Helping people with computers... one answer at a time.

Just looking at spam may be safe... if you know how to take the proper precautions.

I'm interested in looking at what junk and spam I'm getting without jeopardizing myself. So I download mail in Gmail and Hotmail messages in Outlook Express and read them there. Both are good at weeding out spam and junk. They keep these for 30 days and then delete them. I want to read these at least on the Gmail or Hotmail web pages, just read and not click on anything. Is this dangerous? Might I get a malware or spyware foisted on me without my knowledge?

In this excerpt from Answercast #96 I look at safety precautions to take if you ever want to look at spam emails.

Just looking at spam

In general, as long as you are very careful not to click on anything in those messages; never enable the display of images in those messages; and never reply to any of those messages - what you're describing is usually pretty safe to do.

In fact, you can do it on the web or in your email program. Whichever one is more comfortable for you.

Curious about spam

I tend to do it from time to time when I'm curious about where spam comes from.

In other words, I'll go over to my spam folder, I'll take a look at that the spam that I happen to be curious about. I'll open it; I won't reply to it; I won't enable images; and I won't click on any of the links - but I will "view source."

View email source code

Depending on your email program, there are different ways to do that - but that will let you see the full headers and the HTML underlying the email message and so forth. Those typically are safe things to do.

Simply be very careful not to do anything that would cause anything to happen such as: replies, clicking on links, showing images.

Spam attachments

Now. I didn't say it because it seems pretty obvious - but I'll say it anyway. Don't ever open any attachment that comes with spam.

Just don't. Those are too dangerous. There are ways for people to open them safely but they are not things that I feel in any way comfortable recommending to anybody. Attachments are things that you really need to take some extra steps before you open - so avoid the attachments.

But go ahead and have a look at the body. Just make sure nothing "happens".

(Transcript lightly edited for readability.)

Article C6335 - March 4, 2013 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

6 Comments
Tushar Kalbhor
March 5, 2013 6:38 AM

Hello..
What exactly happens when you click on "display images from XYZ@ABC.COM"?
Do the images load from that particular server?
Or the images are already on your email-providers server (Or your inbox) and they get loaded only when you say so?

Texas Mike
March 5, 2013 10:35 AM

I've heard that even clicking on the email, itself, can often send a single byte back to the sender that verifies they've got a live ip address. I don't know if that's another hyped gotcha like the one about cookies, which caused me to nearly render my browser worthless because I didn't allow ANY cookies.

johnpro
March 5, 2013 4:17 PM

It is fairly safe to open infected emails provided your browser or your email program eg Outlook,Thunderbird is run in a sandbox environment.Do NOT save{recover option} outside the sandbox.
I use sandboxie which is good and free.{ minor 5 second buy nag screen after trial version expires}

Bad emails can also be opened safely with a non writable Linux boot disk that includes Firefox browser for viewing .
Jp

Old Man
March 5, 2013 4:23 PM

Using IE or MSN Explorer (same engine) I can right-click the e-mail and select View Source. Like Leo, I sometimes am curious about a few e-mails. Some actually have excerpts of interesting stories or news articles. Since it is text only, it is fairly safe to read. Of course, if I can't read it at all, I just delete it - then delete it again from the Deleted folder (as I do with all Junk e-mail).

I mostly use this to copy the source code, including headers, to report spoofing or phishing attempts. Just forwarding the e-mail often deletes the headers, while copying the source code retains them.

Mark J
March 5, 2013 11:26 PM

@Tushar
The remote messages are stored on the computer where the sender has linked to in that email. They are not downloaded by your email service provider, and don't get downloaded until your email program or browser downloads them.
How does blocking pictures in an email protect my privacy?
@Texas Mike
This might also be the live address notification you are talking about. If you don't download the pictures, nothing will be sent to the spammer.

GuitarRebel
March 8, 2013 7:45 PM

I find myself sometimes looking at bogus emails, many of which look incredibly like my banking and financial pages, obviously without enabling images or downloading attachments. I look for grammatical errors and anything else that I may deem suspicious.
I marvel at how close to perfect some of these malicious emails have become. It looks like they've been doing their homework on how to deceive even savvy users.
NEVER respond to ANY email that looks like it was sent by a financial institution, no matter how real it may look.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.