[TAG] The Pearl inside the SPAM?
Jason Creighton
androflux at softhome.net
Fri Feb 4 21:49:20 MSK 2005
On Sun, 30 Jan 2005 15:11:00 -0500,
Adam Engel <bartleby.samsa at verizon.net> wrote:
>
> Hey Answer Gang,
>
>
> If a stranger (or just someone really strange) sends you a URL as part
> of some advertisement, or even as hatemail or whatever (say the link
> is to a page showing the latest stats of an upsurge in the "I hate
> Adam Engel Club" membership), could it be dangerous to click on it?
It all depends upon what you mean by "dangerous". They could have a
unique code in each spam message. Something like:
http://example.com/index?id=1234
...so that, when they get a fetch for that URL, they can mark in their
database, "Okay, not only is this guys email address valid, but he's
actually opened the web page. Let's send him more!". Of course, they
almost certainly wouldn't be so stupid to call the field "id". They
wouldn't even have to use the paramater notation. They could, for
example, encode your email somehow (base64, perhaps) in the URL. Or do
any number of things. It's probably best to assume that any URL in spam
can be traced to your email so they will know to send you more.
> I just received a rare artifact: intriguing SPAM. There's a link I'd
> like to click on, but I'm wondering: can by clicking on this "link in a
> red dress" open my innocent, over-protected laptop to the evils of the
> this virous plagued world of worms and pain?
The question is, how secure is your browser? IE can get taken over all
sorts of ways. You are almost certainly not running IE (X-Mailer is
"Apple Mail (2.619)"), and I haven't had any problems with a non-IE
broswer as far as spyware sneaking in, homepage hijacking, and all the
other fun things they can do with IE.
If you're running Mozilla-based (Or, indeed, a non-Microsoft based.)
browser, you should be fine. I would probably turn off Java, Javascript
and cookies before visiting the site, however.
Jason Creighton
> +-+--------------------------------------------------------------------+-+
> You've asked a question of The Answer Gang, so you've been sent the reply
> directly as a courtesy. The TAG list has also been copied. Please send
> all replies to tag at linuxgazette.net, so that we can help our other
> readers by publishing the exchange in our monthly Web magazine:
> Linux Gazette (http://linuxgazette.net/)
> +-+--------------------------------------------------------------------+-+
More information about the TAG
mailing list