You Can Tell Which Emails are Being Tracked.

Uploaded on 2015-03-26 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

trackmail.png

 

You may not have heard of companies like Yesware, Bananatag, and Streak, however they almost certainly know a good deal about you. Specifically, they know when you’ve opened an email sent by one of their clients, where you are, what sort of device you’re on, and whether you’ve clicked a link, all without your awareness or consent.
That sort of email tracking is more common than you might think. A Chrome extension called Ugly Mail shows you who is guilty of doing it to your inbox. Sonny Tulyaganov, Ugly Mail’s creator, says he was inspired to write the “tiny script” when a friend told him about Streak, an email-tracking service whose Chrome extension has upwards of 300,000 users. Tulyaganov was appalled.

The reason it was so easy to create is that the kind of tracking it monitors is itself a simple procedure. Marketers, or anyone who’s inspired to snoop, simply insert a transparent 1×1 image into an email. When that email is opened, the image pings the server it originated from with information like the time, your location, and the device you’re using. It’s a read receipt on steroids that you never signed up for.
Pixel tracking is a long-established practice, and there’s nothing remotely illegal or even particularly discouraged about it; Google even has a support page dedicated to guiding advertisers through the process. That doesn’t make it any less unsettling to see just how closely your inbox activity is being monitored.
Using Ugly Mail is as simple as the service is effective. Once you’ve installed it, the code identifies emails that include tracking pixels from any of the three services mentioned above. Those messages will appear in your inbox with an eye icon next to the subject heading, letting you know that once clicked, it will alert the sender. Tulyaganov also confirmed to WIRED that Ugly Mail also doesn’t store, save, or transmit any data from your Gmail account or computer; everything takes place on the user’s end.
Ugly Mail appears to work as advertised in our test, but it has its limitations. It’s only built for Gmail and is only available for Chrome, although Tulyaganov says that Firefox and Safari versions are in the works. And while it’s effective against Yesware, Bananatag, and Streak, those are just three pixel-tracking providers in a sea of sneaking marketers. 
Pixel tracking isn’t going away any time soon, and Ugly Mail is an imperfect way to prevent it. But it still offers a valuable glimpse at the marketing machinations we’re all exposed to every day, whether we’re aware of them or not.
Wired http://wrd.cm/199ve01

« Drones: The Looming Threat
China Reveals Its Cyberwar Secrets »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Superscript

Superscript

Superscript (formerly Digital Risks) is an insurance broker for small businesses, sole-traders, landlords and high-growth tech firms. Our services include Cyber Liability insurance.

Cyber Fusion Center - Maryville University

Cyber Fusion Center - Maryville University

Maryville University Cyber Fusion Center is a virtual lab for working on real-world cyber security challenges.

CICRA

CICRA

CICRA is Sri Lanka's pioneering cyber security training and consultancy provider.

UNIDIR Cyber Policy Portal

UNIDIR Cyber Policy Portal

The UNIDIR Cyber Policy Portal is an online reference tool that maps the cybersecurity and cybersecurity-related policy landscape.

ETSI

ETSI

ETSI is a European Standards Organization dealing with telecommunications, broadcasting and other electronic communications networks and services including cybersecurity.

World Congress on Industrial Control Systems Security (WCICSS)

World Congress on Industrial Control Systems Security (WCICSS)

The World Congress on Industrial Control Systems Security (WCICSS) is focused on emerging trends in protection of industrial control systems.

Datacentrix

Datacentrix

Datacentrix provides end-to-end cybersecurity services for the operational technology (OT) and IT environments to monitor, assess and defend our customers' information assets.

Coviant Software

Coviant Software

Coviant Software delivers secure managed file transfer (MFT) software that integrates smoothly and easily with business processes.

ExtraHop

ExtraHop

ExtraHop's dynamic cyber defense platform uses cloud-scale AI to help enterprises detect and respond to advanced threats - before they compromise your business.

Willyama Services

Willyama Services

Willyama Services is a certified Information Technology and Cybersecurity professional services business providing services to government and private sector clients.

Cenobe Cyber Security

Cenobe Cyber Security

Cenobe provides customized solutions to keep you ahead of potential threats and ensure the security of your organization's systems and data.

Allstate Identity Protection

Allstate Identity Protection

Allstate make it easy to provide complete identity protection, so everyone can live more confidently online.

Cydea

Cydea

Cydea are an optimistic cyber security consultancy of experts in security, data, technology and design that want to build a safer, more secure world where more things go right.

Mediatech

Mediatech

Mediatech, specialized in managed Cybersecurity and Cloud services, a single point of contact for your company's IT and infrastructure.

TraitWare

TraitWare

The TraitWare mission is to increase user and company security while simplifying access to digital and physical resources through the elimination of the need for usernames and passwords.

Continent 8 Technologies

Continent 8 Technologies

Continent 8 Technologies is the leading provider of managed hosting, connectivity, cloud and cybersecurity solutions to the global online gambling industry.