Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.

Pitfalls E-mail client using HTML

860 views 3 replies 2 participants last post by  jm100dm 
#1 ·
Seems allowing HTML in Outlook, Outlook Express and Netscape E-mail clients can be exploited quite easily by Spammers or anyone who wishes to gather information such as Valid Address, Date and Time of opening E-mail, IP address at time of opening and other information normally contained in header info of E-mails.
This also begs the question if other code could be embedded into into an E-mail without our knowledge!

Ran into a website that graphically showed the vunerablility we face if someone wants to be tricky.

This is basically how it works.
Sendor of E-Mail Embeds Img Src code for object via code and directs source back to thier server. This object could be as small as 1 pixel x 1 pixel and also transparent so you do not know it is happening. When request for object is received at sending server information of request, IP address, E-Mail Address, Time and date stamp user agent info, Client, OS and versions all can be gathered.

This is bad enough but it will also happen if crafted message is forwarded on to anyone else!

Seems the more creative one gets with their communications the more vunerable one becomes to misuse!

Here is the site that explains the problem further and has a working model of it to show the vunerability!

Many thanks to Jim Mackraz for providing us with this heads up!
http://mackraz.com/trickybit/readreceipt/

Dave
 
See less See more
#4 ·
Dave,
Another thing that new users may not realize is if you use the delete key within an e-mail the next one opens automatically. This can create the same situation or open a virus,worm etc... contained in the next e-mail. Always safest to close the e-mail prior to deleting it In my opinion.
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top