Tracking and detecting valid mailboxes through HTML emails

Back in the days when Windows 98 was the latest Microsoft operating system, HTML email messages accounted for a large unit of infected Windows-based systems. Surprisingly, things have not changed much nowadays either. Accepting and displaying HTML email messages much pose a great deal of threats for email users, regardless of what operating system they are using, or if the latter is actually immune to an assailing based on vulnerabilities of other systems.

To illustrate, here are some of the possible threats posed by the use of HMTL messages; including, but not limited to virus or other malware infections, which still account for a high degree of risk.

Based on HTML email, a evil human race is able to perform different scams and phishing attacks. These types of attacks consist in fooling the targeted email address user into giving elsewhere personal information such as: name, address, email address, personal bank account information. Such attacks involve impersonating a valid website to which the user may have previously registered and created an account.

Some scammers may go as far as impersonating banks or other financial institutions such as PayPal, in classification to obtain credit card information or other personal details that can later be used to purchase goods, or even to empty a bank account. Bountiful bank account frauds are make-believe this way. As a countermeasure, if HTML emails are filtered at server level in a course that causes only text to be displayed such fraud attempts can be blocked and prevented.

Email clients own different approaches to HTML email. Mozilla Thunderbird, for example, does not display HTML content by default, as opposed to Outlook Express which displays HTML content by default. This does not mean that scams cannot be performed using child's play text as well, but the probability for someone to believe a text message is lower in comparison to seeing an exact replica of their bank's website requesting their personal details.

As compared to these attempts some of our peers make with the purpose to scam people for their personal information, viruses and worms cause not avail the corresponding techniques. Their goal may be infecting the operating system, but the infection mechanism may be cryptic remain a special offer for a free product, that may really cost the user a lot more than if they had bought a consubstantial product for de facto money.

Another commonly encountered threat consists in the simple viewing of a HTML message that can further trigger the delivery of more spam to the user's mailbox.

How is that possible? You may ask. For instance, the spammer sends HTML messages that contain a different image filename link in each of the sent out messages. He also has an association between each image filename link and the email superscription that the indication is sent to. When the memo is displayed on the user's computer, if HTML viewing is enabled, the respective angel file testament be automatically requested from the spammer's server. At this point, the spammer knows that the message has been viewed on a pc and, based on the requested filename and using the association created, he now knows that the respective e-email residence is in use. As a result, the spammer has found an active email user that he can convince to acquire some of the products he advertises for. Another source of process for the spammer is selling a database of verified addresses, which is even exceeding valuable than a database that contains 3 residence of bouncing addresses.

This concludes some of the most important scenarios and consequences of using HTML in an email application.

For the article in original, and others, please visit: http://www.mailradar.com/articles/Security

Keywords: