Images in e-mail are nice, but you should always suspect them, particularly if opening the e-mail causes activity on the internet link (though by then it can be too late).
Take this - innocent looking - message:
Good morning.
Sampai jumpa lagi
This is the text you see if using a simple, text-only mail program.
In Outlook Express or other HTML-enabled e-mail program, the text
is different:
Hello, handsome!
Pa payno
There's supposed to be an image in between the two lines.
That's the interesting part. The image is
not included with the message, but is a link to an image which is
fetched on viewing. Here's the hidden code for that:
<IMG src=3d"http://fhfvinleuevnn=2einfo/5xad8e7xee1xc26eebaafc9
df2/DFFGSSENBA0=WEDAdHhkwDas=3d=2ejpg" alt=3d"squabbling"
border=3d0>
A little work has to be done to eliminate the 'escape sequencies',
which start with '='. The link is to a site called
http://fhfvinleuevnn.info
(I mangled the actual site name - it's really located in Brasil.)
Then follow a long sequence of characters, which really identifies
you uniquely as the originator of the request, and confirms your e-mail
as a) existing, and b) belonging to someone with an HTML-enabled e-mail
client. It could be that you even get the image - I doubt it though.
The site didn't even have the website configured.
The strange appearance of the web-site name gives the impression that it is one of these disposable websites, which exist for just a few days and then disappear (very popular in Chinese spam).
Note: This type of trick doesn't really harm your computer. It's just another way of 'harvesting' confirmed e-mail addresses.
12399
| (c) John Coppens ON6JC/LW3HAZ |