Other issues in this category (26)
Tuesday, July 11, 2017
We all know how dangerous it can be to open attachments in dubious messages. But can an image in a message do any harm?
This red cross is what’s known as a one-pixel image. It can come in handy in many situations.
One-pixel images can also be used as default images. If a required image can't be found for some reason, in certain cases it may be better to display a single transparent pixel than a 404-not-found message. You’re never going to see the image you were supposed to see, but it’s more professional not to highlight that fact by putting up a broken image icon.
However, pixel-sized images, also called tracking pixels, may serve as web beacons. In the simplest scenario, downloading an image will enable fraudsters (or marketers who track how effective their mailings are) to learn when the message was opened as well as the IP address and the name of the host that requested the image.
And this is a piece of valuable information for spammers because it enables them to determine whether a certain email address is being used or not. But tracking pixels can do even more. They can be used to determine the target OS, and acquire cookie files and information about the recipient's mail client.
Pixel-sized elements can also be hidden. Indeed, such images really can be just one pixel in size; they can be transparent or be in the background colour so users never notice them. You’re being analysed and have no clue about it!
Tracking pixels are often found in website code. And some of their features appear to be truly unique.
Let's assume that site A displays a certain image (perhaps it’s one pixel in size and transparent) from site X which collects user data. Then if a user goes to site B, which also features the same image from site X, the browser won't download the image but will instead use the copy saved in its cache. Thus site X learns that the user previously visited site A. That's why disabling caching can help maintain web anonymity.
There is also always the risk of attackers compromising a site to replace an image on its home page just for the sake of replacing it with a script.
The Anti-virus Times recommends
- If you don't need to view the images in a message body, configure your mail client so that images are not opened by default. Unfortunately, many free email services are set to display images—indeed, everyone is interested in user data.
- Use Dr.Web Security Space which can detect malicious scripts.