The idea we should always block images sent remotely in emails does raise eyebrows. The company logo in an email is usually a gif, so if we get a legitimate email from Amazon or even Wattpad, is blocking their logos going to deprive us of vital information?
Here's a legitimate Wattpad email message, (admittedly with a typo), with its remote images blocked (in pink):
Oops! This image does not follow our content guidelines. To continue publishing, please remove it or upload a different image.
Is the message still clear? Of course it is. Most legitimate emails only really need text to communicate their message anyway – images only add an aesthetic. Some ad companies or online retail firms will feature a picture of a product they're trying to sell us by email with a link to their website so we can buy it. But if we really want to examine the picture of a Nikon camera we're not going to do it in a sh*tty email jpeg, we're going to look more closely on the site itself, which will probably have a zoom facility and a detailed spec.
BTW, the Wattpad orange reply button in the above graphic is what's known as a 'hotlink', which is supposed to take us to the exact page the email is quoting. It's advisable to not click these either as hotlinks are a favourite scammer/hacker tactic to send the user to a fake site. To check it's a legit link we could right-click it (ctrl-click for Mac) and check the address but hotlinks are probably best left alone.
When we receive unsolicited emails, even from famous companies, they could contain a tracker. Firms like Mailchimp, BT and some marketing companies put a small beacon in their emails in the form of a tiny gif, a pixel square in size. The main reason they do this is to see if we opened their email. If we blocked read receipts that tell an email seller if their email has been opened – as I advised in Chapter 4 – this is a sneaky way to double-check that.
If we have a rubbish webmail service, scammers can find out much more about us when we allow a remote image or worse, click on it.
When we see an image in our email, we've downloaded it from a remote server. If we then click on the image for some reason, it sends a request to the email sender's server to load the image into our browser, or will take us to a page on a website. The bad webmail platforms will send back more info about us too, including:
· Our IP address
· Our country and general location (from IP address)
· Which email client we use (and versions)
· Which browser we use (and versions)
· Our Internet Service Provider
· The name of our employer if we're at work
So is this of any use to a hacker or scammer? Yep, there's money there especially if they've compromised or hacked the email sender's server or have discovered some browser vulnerabilities.
The above could encourage a fake email campaign for everyone who clicked a certain email image. We'd receive an email containing an exploit claiming to be from:
· Any multinational, ad firm website in our country
· Outlook or Thunderbird
· Microsoft, Mozilla or Google
· Our ISP
· A boss of our company
The better webmail services allow us to block remote images and tracker blockers like Ghostery or Disconnect will restrict those snoopers too. We can block remote images in mail clients like Outlook or Thunderbird in the 'messages options' section, but remember, when images are sent by scammers and spammers pretending to be legitimate companies, they may contain worms or viruses that could infect our browser and even conceal remote logins or hi-jack exploits.
