Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Outlook 2013 Msg Preview Security


  • Please log in to reply
5 replies to this topic

#1 Justa

Justa

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:04:36 AM

Posted 03 September 2014 - 02:04 PM

I am currently running Windows 8.1, Norton 360 with E-Mail spam filter add in installed, Malwarebytes paid version and Microsoft Office 2013.

 

With these current application am I still at risk for malware by allowing Outlook 2013 to display message previews?  I do receive fraudulent E-Mails attempting to trick me into clicking on a link that use my real daughters name as from and my real name in the to.  It's nasty.  Message preview makes it so much easier to determine if they are fraudulent.  They are getting so darn good at making fake messages look real they are likely to catch me sooner or later.

 

So in a nutshell are the previews still dangerous running my current applications?

 

Thanks



BC AdBot (Login to Remove)

 


#2 x64

x64

  • Members
  • 352 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London UK
  • Local time:10:36 AM

Posted 06 September 2014 - 01:04 AM

This is a question that I was researching myself several months ago.

 

When displaying message previews, Microsoft do take extra precautions to protect against maliciously crafted emails being able to infect systems. Mostly that protection is enough (in that it is safer to preview a message than normally view it). However, over the years there have been a handful of instances where that extra protection has been breached or shown to be inadequate (sorry, I so not have any examples - I'm going from memory of my research several months ago.). I still prefer to work with the reading pane and preview pane both turned off.

 

In the more recent versions of Outlook, you can't even get to view the internet message headers without opening the message first (I generally like to look at the Internet headers to determine the provenance of suspect emails). As you say, some dangerous emails look VERY good these days. One spam attack on my office network this week was so good, that although, as a human, I knew that the email was spam, syntactically the messages were very good, and the only thing I could find wrong with them was in its message headers - the senders IP would not correlate with the purported sender).

 

At home I use a tool called Pocketknife peek ( http://www.xintercept.com/peek/pkpeek.htm ) to inspect suspect email. I use it with Outlook 2007, but the blurb says it has been updated for 2013, and best of all it is free for personal use. I've used this product for several years and find it invaluable for these checks (however you do still need to be on your guard, to decide which messages to inspect with it).

 

x64



#3 Justa

Justa
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:04:36 AM

Posted 08 September 2014 - 07:24 PM

Wow, thank's so much for the very comprehensive answer.  It's already out of control on my machine with tons of not just spam but most definitely the tons of phishing e-mails is very disturbing.  Some of the headers have been done perfectly to fake a variety of things.  If I preview them it's generally fairly easy to determine which ones are fraudulent, but not always.  Lately they have been tailored to things I recently been shopping for.  I run pay for Malwarebytes, SuperAntiSpyware free Norton 360 full scans daily and keep Spywareblaster updated.  Other than tracking cookies picked up only by SuperAntiSpyware nothting else shows up in the scans. I usually run Firefox with script blocking and few tracking cookies have been found.  When I run Chrome tons of tracking cookies commonly get picked up SuperAntiSpyware.  It's all very disturbing as it look like the malware folks are winning the war.

 

I'm going to check out Pocketknife peek and see if it will work for me.  I think I really need new E-Mail accounts for everything but it gets so complex to remember all the legit folks that would need to be updated after 15 years or so of use.

 

Since I started running new machines with Windows 8.1 and Microsoft Office 2013 a year ago I have had the problem.  I gave my daughter my 3 yr old machine running Windows 7 and Microsoft Office 2007 that I ran for 3 yrs and now my daughter adds 1 more year with 0 problems with any form of malware.

 

At any rate thanks again for talking the time to help me out with your knowledge and experience.



#4 Justa

Justa
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:04:36 AM

Posted 08 September 2014 - 08:11 PM

Pocketknife Peek looks good but when I tried to install I got a warning that the publisher is unknown.  This is a red flag and I am apprehensive to install software with unsigned certificates.  Any idea why the executable installer is lacking a digital signature?

 

Thanks


Edited by Justa, 08 September 2014 - 08:12 PM.


#5 x64

x64

  • Members
  • 352 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London UK
  • Local time:10:36 AM

Posted 09 September 2014 - 01:08 AM

I don't have any specific information as to why Pocketknife peek isn't signed, but as the process of signing software has a cost element associated with it, it is probably just that the software is just relatively low volume software from a smallish publisher, whose development process does not stretch to code signing. I can only vouch that I've used it for years and as long as you get the software from the link in my post above, it's fine.

 

Re your comments about "tracking cookies" above. Tracking cookies are not malware, They are just web browser cookies places on your machine by various websites that you have visited, aimed at tracking your browsing habits across the internet. They will not do any harm to your machine, but many people, myself included, consider them a privacy invasion. For sure, feel free to remove them, but don't get too hung up over them.

 

x64


Edited by x64, 09 September 2014 - 01:09 AM.


#6 Justa

Justa
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:04:36 AM

Posted 09 September 2014 - 06:31 AM

I have heard that about cost and low volume being factors in why some software is lacking digital signatures.  Matter of fact I bought lifetime Malwarebytes on a CD that didn't have a digital signature so I downloaded and used the key on the box to get the premium features working.  Having heard that you are aware it doesn't have the signature and you are not concerned I will run the installer.  I wasn't sure whether or not that you were aware that it currently didn't have the signature.  Had a little fear that a hacker may have modified the contents of the installer and replaced the legit one on the site.

 

I used to not be concerned about tracking cookies but I don't like the privacy invasion and I have had fraudulent E-Mails on things I was shopping for on the net like Ray Ban sunglasses recently.  I did searches for them but didn't buy them on the web.  This has happened a few times on other items.  Either my PC is hacked or I have some other security leak.  I had read articles in which the authors noted new security risks on some tracking cookies but I can't remember the mechanism.  It was beyond tracking your habits.  SuperAntiSpyware has picked up cookies not found by Firefox tools, Malwarebytes and CCleaner.

 

I am being conservative right now as my two relatively new HP ENVY laptops have had so many problems over the last year that I not sure I can't exclude malware as the cause.  I can never find the malware but I wonder about my bios as a possible source.  I have wiped the hardrives thoroughly and reloaded all software more than once.  I am now noticing HP ENVY users documenting a lot of software issues.

 

Once again thank you for taking the time to help me out with your PC expertise.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users