General discussion

Locked

Empty Email

By bob@ace ·
Recently I have been receiving email with no subject line and nothing in the body nor any attachments.
I have passed these off as poorly assembled spam mail.
Now I have received several of these with my own email address as the sender.
Anybody have a clue as to what this is?

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Spam

by BFilmFan In reply to Empty Email

Phishing for valid email addresses. Just delete it and move forward smartly!

Collapse -

that's not all

by apotheon In reply to Spam

You might be getting hit with XSS attacks, JPEG exploits, and similar attempts to compromise your system. Many such attacks use an embedded image with HTML-configured dimensions of zero pixels by zero pixels, so that the image loads into RAM on your computer (thus either triggering local software effects you don't want happening or alerting a remote server to the IP address of the computer requesting the image for some other type of attack) without being visible to you.

You should have your email client set so that it doesn't display remotely served images, so that no images at all are displayed without your express permission, so that email isn't opened unless you actually open the message (rather than just selecting it in your list of email messages: in other words, turn off the preview pane), and so that either no HTML is rendered in emails or only "simplified" email is rendered. You should also be using a non-MS email client so that email macro viruses don't work, IE-integration doesn't compromise your system's security, and the scads of known exploits won't apply to you. Also, some of the above-mentioned security measures aren't really available on MS email clients.

So. Be smart. Be safe. Protect against malicious emails.

Collapse -

Thanks!

by bob@ace In reply to that's not all

I have now set Netscape to not accept remote images in email and news groups.

As you will note I use Netscape not outlook express or outlook or Internet explorer.

It was through a similar exploit through outlook express that launched nimda on our network several years ago. I still haven't got Office Binders to work properly since then - although I've been able to work around the problem - I can't open a word document in the binder unless I try it first, then open an excel document then go back to the word document at which point it will open.

It always seems so strange to use IE to download patches to fix it!

Thanks again.

Collapse -

quite welcome

by apotheon In reply to Thanks!

I'm glad I could help.

Collapse -

The phishing attacks I've even seen on my PC

by AcesKaraoke In reply to quite welcome

I had one recently, at least I'm hoping it was one. Caught an e-mail in my junk box from supposedly "msn network or services" I forget which, about some discrepancy in my account.

I decided not to open it mainly because it landed in junk mail, but still I can imagine how people who are a little less informed or paranoid can be tricked easily enough into answering a bogus email and redirecting to a malicious website.

I'm just concerned at how effective we'll be aagainst these phishers as they really perfect their spoofing and social engineering efforts.

Collapse -

Washing your Mail !

by hslevi In reply to The phishing attacks I've ...

These attacks can be very annoying and all of the information presented is excellent. I use Eudora for my eMail and do not preview at all. In addition I prefiew all my eMail with MailWasher Pro, have done so since beta testing it. It gives me superb reporting functions on eMail received. In addition to all of that and Symantec and a hardware firewall, I do not get hit all that often. If you are operating your own larger server farm, you may want to look into the Bright-Mail solution. If you use and ISP for company eMail, see if they use Bright-Mail as well. When in doubt do nothing, and make certain no one in house uses Outlook or Outlook Express. I have not tried the anti-spam feature of Eudora so can offer no help with it. As we used to say in TV - fade to black ! Howard

Collapse -

Also Received Empty Emails

by spowers In reply to Empty Email

For several months I received emails of the type you describe. The sender was always different but with the same structure (number, letter[numbers and/or letters]@xxx.com). For example
sender would be 5P[c21kj]@email.com. Each email changed the numbers, letters and .com address but always empty emails. I contacted Trend Micro several times but got nowhere.
As I was concerned that someone was hacking my computer and stealing passwords, bank data, etc. , I recently upgraded to Trend's Security 2005 software and the emails seem to have stopped. It has been about a month since my last empty email.

Collapse -

Fishing for good addresses...

by docbob In reply to Empty Email

Similar to what someone else has said, it could be fishing for an address. Lets say you have an email address of abc@xyz.com. By putting an 1 x 1 image in the document, naming it abc_at_xyz_com.jpg, when the image is requested at the server it has just verified that you have a good address. Since you have said you use netscape and shut off images it looks like you would be ok. If you use latest Outlook, it is possible to not have the images load unless it is from a trusted source. Either way, don't load images and they will not verify address.

Someone else mentioned upgrading anti-virus software and they stoped. I think that may have been a coincidence. I have not gotten one for a l long time but this morning saw one so it looks like they are out phising again.

The Doc

Back to Malware Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums