14
2
Suppose I receive an email that I highly suspect is some form of spam but I'm not 100% sure. Suppose also that I'm using form of webmail (like Gmail) with good spam filters, but this message made it through safely.
Obviously I should not open any attachments, but is this email otherwise safe to open? If not, is there a simple way to safely open it?
Michael McGowan
Posted 2011-08-24T01:47:07.320
Reputation: 647
16
If you open the email in a web client (ie, online at gmail.com or mail.yahoo.com, etc), you're generally very unlikely to experience any problems. If this email contained a script virus (very rare nowadays) it would generally require being opened in an email client locally installed on the computer in order to gain sufficient access to actually infect your computer.
Viruses, because of the popularity of web clients for email, have pretty much stopped sending themselves as emails in the last few years.
Spam is still a problem, and many viruses create spambots and enslave their infected computers as spam relays. But you're not going to catch a virus from the average spam message.
If you are using a local email client, don't open suspicious emails unless you've got the email client running inside a virtualized system that you can scrub easily with a reset.
music2myear
Posted 2011-08-24T01:47:07.320
Reputation: 34 957
9
If you want to be really safe, you can install a virtual machine and an operating system on it so that you can open the files there, this way it doesn't affect your OS if something goes wrong.
user541686
Posted 2011-08-24T01:47:07.320
Reputation: 21 330
6
My suggestion is to download Sandboxie.
Run your email client and attachments inside the Sandbox.
Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.
The red arrows indicate changes flowing from a running program into your computer. The box labeled Hard disk (no sandbox) shows changes by a program running normally. The box labeled Hard disk (with sandbox) shows changes by a program running under Sandboxie. The animation illustrates that Sandboxie is able to intercept the changes and isolate them within a sandbox, depicted as a yellow rectangle. It also illustrates that grouping the changes together makes it easy to delete all of them at once.
surfasb
Posted 2011-08-24T01:47:07.320
Reputation: 21 453
1I'm specifically interested in webmail and not desktop email clients; is your answer still relevant in that case? – Michael McGowan – 2011-08-24T13:58:39.620
1Just run the browser inside the sandbox... – Joe Internet – 2011-08-24T14:26:06.667
The odds of getting a virus by opening an email in a webmail site is very, very low, evern without a sandboxed browser. That being said, I believe Chrome already runs everything inside a sandbox, and IE9 may have a similar function as well. – music2myear – 2011-08-24T20:54:58.497
4
Another option (which might not be possible with all e-mail clients) is to open the e-mail as plain text. This might be an option like "View source" for example.
This may give you something that's hard for a human to read as the message is buried in HTML coding, but there's no chance that any scripts will be run or files downloaded/opened from remote websites.
ChrisF
Posted 2011-08-24T01:47:07.320
Reputation: 39 650
3
Use a livecd - check the mail there, and if anything gets through, you can either upload it somewhere for checking, or simply switch off the system.
You could even try opening the attachments in this case, just for amusement's sake.
Journeyman Geek
Posted 2011-08-24T01:47:07.320
Reputation: 119 122
3
Gmail blocks images from unknown senders by default. We also scan for viruses and other suspicious content. If you're concerned about a suspicious message, don't display the images when you open it or download any attachments. You can also report the message to Gmail either for spam or for phishing.
Sarah Price
Posted 2011-08-24T01:47:07.320
Reputation: 131
0
Even if you have taken measures to not having your computer infected, there's a high possibility that you will confirm your email address by clicking on the link, regardless of where or how you open it (the link contains a specific code connnected to your address). This will cause them to specifically target your email address in the future.
bjorn
Posted 2011-08-24T01:47:07.320
Reputation: 11
No one was asking about clicking links in an email. – kreemoweet – 2015-01-22T18:24:20.893
0
For quick suspicious emails I usually open it on a unix/linux OS or my iPhone
Exunis
Posted 2011-08-24T01:47:07.320
Reputation: 21
-1
I work in IT and have a chromebook solely for this purpose. when other people have a suspicious email they want me to check, I have them check the message and attachment on the chromebook, and usually their instincts are right. The chrome book runs every tab in a sand box. The moment any page makes any attempt to leave the sand box it wipes the sandbox. Other users suggestions of Virtual machines and sandboxie are also good. Also if you have an old computer around you know longer use nows your chance to dust it off.
All that said it is worth noting that 99.9% of the time if you think its spam you're right.
dobiemiester
Posted 2011-08-24T01:47:07.320
Reputation: 1
Yes, but overkill – Kolob Canyon – 2018-09-11T05:53:14.527
It's kind of a work-around to install a VM and an OS just to check if a mail is suspicious. On the other hand, this most likely is the safest way of the ones listed here, +1. – Tamara Wijsman – 2011-08-24T20:37:37.683
This comment thread has been moved to a chat discussion. Mehrdad, please join... – Tamara Wijsman – 2011-08-24T21:11:27.263