The Hidden Dangers In E-mail
Here are a few
notes that I picked up when I was
re-searching some recent e-mail disasters.
Here are a few examples of the things that can be done.In Internet Explorer 4 it is possible to open a Web page in full-screen mode without a menu bar, tool bars, and window frame. Except for a vertical scroll bar on the right hand size of the screen, the Web page uses all of the pixels on the screen.
The "White Screen of Death" page uses the full-screen mode to make it appear that a system has crashed by turning the screen to all white. In addition, it hooks the blur and unload events to make it impossible to switch or close the window.
The only solution is to switch off
("Auto-launching Microsoft Word")
In Outlook Express, Microsoft Word (or Microsoft Excel) can be automatically run from an Email message.
The document to be edited by Word can be supplied by a remote Web server or
There can be a bad security hole here if you have turned off the warning in Word about automatically running macros when a document is loaded.
If this warning has been turned off, the Web server can download to Word a document that is infected with a macro virus and your machine becomes infected.
Netscape Messenger can also auto-launch Word from an Email message, but it puts up a security warning first which allows you to stop Word from running.
This same security hole exists in Eudora 4, but was eliminated in Eudora 4.1.
The solution is to be sure that
Microsoft office documents have the auto macro facility switched off.
By using startup switches, you can control certain events when you start Word.
/mmacroname Runs the specified macro and prevents the AutoExec macro (if any) from running. If you just want to prevent the AutoExec macro from running, omit macroname.
A Web Bug is a graphics on a Web page or in an Email message that is designed to monitor who is reading the Web page or Email message. Web Bugs are often invisible because they are typically only 1-by-1 pixel in size. They are represented as HTML IMG tags. For example, here are two Web Bugs recently found on Quicken's home page. The two Web Bugs were placed on the home page by Quicken to provide "hit" information about visitors to DoubleClick and MatchLogic (AKA, preferences.com), two Internet advertising companies. Any graphics on a Web page that is used for monitoring purposes can be considered a Web Bug. Ad networks can use Web Bugs to add information to a personal profile of what sites a person is visiting. The personal profile is identified by the browser cookie of an ad network. At some later time, this personal profile which is stored in a data base server belonging to the ad network, determines what banner ad one is shown. Another use of Web Bugs is to provide an independent accounting of how many people have visited a particular Web site. Web Bugs are also used to gather statistics about Web browser usage at different places on the Internet.Where can you find Web Bugs being used?
What kinds of uses does a Web Bug have in an Email message? A Web Bug can be used to find out if a particular Email message has been read by someone and if so, when the message was read. A Web Bug can provide the IP address of the recipient if the recipient is attempt to remain anonymous. Within an organization, A Web Bug can give an idea how often a message is being forwarded and read.
Why are Web Bugs used in "junk" Email messages? To measure how many people have viewed the same Email message in a marketing campaign. To detect if someone is viewed a junk Email message or not. People who do not view a message are removed from the list for future mailings. To synchronize a Web browser cookie to a particular Email address. This trick allows a Web site to know the identity of people who come to the site at a later date,Here are some of the Email marketing companies who are known to use Web Bugs?
Email Web Bugs are represented as 1-by-1 pixel IMG tags just like Web Bugs for Web pages. However, because the sender of the message already knows your Email address, they also include the Email address in the Web Bug URL. The Email address can be in plain text or encrypted. For example, here are two Web Bugs sent t in junk Email messages:
Is there any method of removing
Web Bugs from HTML pages?
The technical problem is that there is no method of distinguishing Web Bugs from spacer GIFs which are used on Web pages for alignment purposes.
Your best defense against Web Bugs is to turn off cookies. Instructions for turning off cookies can be found at the Junkbusters Web site: http://www.junkbusters.com/ht/en/cookies.html#disable One note about cookies. Netscape Navigator and Internet Explorer will still send out existing cookies after disabling cookies in the browser. You must manually delete any cookie files on your hard drive to eliminate being tracked by third-party ad networks.
This message uses Microsoft's TDC (Tabular Data Control) ActiveX control to read files from the hard disk. This control is available on any Windows system that is running the Internet Explorer 4 browser. Because the TDC Activex control is signed and already loaded on a computer, there are no security warnings when this page is loaded.
If the page is downloaded from a Web server, the TDC control will refuse to read any files from the hard drive. However, if the page is sent as an Email attachment, hard disk files can be accessed by the page when the attachment is clicked on. To see this in action copy this section to an Email and send it to yourself as html format then look at it with Internet Explorer
The GUID serial number was originally put in Office 97 document files to correct broken hyperlinks. Ironically this feature was never implemented, but the serial numbers remain.
To locate a GUID in a Word document, simply open the .DOC file in Notepad and search for the string "GUID". The GUID serial number will follow immediately in the document.
To fix this problem, Microsoft is providing a patch to Office 97 which will stop putting serial numbers in new document files. For existing files, Microsoft will also be providing a stripper utility for removing serial numbers. Click here for more details.
The Office 97 issue is independent of the operating system and will occur under both Windows 95 and Windows98. There are reports that the problem also exists in Office 98 documents for the Macintosh.
Note that in Office 2000, GUIDs are no longer generated for document files.
However a number of GUIDs are included in a file if the document contains VBA
macros. There is currently no method of removing these macro GUIDs except to
delete the macros themselves.
This one line HTML Email message will hang the Eudora and
<html> <script> while(1) alert ("Help, I am caught in an infinite loop!"); </script> </html>
program is automatically executed and puts up a continuous stream of alert
boxes on the screen. In both Email readers, there doesn't seem to
be any method of easily stopping the alert boxes. CTRL-ALT-DEL
is required to shutdown the hung Email reader.
Worse yet, the next time Email is read, Eudora and Netscape Messenger will
hang again on the same Email message if the message preview pane is turned on.
This message will likely permanently disable the Email reader. To fix the problem
requires a person with technical knowledge to manually edit the "in" box message
Moral of the story, Email readers should never, ever automatically
programs embedded in Email messages even if these programs are written
Eudora 4 bug allows an innocent looking Web link in an Email message to execute an attached .EXE file or .BAT file. For pretty obvious reasons, this is not a good thing. For the bug to work correctly, Eudora 4 must be using Microsoft's Internet Explorer 4 browser to display HTML-based Email messages.
This bug was reported to Qualcomm, the makers of Eudora, at the end of August 1998 and was fixed immediately with a patch. It is highly recommended that anyone running version 4.00 or 4.01 of Eudora for Windows should upgrade to version 4.1. The update is available at:
- N.E.M Business Solutions UK. Tel / Fax 01823 680119
or mobile 0468 981196