Jump to content

mail-noreply@google.com


c0r
 Share

Recommended Posts

I think there's some email scam goin on..

I recieved an email today from mail-noreply@google.com with a link

to add an other email alias to my gmail account.

So far as i know i didn't ask for this so beware of other mails you recieve!

c

Beware of the little china men!

Link to comment
Share on other sites

The fact that you opened it, means they may have already done what they wanted to do with sending that email. Do you view them through the browser, or port them to some pop email client? I neve ropen gmail in the browser, just for risk that something happens to find a flaw in the webmail and browser itself. If they used tracking images in the email, they may have already gotten what they wanted from the email, a response that someone opened it, and your email address is real, and now the real spam will proceed to flow to your inbox. (Although, gmail is pretty decent with controlling spam)

Link to comment
Share on other sites

Image tracking? You could tell what ip it came form but how would one know which email it was associated with, if it was a one time thing yes, but spammers do massive bulk send outs

True, they can get your IP (just tested it myself with my own gmail account using the same image trick in my hak5 profile), and if your browser sends referrer info with session data, I imagine they can get that as well, but that would depend on your browser and settings.

I often see things in my server logs from people who open emails from forwarded links which contains a referrer that includes a link to their inbox and dependign on the email system, a session key. How they can use that (or if that is even what they use), im not sure, but I'd much rather not open the emails to find out what their methods of extraction are.

If they had a system that generated a random hash in the image url and associated it with an email address, they could have a system that automates the checking, so if hash "xxx" gets viewied, it grabs the associated email and puts it in another database for found emails.

Link to comment
Share on other sites

Interesting concept, would be tricky put possible!

Actually, unless I'm missing something, it could be fairly simple. All it would take, I believe, is some simple PHP (and optionally an SQL database). The tracking itself could run from a lone PHP file with nothing else, because I don't think a hash would even be necessary. (forgive me if I'm wrong and this triggers spam or filters) but people could simply embed an image "example.com/images.php?id=your_email", could they not?

Link to comment
Share on other sites

Actually, unless I'm missing something, it could be fairly simple. All it would take, I believe, is some simple PHP (and optionally an SQL database). The tracking itself could run from a lone PHP file with nothing else, because I don't think a hash would even be necessary. (forgive me if I'm wrong and this triggers spam or filters) but people could simply embed an image "example.com/images.php?id=your_email", could they not?

Exactly my point. if you open an email with an image that pulls from the web, you can get their IP address, and if that image uses php and the url contains somethign relavent to the email, it just confirms their findings, all while being automated on their end, they just sit back and wait for positive replies in their database and harvest what they need.

Link to comment
Share on other sites

how do you encrypt a image with functions to send you back information? (also how do you with a .pdf) or are you talking about hot linking, where someone puts your image on their site and do a [ img ] or < img src =" type thingy and you see in your logs that someone is using alot of your bandwith by hotlinking your images to their site or via email?

Link to comment
Share on other sites

how do you encrypt a image with functions to send you back information? (also how do you with a .pdf) or are you talking about hot linking, where someone puts your image on their site and do a [ img ] or < img src =" type thingy and you see in your logs that someone is using alot of your bandwith by hotlinking your images to their site or via email?

I don't believe there is any way (at least not an easy way) to encrypt functions into an image. I was talking about hot linking (and logs wouldn't even be necessary).

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...