1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Pitfalls E-mail client using HTML

Discussion in 'Virus & Other Malware Removal' started by Davey7549, Feb 1, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. Davey7549

    Davey7549 Thread Starter

    Joined:
    Feb 28, 2001
    Messages:
    11,584
    Seems allowing HTML in Outlook, Outlook Express and Netscape E-mail clients can be exploited quite easily by Spammers or anyone who wishes to gather information such as Valid Address, Date and Time of opening E-mail, IP address at time of opening and other information normally contained in header info of E-mails.
    This also begs the question if other code could be embedded into into an E-mail without our knowledge!

    Ran into a website that graphically showed the vunerablility we face if someone wants to be tricky.

    This is basically how it works.
    Sendor of E-Mail Embeds Img Src code for object via code and directs source back to thier server. This object could be as small as 1 pixel x 1 pixel and also transparent so you do not know it is happening. When request for object is received at sending server information of request, IP address, E-Mail Address, Time and date stamp user agent info, Client, OS and versions all can be gathered.

    This is bad enough but it will also happen if crafted message is forwarded on to anyone else!

    Seems the more creative one gets with their communications the more vunerable one becomes to misuse!

    Here is the site that explains the problem further and has a working model of it to show the vunerability!

    Many thanks to Jim Mackraz for providing us with this heads up!
    http://mackraz.com/trickybit/readreceipt/

    Dave
     
  2. jm100dm

    jm100dm

    Joined:
    May 26, 1999
    Messages:
    994
    Thanks for the link Dave. I think that I will stick with HTML and just delete from people that I don't know.

    Thanks
     
  3. Davey7549

    Davey7549 Thread Starter

    Joined:
    Feb 28, 2001
    Messages:
    11,584
    JM
    I agree I also like HTML however one must realize the pitfalls and also realize that if the preview function is active and they are online the request is sent the moment one highlights the mail!

    Dave
     
  4. jm100dm

    jm100dm

    Joined:
    May 26, 1999
    Messages:
    994
    Dave,
    Another thing that new users may not realize is if you use the delete key within an e-mail the next one opens automatically. This can create the same situation or open a virus,worm etc... contained in the next e-mail. Always safest to close the e-mail prior to deleting it In my opinion.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/116511

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice