Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can you get infected just by opening suspicious email?


  • Please log in to reply
25 replies to this topic

#1 bcmo

bcmo

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 18 July 2016 - 09:11 AM

Some sites claim that just opening a suspicious email cannot in any way harm one's computer, if no links were clicked on or attachments downloaded.

Examples:

 

Whereas others claim to the contrary:

http://zdnet.com/article/virus-alert-you-can-now-get-infected-by-opening-an-e-mail

http://askleo.com/can_i_really_catch_an_email_virus_just_by_looking/

 

So who's correct?


Edited by bcmo, 18 July 2016 - 12:34 PM.


BC AdBot (Login to Remove)

 


#2 ScathEnfys

ScathEnfys

    Bleeping Butterfly


  • Members
  • 1,375 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Deep in the Surface Web
  • Local time:06:59 PM

Posted 18 July 2016 - 10:19 AM

It all depends on how you open the email. Some clients will block scripts embedded in an HTML email, others will not. Personally, I prefer to not open any suspicious email at all, or examine the raw message with a non-rendering text viewing program like notepad for any suspicious code.
Proud system builder, modder, and watercooler.

GitHub | SoundCloud | Keybase

#3 RolandJS

RolandJS

  • Members
  • 4,526 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:05:59 PM

Posted 18 July 2016 - 11:19 AM

Also any activated preview panel opens an email -- for best security, best to leave any preview panel unactivated.


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#4 bcmo

bcmo
  • Topic Starter

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 18 July 2016 - 12:25 PM

It all depends on how you open the email.

With online email sites like Gmail, Outlook, etc.

Can opening a suspicious email there be potentially harmful in any way.


Edited by bcmo, 18 July 2016 - 12:26 PM.


#5 SmokeyJoe76

SmokeyJoe76

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 18 July 2016 - 02:01 PM

With Windows, Can you, absolutely yes,  Will you, depends on a lot of factors.



#6 RolandJS

RolandJS

  • Members
  • 4,526 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:05:59 PM

Posted 18 July 2016 - 05:34 PM

 

It all depends on how you open the email.

With online email sites like Gmail, Outlook, etc.

Can opening a suspicious email there be potentially harmful in any way.

Absolutely, regardless of what opens the email, depending upon what is embedded in the email, especially a web bot[?], inside of an html-rendered email.  Scuttlebutt indicates most viri and malware enter computers because end-users click on something "hot-wired" or "hot-linked" within an email -- URLs are the most common door-openers.


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#7 bcmo

bcmo
  • Topic Starter

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 18 July 2016 - 06:41 PM

Scuttlebutt indicates most viri and malware enter computers because end-users click on something "hot-wired" or "hot-linked" within an email -- URLs are the most common door-openers.

I'm asking only about when nothing's clicked on, just the email's open.


Edited by bcmo, 18 July 2016 - 06:41 PM.


#8 RolandJS

RolandJS

  • Members
  • 4,526 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:05:59 PM

Posted 18 July 2016 - 08:11 PM

 

Scuttlebutt indicates most viri and malware enter computers because end-users click on something "hot-wired" or "hot-linked" within an email -- URLs are the most common door-openers.

I'm asking only about when nothing's clicked on, just the email's open.

A text file rendered email or a Word rendered email probably poses no danger.

With the advent of "web bots" hidden within htmls, I'm not sure if hmtl-rendered emails pose no danger.

Let's see what others here add to this very necessary thread.


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#9 ScathEnfys

ScathEnfys

    Bleeping Butterfly


  • Members
  • 1,375 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Deep in the Surface Web
  • Local time:06:59 PM

Posted 18 July 2016 - 10:49 PM

It all depends on how the HTML is handled. If Javascript, flash, or another embeddable script can be rendered and run, then sure there is a danger. I simply don't know enough about how HTML messages are handled to give a good answer beyond that.


Proud system builder, modder, and watercooler.

GitHub | SoundCloud | Keybase

#10 LASERzzzzzz

LASERzzzzzz

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Europe/Germany
  • Local time:12:59 AM

Posted 19 July 2016 - 07:54 AM

hi

 

I'm running firefox with the add-on uBlock origin: this add-on has also a very good script blocker.

All my plug-Ins (flash, Java, Shockwave) are set to "ask before activate". I'm only using the web-clients

from my mail providers for opening emails (i currently dont't have any mail-clients installed on my pc's:

that means i'm using only Firefox to read my emails ).

 

My question:

my browser protection is (i think) quite good to avoid risks on the web (opening unknown URL's).

So i think this should also protect me when opening unknown emails in my browser/web client ?

A simple unknown eMail should not contain more risks than an unknown web site ?

Just viewing/taking a look the eMail in the web email client should not infect my system......?

 

thanks!

 

LASERzzzzzz...........................live from EUROPE/GERMANY


Edited by LASERzzzzzz, 19 July 2016 - 07:55 AM.

....i dont like CHAOS but CHAOS likes me! ....live from EUROPE/germany !!! ....live from EUROPE/germany !!!


#11 RolandJS

RolandJS

  • Members
  • 4,526 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:05:59 PM

Posted 19 July 2016 - 08:32 AM

Laser, I reread ScathEnFys' earlier reply to my earlier post, and I think he answers your post as well; whatchathink, ScathEnfys?


Edited by RolandJS, 19 July 2016 - 08:45 AM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#12 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:59 AM

Posted 19 July 2016 - 08:33 AM

What use case are you talking about? Webmail or using an email client like Outlook?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#13 ScathEnfys

ScathEnfys

    Bleeping Butterfly


  • Members
  • 1,375 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Deep in the Surface Web
  • Local time:06:59 PM

Posted 19 July 2016 - 08:43 AM

@Didier If you are talking to OP, they are talking about an in-browser webmail access.

 

 

@LASERzzzzzz I'm going to reference my earlier post (#9)

 

It all depends on how its handled

Regardless of how it's all handled, your setup should protect you from flash scripts as long as you don't click on them. I would not trust uBlock, or even my anti-scripting extension of choice, NoScript, to block embedded javascript if the webmail site allows it to run, as the script will appear to be coming from the site of the webmail provider.


Edited by ScathEnfys, 19 July 2016 - 08:44 AM.

Proud system builder, modder, and watercooler.

GitHub | SoundCloud | Keybase

#14 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:59 AM

Posted 19 July 2016 - 09:15 AM

@Didier If you are talking to OP, they are talking about an in-browser webmail access.

 

 

@LASERzzzzzz I'm going to reference my earlier post (#9)

 

It all depends on how its handled

Regardless of how it's all handled, your setup should protect you from flash scripts as long as you don't click on them. I would not trust uBlock, or even my anti-scripting extension of choice, NoScript, to block embedded javascript if the webmail site allows it to run, as the script will appear to be coming from the site of the webmail provider.

 

Yes, I was talking to the OP.

This question too: what browser are you using?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#15 bcmo

bcmo
  • Topic Starter

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 19 July 2016 - 12:35 PM

what browser are you using?

Depends which computer. But the browsers are: Chrome, Firefox, and SlimJet.






3 user(s) are reading this topic

0 members, 3 guests, 0 anonymous users