Nothing new of course about "Please be careful when opening attachments and links from external senders". I never allow this kind of things. But suddenly I see in several emails I receive this message (from different senders, different languages as you can see) in Thunderbird: In English: ATTENTION: Please be careful when opening attachments and links from external senders. In German: ACHTUNG: Bitte seien Sie vorsichtig beim Öffnen von Anhängen und Links externer Absender. In Dutch: Pas op!: Deze e-mail komt van buiten [company name removed], pas op met links en attachments. OK, fine. But who is putting that message there? The sender? His/her email client? Their provider? Their computer or smartphone or tablet? My provider? Thunderbird? My AV Eset? Or whoever? I'm just curious... Do others see this?
OK, I just searched for it (I should have done it earlier). I see now that I'm not the only one. Just only this search: https://duckduckgo.com/?q=Please+be+careful+when+opening+attachments+and+links+from+external+senders&t=h_&ia=web I gotta read there more.
Whenever I've gotten attachments in emails, I *always* check if it's from a known source. For example: my power company sends me a pdf--there's the warning you mentioned about being careful and whatnot. It's mostly been from the senders, if they're legit to begin with.
As far as I know it was the first time I saw this (in the last day, and from completely different senders and different countries). There must have been a change made very recently somewhere by some email client (if email client is the right word in this case ...).
It could be the sender's email client or email provider, but most likely it is their security software. Symantec endpoint protection by default automatically inserts a warning in outgoing/forwarded emails in Outlook (desktop client), if the message contains an attachment or if a security issue has been detected in the email. I usually keep this option unchecked.
Do you know who is their e-mail provider? Even if they have custom domain it usually can be done discovered. Look for MX DNS record and see who owns that IP address. You can also use webtools like: mxtoolbox.com Put only domain here Sender's e-mail client can be usually learned by checking e-mail headers. Are you using webmail? Webmail client sometimes add additional warnings on some of incoming e-mails.
