If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
email in HTML format
In the ms.public.windowsxp.help_and_support NG, a reply to a query
mentioned that just opening an HTML-formatted email that contains malicious software can be enough to infect a computer. How can I tell if an email is formatted in this way when it arrives in my Inbox, please? Is it obvious? Thanks Kate |
#2
|
|||
|
|||
email in HTML format
I don't agree with that 100% It is attachments and links that are the
culprits 99.99% of the time. Tools | Options | Read. Check: Read messages in plain text and you won't see any HTML. Tools | Options | Security. "Block images........." stops SpyBots in spam when reading in HTML. (Not a virus). With all that said, if you have a decent up-to-date AV program, your risk is minimal. This is a good program to keep and run once a week or so. It checks for any Malware you may have picked up, usually from a Website. Malwarebytes Anti-Malware 1.40 http://www.download.com/Malwarebytes...-10804572.html -- Bruce Hagen MS-MVP [Mail] Imperial Beach, CA "Kate" wrote in message ... In the ms.public.windowsxp.help_and_support NG, a reply to a query mentioned that just opening an HTML-formatted email that contains malicious software can be enough to infect a computer. How can I tell if an email is formatted in this way when it arrives in my Inbox, please? Is it obvious? Thanks Kate |
#3
|
|||
|
|||
email in HTML format
Thanks for that, Bruce. I already have Malwarebytes installed, plus
AVG Free, and have also blocked images from appearing, so I guess I am pretty-much covered. Still, if I do not recognise the sender of an email, I always `save to desktop` and scan with AVG, just in case, and all emails with attachments get scanned, regardless of who they`re from (I didn`t install AVG`s automatic Email Scanner - too disruptive). But, then, I don`t get a lot of emails, so it`s not a big chore. Incidentally, do you know if can .pdf files be infected? Thanks again Kate "Bruce Hagen" wrote in message ... I don't agree with that 100% It is attachments and links that are the culprits 99.99% of the time. Tools | Options | Read. Check: Read messages in plain text and you won't see any HTML. Tools | Options | Security. "Block images........." stops SpyBots in spam when reading in HTML. (Not a virus). With all that said, if you have a decent up-to-date AV program, your risk is minimal. This is a good program to keep and run once a week or so. It checks for any Malware you may have picked up, usually from a Website. Malwarebytes Anti-Malware 1.40 http://www.download.com/Malwarebytes...-10804572.html -- Bruce Hagen MS-MVP [Mail] Imperial Beach, CA "Kate" wrote in message ... In the ms.public.windowsxp.help_and_support NG, a reply to a query mentioned that just opening an HTML-formatted email that contains malicious software can be enough to infect a computer. How can I tell if an email is formatted in this way when it arrives in my Inbox, please? Is it obvious? Thanks Kate |
#4
|
|||
|
|||
email in HTML format
You seem to have everything under control. AFA pdf files, I suppose it is
possible, but I have not run across it in these newsgroups. -- Bruce Hagen MS-MVP [Mail] Imperial Beach, CA "Kate" wrote in message ... Thanks for that, Bruce. I already have Malwarebytes installed, plus AVG Free, and have also blocked images from appearing, so I guess I am pretty-much covered. Still, if I do not recognise the sender of an email, I always `save to desktop` and scan with AVG, just in case, and all emails with attachments get scanned, regardless of who they`re from (I didn`t install AVG`s automatic Email Scanner - too disruptive). But, then, I don`t get a lot of emails, so it`s not a big chore. Incidentally, do you know if can .pdf files be infected? Thanks again Kate "Bruce Hagen" wrote in message ... I don't agree with that 100% It is attachments and links that are the culprits 99.99% of the time. Tools | Options | Read. Check: Read messages in plain text and you won't see any HTML. Tools | Options | Security. "Block images........." stops SpyBots in spam when reading in HTML. (Not a virus). With all that said, if you have a decent up-to-date AV program, your risk is minimal. This is a good program to keep and run once a week or so. It checks for any Malware you may have picked up, usually from a Website. Malwarebytes Anti-Malware 1.40 http://www.download.com/Malwarebytes...-10804572.html -- Bruce Hagen MS-MVP [Mail] Imperial Beach, CA "Kate" wrote in message ... In the ms.public.windowsxp.help_and_support NG, a reply to a query mentioned that just opening an HTML-formatted email that contains malicious software can be enough to infect a computer. How can I tell if an email is formatted in this way when it arrives in my Inbox, please? Is it obvious? Thanks Kate |
#5
|
|||
|
|||
email in HTML format
Make sure that OE is set to run in the Restricted Zone, which is the
default. This is set at Tools, Options, Security. The restricted zone disables the potentially dangerous parts of HTML (Scripting and ActiveX). -- Mike - http://TechHelp.Santovec.us "Bruce Hagen" wrote in message ... I don't agree with that 100% It is attachments and links that are the culprits 99.99% of the time. Tools | Options | Read. Check: Read messages in plain text and you won't see any HTML. Tools | Options | Security. "Block images........." stops SpyBots in spam when reading in HTML. (Not a virus). With all that said, if you have a decent up-to-date AV program, your risk is minimal. This is a good program to keep and run once a week or so. It checks for any Malware you may have picked up, usually from a Website. Malwarebytes Anti-Malware 1.40 http://www.download.com/Malwarebytes...-10804572.html -- Bruce Hagen MS-MVP [Mail] Imperial Beach, CA "Kate" wrote in message ... In the ms.public.windowsxp.help_and_support NG, a reply to a query mentioned that just opening an HTML-formatted email that contains malicious software can be enough to infect a computer. How can I tell if an email is formatted in this way when it arrives in my Inbox, please? Is it obvious? Thanks Kate |
#6
|
|||
|
|||
email in HTML format
Kate wrote:
In the ms.public.windowsxp.help_and_support NG, a reply to a query mentioned that just opening an HTML-formatted email that contains malicious software can be enough to infect a computer. How can I tell if an email is formatted in this way when it arrives in my Inbox, please? Is it obvious? Thanks Kate There are lots of users that keep spewing out "info" that is outdated by many years. Development for OE stopped way back in 2002 (with one change in SP-2 Windows XP). The "info" this boob recited is older than that (I saw their reply and rolled my eyes). If you render HTML-formatted e-mails under the Restricted Sites security zone (the default) and if the Restricted Sites security zone is at its default settings (or higher) than nasties, like scripts, inside of HTML-formatted e-mails cannot run. That does not address the possibly of web beacons that can be used to track that an e-mail got opened, the IP address that opened it, when it got opened, how many times it was opened, etc. OE, by default, will block external links, like to image or sound files that can be used as web beacons. Under the default setup of OE (render HTML under Restricted Security zone and block external content), the remaining danger is what *YOU* do with the e-mail. Clicking on links in HTML e-mails (which may go to somewhere else than they show) or extracting attachments are actions you commit and you are responsible for. No e-mail client can overcome the users commitment to ignorantly or deliberately hurt themself. In OE, hover the mouse pointer over a URL link and check the status bar to see where that link really goes. Don't accept e-mails or extract files from them them when sent by an unknown sender (or anyone if you don't need that file and/or weren't expecting it, and even then you should be scanning it and perhaps even testing it, if an executable, inside a virtual machine). There have been exploits in image file formats to proliferate malware but that is not the fault of the e-mail client. The image rendering is performed by image libraries back in the OS. Those have happened, got closed, but could possibly happen again. You could configure OE to always read your e-mails in plain-text mode if you are paranoid. Fact is, most e-mails have no reason for using HTML format as their content is just text. Those that splatter graphics all over inside their e-mails are using distraction to hide that they haven't much content. Like greeting cards with pictures, borders, glitter, and other garbage, they have very little to actually say. |
#7
|
|||
|
|||
email in HTML format
Food for thought, there, Vanguard.
We have a friend who regularly forwards emails to us which he has been sent, and which originated from who-knows-where, and they often contain links to animations, slideshows and such like, and/or are plastered with "pictures, borders, glitter, and other garbage", as you put it. His emails always have the AVG message that it contains no viruses, but that assurance doesn`t extend to any external links, does it? So, I can either (a) ask him not to send any more, which may offend him; (b) select the `read emails in plain text` option and then not be able to see what he has sent sometimes; or (c) continue to keep to the Restricted Sites zone/block external content and hope for the best! Kate "VanguardLH" wrote in message ... Kate wrote: In the ms.public.windowsxp.help_and_support NG, a reply to a query mentioned that just opening an HTML-formatted email that contains malicious software can be enough to infect a computer. How can I tell if an email is formatted in this way when it arrives in my Inbox, please? Is it obvious? Thanks Kate There are lots of users that keep spewing out "info" that is outdated by many years. Development for OE stopped way back in 2002 (with one change in SP-2 Windows XP). The "info" this boob recited is older than that (I saw their reply and rolled my eyes). If you render HTML-formatted e-mails under the Restricted Sites security zone (the default) and if the Restricted Sites security zone is at its default settings (or higher) than nasties, like scripts, inside of HTML-formatted e-mails cannot run. That does not address the possibly of web beacons that can be used to track that an e-mail got opened, the IP address that opened it, when it got opened, how many times it was opened, etc. OE, by default, will block external links, like to image or sound files that can be used as web beacons. Under the default setup of OE (render HTML under Restricted Security zone and block external content), the remaining danger is what *YOU* do with the e-mail. Clicking on links in HTML e-mails (which may go to somewhere else than they show) or extracting attachments are actions you commit and you are responsible for. No e-mail client can overcome the users commitment to ignorantly or deliberately hurt themself. In OE, hover the mouse pointer over a URL link and check the status bar to see where that link really goes. Don't accept e-mails or extract files from them them when sent by an unknown sender (or anyone if you don't need that file and/or weren't expecting it, and even then you should be scanning it and perhaps even testing it, if an executable, inside a virtual machine). There have been exploits in image file formats to proliferate malware but that is not the fault of the e-mail client. The image rendering is performed by image libraries back in the OS. Those have happened, got closed, but could possibly happen again. You could configure OE to always read your e-mails in plain-text mode if you are paranoid. Fact is, most e-mails have no reason for using HTML format as their content is just text. Those that splatter graphics all over inside their e-mails are using distraction to hide that they haven't much content. Like greeting cards with pictures, borders, glitter, and other garbage, they have very little to actually say. |
#8
|
|||
|
|||
email in HTML format
Kate wrote:
We have a friend who regularly forwards emails to us which he has been sent, and which originated from who-knows-where, and they often contain links to animations, slideshows and such like, and/or are plastered with "pictures, borders, glitter, and other garbage", as you put it. Users of Incredimail are like this. They bloat their e-mail to 3 times, or more, its size with garbage strewn within their message of little content. They're interested in glitz rather than content. His emails always have the AVG message that it contains no viruses, but that assurance doesn`t extend to any external links, does it? That "assurance" doesn't even extend to the e-mail itself (for any attachments in it). Think about it. Any spammer or malcontent can append text to their e-mails claiming they are clean. You're going to trust someone else's claim that their e-mail is uninfected? Not only is the anti-virus signature worthless, it makes the sender look really stupid. There are some boneheads here in Usenet that think appending some AV sig to their post means anyone is going to give a gnat's fart about it. So, I can either (a) ask him not to send any more, which may offend him; Anyone that puts you on their mailing list, like for jokes, birthdays, etc, and who won't remove you from that list is NOT your friend. If you ask and they refuse, tell them they are blacklisted and then add them to your blacklist. I someone keeps hitting your hand with a hammer and you ask them to stop but they don't, you're not going to pull your hand away? (b) select the `read emails in plain text` option and then not be able to see what he has sent sometimes; Whatever he *said* (text) will still be visible. All the glitz will be gone. or (c) continue to keep to the Restricted Sites zone/block external content and hope for the best! That's an okay setup, too. Alternatively, you can configure OE to always read e-mails in plain-text mode but when you decide that you want to see someone's e-mail in HTML mode then just use the View - Message in HTML menu or just hit Alt+Ctrl+H to switch to HTML view mode (for just that message). |
#9
|
|||
|
|||
email in HTML format
"Kate" ???????/???????? ? ???????? ?????????: ... In the ms.public.windowsxp.help_and_support NG, a reply to a query mentioned that just opening an HTML-formatted email that contains malicious software can be enough to infect a computer. How can I tell if an email is formatted in this way when it arrives in my Inbox, please? Is it obvious? Thanks Kate HI! May name is Sveta, e-mail in HTML __________ Information from ESET Smart Security, version of virus signature database 4678 (20091211) __________ The message was checked by ESET Smart Security. http://www.esetnod32.ru __________ Information from ESET Smart Security, version of virus signature database 4678 (20091211) __________ The message was checked by ESET Smart Security. http://www.esetnod32.ru |
#10
|
|||
|
|||
email in HTML format
Uzytkownik "Kate" napisal w wiadomosci ... In the ms.public.windowsxp.help_and_support NG, a reply to a query mentioned that just opening an HTML-formatted email that contains malicious software can be enough to infect a computer. How can I tell if an email is formatted in this way when it arrives in my Inbox, please? Is it obvious? Thanks Kate CO JEST?? |
Thread Tools | |
Display Modes | |
|
|