,240 --> 00:02:21,560
Speaker 1: if you're asking a question to a large group but

41
00:02:21,800 --> 00:02:24,639
Speaker 1: don't want to burden the entire group with receiving every

42
00:02:24,680 --> 00:02:30,040
Speaker 1: single person's answer. Just BCC everyone, But if you're purposefully

43
00:02:30,120 --> 00:02:32,880
Speaker 1: hiding the fact that there are other recipients, it can

44
00:02:32,960 --> 00:02:38,440
Speaker 1: be trouble. BCC is a notorious office space landmine, particularly

45
00:02:38,480 --> 00:02:41,959
Speaker 1: if a secret person who's blind copied doesn't just reply

46
00:02:42,040 --> 00:02:46,239
Speaker 1: to you, but accidentally hits reply all. Their reply will

47
00:02:46,240 --> 00:02:51,000
Speaker 1: go both to you and the messages direct recipient. Now, whoops.

48
00:02:51,360 --> 00:02:54,520
Speaker 1: One of many reasons to be careful about reply all.

49
00:02:55,560 --> 00:02:59,000
Speaker 1: But still, there are some very good reasons to use BCC.

50
00:02:59,760 --> 00:03:03,440
Speaker 1: Maybe a year supervisor of various contractor freelance workers who

51
00:03:03,480 --> 00:03:05,919
Speaker 1: never interact with each other, and you want to update

52
00:03:05,919 --> 00:03:09,440
Speaker 1: them all on policy changes without having to send individual emails.

53
00:03:09,960 --> 00:03:12,400
Speaker 1: This isn't just a matter of convenience for you. It

54
00:03:12,480 --> 00:03:15,760
Speaker 1: also protects the privacy of your freelancers who probably don't

55
00:03:15,760 --> 00:03:18,600
Speaker 1: want a bunch of virtual strangers to see their personal

56
00:03:18,639 --> 00:03:22,720
Speaker 1: email address. Or maybe your company trying to contact many

57
00:03:22,760 --> 00:03:26,640
Speaker 1: customers about an important issue. You absolutely have to use BCC.

58
00:03:26,919 --> 00:03:30,520
Speaker 1: Otherwise hundreds or thousands of people will suddenly see private

59
00:03:30,520 --> 00:03:34,240
Speaker 1: email addresses. That's a major breach of trust. But is

60
00:03:34,280 --> 00:03:36,760
Speaker 1: there a way for recipients to find out who was

61
00:03:36,840 --> 00:03:41,440
Speaker 1: BCC on a message. We spoke via email with Shared

62
00:03:41,520 --> 00:03:44,480
Speaker 1: de Grippo, Senior director of Threat Research and Detection for

63
00:03:44,560 --> 00:03:49,120
Speaker 1: Proofpoint Email. She said, generally recipients can't see if someone

64
00:03:49,160 --> 00:03:52,160
Speaker 1: has been blind copied on a message. Servers that receive

65
00:03:52,240 --> 00:03:55,960
Speaker 1: messages are designed to strip out BCC information before they

66
00:03:56,000 --> 00:03:58,640
Speaker 1: pass the message on to the recipient. This is the

67
00:03:58,640 --> 00:04:01,720
Speaker 1: case for all recipients, including those in the two c

68
00:04:01,960 --> 00:04:05,600
Speaker 1: C and BCC lines. The most common way for someone

69
00:04:05,600 --> 00:04:08,160
Speaker 1: to figure out blind copied email addresses is when the

70
00:04:08,160 --> 00:04:11,120
Speaker 1: sender accidentally puts people meant to be in the BCC

71
00:04:11,280 --> 00:04:15,960
Speaker 1: line in the CC line. However, she notes that threat

72
00:04:16,000 --> 00:04:19,760
Speaker 1: actors or packers have found ways to attack the privacy

73
00:04:19,800 --> 00:04:23,919
Speaker 1: of BCC. One would be to access the target's inbox

74
00:04:23,960 --> 00:04:26,120
Speaker 1: in one way or another and then simply look in

75
00:04:26,160 --> 00:04:28,359
Speaker 1: the scent items to find out who was sent a

76
00:04:28,400 --> 00:04:31,720
Speaker 1: BCC message. Or if your device is infected with data

77
00:04:31,720 --> 00:04:35,520
Speaker 1: stealing malware, an attacker could access messages in the scent folder,

78
00:04:36,400 --> 00:04:40,040
Speaker 1: the Crippo said. Another opportunity for compromise occurs when an

79
00:04:40,040 --> 00:04:43,680
Speaker 1: attacker intercepts the sender's network traffic while the email is sent,

80
00:04:44,040 --> 00:04:47,520
Speaker 1: and they see all recipients, including those blind copied, and

81
00:04:47,680 --> 00:04:50,200
Speaker 1: she explained that this kind of thing happens frequently when

82
00:04:50,240 --> 00:04:53,640
Speaker 1: someone is using public unencrypted WiFi and an attacker taps

83
00:04:53,680 --> 00:04:58,080
Speaker 1: into the WiFi network traffic. And finally, quote if an

84
00:04:58,080 --> 00:05:01,080
Speaker 1: attacker has compromised the emails rivers of the sender or

85
00:05:01,120 --> 00:05:04,480
Speaker 1: any of the recipients, or intercepts the network traffic between

86
00:05:04,520 --> 00:05:09,120
Speaker 1: these servers, they can also see all recipients. In other words,

87
00:05:09,279 --> 00:05:13,000
Speaker 1: BCC is anything but impenetrable, so if you're a spy

88
00:05:13,040 --> 00:05:16,839
Speaker 1: training in state secrets, you've been warned to protect yourself

89
00:05:16,920 --> 00:05:19,320
Speaker 1: when using BCC, you can take a number of steps.

90
00:05:19,720 --> 00:05:22,080
Speaker 1: The first and most obvious is to double check your

91
00:05:22,120 --> 00:05:25,640
Speaker 1: recipients before you send any BCC messages, just to be

92
00:05:25,760 --> 00:05:30,880
Speaker 1: absolutely sure you're using BCC and not CC. You should

93
00:05:30,960 --> 00:05:34,760
Speaker 1: also regularly update your security software and anti virus programs.

94
00:05:35,200 --> 00:05:37,839
Speaker 1: That way, your device will be guarded against current threats,

95
00:05:38,440 --> 00:05:41,440
Speaker 1: the Grippo said. Be sure to also safeguard your email

96
00:05:41,480 --> 00:05:45,400
Speaker 1: accounts with strong passwords and multi factor authentication whenever possible.

97
00:05:46,000 --> 00:05:49,320
Speaker 1: It's important to avoid using un encrypted public WiFi networks,

98
00:05:49,360 --> 00:05:51,680
Speaker 1: and if you must use them, be sure to use

99
00:05:51,720 --> 00:05:54,760
Speaker 1: a virtual private network or VPN that will encrypt and

100
00:05:54,800 --> 00:06:03,080
Speaker 1: protect your information. Today's episode was written by Nathan Chandler

101
00:06:03,080 --> 00:06:05,240
Speaker 1: and produced by Tyler Clang. For more on this and

102
00:06:05,279 --> 00:06:08,400
Speaker 1: lots of other technological topics, visit how stuffworks dot com.

103
00:06:08,480 --> 00:06:10,760
Speaker 1: Brain Stuff is production of my heart Radio. For more

104
00:06:10,760 --> 00:06:13,240
Speaker 1: podcasts for my heart Radio, visit the I heart Radio app,

105
00:06:13,320 --> 00:06:15,920
Speaker 1: Apple Podcasts, or wherever you listen to your favorite shows.