![]() This is why Outlook has the "do you want to load pictures" messages at the top of e-mails. That invisible pixel if loaded is enough to infect you. You do not need to actually visit/browse that other site, merely the act of loading that image can trigger the malware install. ![]() Pictures in the e-mail can be included as part of the e-mail itself, or they could be a link to a picture on external web server. This is the one I'm scared of and will post a separate thread about (as it's a long story and I may be the victim of fraud).Į-mails these days are generally delivered in the html format, the same format as web pages. It's also happened in non-email settings. Someone I knew sent me a document and I never DL'd it.just clicked to view.That was in my Gmail. ![]() That example comes to mind for things I've done a lot. That clicking on it "opens it up" (if one can use that phrasing - again, I'm not a tech person here, so apologies for wording) and I can then view it without having downloaded the file. In email, if I get an attachment from a trusted source, I click on it. It's very hard to know which way around it's actually being done though, all depends how it's programmed. What is opening the document to preview it? If it's infected and it's being opened on your PC to preview it then yes your still susceptible, if it's opening remotely on a web server and that web server is just sending you a web page after it opens the document for you as it's end then your fine. I'm not tech literate, so forgive the crude, potentially non-technical terms, but suppose you come across an file (say, a letter).be it in email or elsewhere.and you can see it through a "reader." Would you be exposed to malware just by "reading" it that way w/o actually downloading it? Do you know what I'm talking about? This is pretty common.I've done it many times. on a webpage?."Point" someone to it? Like, how? Tell them to go to that webpage?Īs for downloads, what if you don't download the PDF file, but get like a preview/view of its contents? This isn't in email, but I'm thinking of some other context where sometimes you can view a document (even in its entirety) without downloading it. That's an interesting email breakdown!īy the way, I'm not 100% sure I understand what a stegosploit is.In the quote it says he can just upload it "anywhere" and then point someone to it. Just to scare you a little bit more, look for stegosploit: The 'bad stuff' is done with this external program. And that is when the problems can happen. But if you click on them the email client will send the data to the appropriate program (a PDF reader, for example) that will open them automatically. The attachments are also harmless from the email client's point of view (just binary data, presented as text). But it can be worst (see stegosploit below). By clicking on them, the worst that can happen is most likely that they will know you clicked on them (by inserting a unique ID identifying your email in the query). The links will be clickable, but you are on your own if you click on them (It is the same thing as if you copied the linked address and pasted it into your browser). The email client will use the HTML for formatting but won't download anything from given sources (for example, images). The HTML version, if present, is also harmless IF you do not allow remote content to be fetched. The text version of the email is also harmless, as any email client takes it as pure text.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |