We have recently upgraded Runbox 7 with a new message list action menu. Per popular request from our customers we have now implemented a new menu that is always shown above the message list, instead of as a popup menu shown only when messages are selected:
We have also upgraded the HTML editor in Compose and added font selections so that you can change the font face when writing messages.
And if you search for email often (like us) you will be happy to know that searches now support date ranges. Here are a few examples of date searches that you can use either directly in the basic search field or via the advanced search pane:
date:2023 All messages in 2023
date:202310 All messages in October 2023
date:20231001 All messages on October 1, 2023
date:2022..2023 All messages from 2022 to (and including) 2023
date:20231001..202311 All messages from October 1, 2023 to (and including) November 2023
For more help on email searches in Runbox 7, please see message search help.
To see all changes to Runbox 7, please go see the Changelog in the app.
Runbox was recently informed via our Internet Service Provider that a global botnet (robotnetwork) consisting of hundreds of thousands of computers has been disrupted by the FBI.
In a coordinated operation taking place on August 29 in the US and several European countries, the malware (malicious software) known as Qakbot was removed from a large number of infected computers around the world.
What is Qaknet?
Since 2008, Qakbot had spread to victim computers mainly through spam email messages that contained malicious attachments or links. The infected computers effectively comprised a multinational infrastructure that cybercriminals utilized to commit ransomware, financial fraud, and other criminal activities.
In recent years the Qaknet botnet grew rapidly and some estimates state that it was related to around 25% of malware websites and responsible for extorting their victims through ransom payments amounting to tens of millions of dollars over the past couple of years.
Protecting your email account
As a security and privacy conscious email service we welcome this news and congratulate law enforcement on disrupting a vast network of cyber criminals who have victimized individuals and businesses on a large scale for decades.
Qaknet has also impacted some Runbox customers and we are contacting those affected directly via email in order to ensure their accounts are secured.
We strongly recommend that all email users utilize antivirus and antimalware software in addition to the spam and virus filters that are available in your email account. You can find a comparison of such software for various platforms at Wikipedia.
More information
More information about the dismantling of Qaknet can be found here:
With this release we are adding more advanced search features including date range searches, as well as improved HTML view controls that let you save display preferences per individual sender.
💡 To access these features, ensure that Runbox 7 is updated by reloading it in a web browser or restarting it on your phone.
More advanced search functionality
Search field controls
By clicking the wrench icon next to the search field you can now easily search only for messages that:
Have one or more attachments.
Have been replied to.
Are flagged.
Are unread.
This screenshot shows the advanced search area that provides you with extensive options for message search:
Advanced search area screenshot
Additionally you can now search by date ranges, for instance messages that were:
Received in 2023: date:2023
Received between 2020 and 2021: date:2020..2021
Received in 2021 or later: date:2021..
Improved HTML message view controls
We have also improved the HTML message view controls that allow you to save HTML and image display preferences for individual senders or for all senders.
The examples below illustrate how this functionality can be used.
HTML view options example 1
Show the text version for the current message:
HTML view options example 2
Show the HTML version with images for all messages from this sender:
Larger popular recipients list
The popular recipients list in Compose has also been improved by increasing the number of contacts from 5 to 10.
The addresses shown beneath the To field can be added to the To field by clicking on them, or dragged to the To, CC, or BCC fields.
Note that this functionality is only available when using the local search index, which is controlled by the “Synchronize index” button in the lower left corner.
Changelog since the previous release
For the more technically inclined, a list of the changes made to Runbox 7 since the previous release can be found below.
This constitutes a major upgrade to the framework and libraries that Runbox 7 is built on, which will facilitate further continuous upgrades and features.
It also includes several bug fixes and improvements, including storing display preferences on the server. This will make the user interface work more consistently across browsers, devices, and sessions and result in a more streamlined experience.
Internal changes (deps): bump ua-parser-js from 0.7.31 to 0.7.33 (75df34d)
Internal changes (deps): bump jszip from 3.7.1 to 3.10.1 (ef32ab1)
Bug fix (drafts): Ensure we only refresh drafts once per folders update (f024af2)
Bug fix (delete): Catch/Prevent more errors by ensuring defaults (5e83f89)
New feature (mailviewer): Display incoming attachment sizes (926ab4b)
Bug fix (compose): More readable attachment file size display (e44fc63)
Visual changes (security): Specify which special characters are allowed in passwords. (#1401) (c575f06)
Internal changes (deps): Update angular2-hotkeys to v13 (85aee64)
Internal changes (deps): Upgrade to angular 12 (11b3aeb)
Internal changes (deps): Update nodejs version for CI (a5cd077)
There’s an uptick in phishing emails again. Here’s a refresher.
In the past few weeks there have been a series of phishing attacks aimed at a small subset of Runbox customers. The goal of these scams is to trick unsuspecting email users into clicking on malicious web links and entering their Runbox username and password, enabling the scammers to steal their password.
At Runbox we are constantly on guard against phishing attacks against our customers, and here we take a closer look at this increasing problem and some simple steps you can take to protect yourself.
As a summary, ensure that you check:
The From address. Phishing messages almost always come from a random email address that do not match our list of Official Runbox Email Addresses.
The messageaddresses you by name. Scammers typically only have lists of email addresses without any first or last names, so if the message does not address you by your first and last name it is likely to be a scam.
The legitimacy of any email with links. Check where the link will actually take you. Hover over it with your mouse, and you can see whether it will in fact take you to some random address not associated with Runbox at all.
Any false urgency. Runbox will never pressure you to act suddenly. Scammers may try to create a sense of urgency to persuade you to do what they’re asking.
What is phishing?
Example of a recent phishing message
Phishing is a type of cyber attack in which an attacker attempts to obtain sensitive information such as usernames, passwords, or credit card details by posing as a trustworthy entity via email messages.
The word “phishing” is derived from fishing and refers to using lures to “fish” for sensitive information. Phishing attacks typically use social engineering to gain a victim’s trust, and use spoofing such as faking an email address or URL to make the attack appear legitimate.
When phishing attacks are targeted at certain services or individuals it’s called “spear phishing”, and in this case they appear to be sent from Runbox Support, the Runbox Team, or other similar official sounding names.
Email users who are unfortunate enough to receive a spear phishing message and end up divulging their Runbox login details can end up having their Runbox accounts hijacked and used to send spam, which then forces us to suspend the accounts until the customer can regain access.
With access to an email user’s account the attackers may then be able to access their personal information and use it to commit fraud or identity theft, which can in turn result in financial loss or worse.
Naturally such account hijacking causes much confusion for the affected customers in addition to the privacy intrusion and consequences for the recipients of the spam being sent, which is often another phishing scam. The phishing then continues to cascade to new groups of innocent users of other email services, while exploiting people’s trust and rarely being caught.
It is important to understand that these scammers are criminals, and that being tricked into disclosing any login details can have serious consequences.
How to spot phishing
The easiest way to see whether a message is in fact from Runbox is to check the From address, as phishing emails almost always come from a random email address not on any Runbox domain names such as runbox.com.
Another important clue is whether the email addresses you by name, or whichever name you have entered in your Runbox Account details. Attackers typically only have lists of email addresses without any first or last names, so if the message does not address you by name it is likely to be a scam.
The third way to check the legitimacy of any email which asks you to click on a link, is to check where the link will actually take you. Some phishing links look like they link to a Runbox web page, but if you hover over it with your mouse, you can see that it will in fact take you to some random address not associated with Runbox at all.
If in doubt, go to our main website Runbox at https://runbox.com for information, or contact us via Runbox Support at https://support.runbox.com.
Do not be fooled or threatened by the scams
Most phishing emails have a very urgent and even threatening tone, trying to scare the recipient into acting right away to avoid having their account shut down or disrupted.
The scammers might even read our blog or other web pages and notice that we have two webmail versions, and subsequently send messages claiming that if you don’t switch to the newer version within X days, then your account will be shut down, for instance.
Legitimate messages from the Runbox Team will always give notice about something happening in the future, or optional new features.
Catching the scammers
We are constantly working to improve our defenses against phishing attacks, spam, and viruses, and we take immediate action to remove spear phishing messages as soon as we become aware of an attack.
If you have received any scam emails like the ones described above without responding in any way then your account is perfectly safe. We do however appreciate you notifying us via Runbox Support at https://support.runbox.com so that we can take steps to protect you and our other customers against the attack.
Here at Runbox we have been hard at work over the past several months making improvements to Runbox 7, our cutting edge webmail app available at https://runbox.com/app.
Our goal is to develop the fastest and most user-friendly email service available, and as we’re winding down a bit for the holidays we take the opportunity to tell you all about the many bug fixes and other improvements we have made based on feedback from you, our customers.
The most noticeable change is that we have decreased the font sizes slightly, which allows a much more efficient use of the available space in your browser:
Runbox 7 screenshot
Based on your feedback we have fixed a large number of issues that makes the Runbox 7 app more streamlined in everyday use. Through a series of Quality Milestones and a thorough review of Runbox 7 feedback along with diverse support requests we have made over 70 improvements to:
The overall performance and reliability of the app
Folder and message list displays
Compose and the Draft Desk, including attachment handling
Message view including the display of HTML and images
Settings including Identities and Account Security
After this period dedicated to improving the quality of existing functionality in Runbox 7 we are gearing up to continue implementing the Runbox 7 Roadmap in 2023, so stay tuned for new features and improvements coming your way in 2023!
