Contact
DON'T SURF IN THE NUDE
Security on a Shoestring
Current page:
Mail box devil GIF.
Internet Security Sites
CERT
Castle Cops
Counterexploitation (cexx.org)
Microsoft Security
PC Flank
Security Focus
Spychecker
Spyware Guide
Spyware Info
Spyware Warrior
Unwanted Links
Wilders Security Advisors
Last Update
12/12/2006
Links
Get Thunderbird
Security and privacy
With Online email providers and ISP companies now scanning emails for viruses and weeding out spam, using email is a lot safer, but there are still security and privacy issues.

- HTML emails may contain 'web bugs' - tiny invisible pictures which spy on you and may put a tracking cookie on your computer. 

- HTML emails like web pages may contain active content which may be malicious in nature.  

- Email attachments may contain viruses.

- Clicking on a link in a link in an email may result in malicious programs being downloaded to your computer.

- Emails may be viewed by people other than the intended recipient. 

E-mail issues SecurityFocus.com
Email privacy & security Eric L. Howes
Internet Explorer carved up by zero-day hole computerworld.com

For users of Windows and Outlook Express, the latest update (XP SP2) addresses three of these issues: pictures (and therefore web bugs) are blocked in emails unless you trust the sender and choose to accept them; Outlook Express uses the Restricted Sites zone, so active content is blocked; attachments which may contain a virus are not saved or opened.

Use the New Security Improvements in Outlook Express microsoft.com

If you're concerned about sending confidential or private information over the internet, find out about email encryption.

Email Security Encryption Outlook Express newbie.org
Pretty good privacy webopedia.com
Freeware download (for non-commercial use) pgp.com

Here is some more information on viruses, and also about spam and the latest threat, phishing:

Biohazard.

Virus: "A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves."
(Webopedia)

Emails may come with attachments which can carry viruses and Trojan horses. Internet based email providers like Hotmail and ISP companies now scan attachments and won't let you download any that contain a virus, but there's no guarantee they won't have missed a new one.

- Be suspicious of ANY attachment. Make sure your email client is set to block attachments which may contain a virus.

- If you really want to open it, save it to disk and scan it with an up-to-date anti-virus program before you open it.

- Do not automatically trust attachments from friends: their computer may be infected by a virus which is sending itself out to all your friend's contacts, or you friends email address may have been spoofed.

How to toughen the weakest link in the security chain PC Flank
Email spoofing. Who really sent that email? spywareinfo.com
The complete Windows Trojans paper Frame4 Security

Even clicking on a link in an email can be dangerous.

- Do not follow links in untrusted email.

Frequently Asked Questions About Malicious Web Scripts Redirected by Web Sites cert.org

Spam

Spam: "Electronic junk mail." (Webopedia)

Even if you spam ends up in your Hotmail junk file nowadays, there are still important issues.

- Find out how spammers obtain your address and how to reduce the amount of spam you get.

- Don't view spam emails or you will confirm your email address and get more spam. Spam emails may contain 'web bugs.' These are tiny, transparent pictures which you can't see. They don't actually exist in the email, but your email client must make a call to obtain them to a server at another address on the internet. When your email client makes this call, it alerts the server to the fact that your email address is a real address. Turn off the preview pane in your email client or block pictures in emails. (See note above)

How can I fight spam? PC Flank
Tracking spammers internetprivacyfordummies.com
Junkbusters' junk email headlines junkbusters.com
Avoiding spam cexx.org

Fishing.

Phishing: (fish´ing) (n.) "The act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user's information."
(Webopedia)

Phishing has been in the news a lot recently. If you fall victim, you could be the victim of theft. See if you can spot a phish by tacking the phishing IQ test below.

Phishing IQ test II MailFrontier

Here's some advice:

- Don't always trust links in emails to take you where they say they will take you. Internet addresses which appear in  at the bottom of your browser when you hover over a link may be faked. Web sites can be faked, including the address in the address bar of your browser. If you have any doubt about an email, for example from your bank, type the address into the address bar yourself or use the address from your favourites/bookmarks.

- Never enter bank details, passwords or any other confidential information after following a link from an email. You may be at a faked site (see above.)

- Don't click on links in untrusted emails. Even clicking on a link carries a risk: a malicious program may be downloaded to your computer. 

Can you sniff out fraud? PC Magazine
Top ten tips for finding a phish MailFrontier
Stop email fraud before it stops you Mail Frontier
Anti-Phishing Working Group antiphishing.org

Security in Outlook Express (Tools > Options)

Outlook Express options screen.

Back to top | Next page

Valid HTML 4.01!

Hosted by www.Geocities.ws

1