How can I safely open a suspicious email?

security email gmail malware webmail
87,951

Solution 1

If you open the email in a web client (ie, online at gmail.com or mail.yahoo.com, etc), you're generally very unlikely to experience any problems. If this email contained a script virus (very rare nowadays) it would generally require being opened in an email client locally installed on the computer in order to gain sufficient access to actually infect your computer.

Viruses, because of the popularity of web clients for email, have pretty much stopped sending themselves as emails in the last few years.

Spam is still a problem, and many viruses create spambots and enslave their infected computers as spam relays. But you're not going to catch a virus from the average spam message.

If you are using a local email client, don't open suspicious emails unless you've got the email client running inside a virtualized system that you can scrub easily with a reset.

Solution 2

If you want to be really safe, you can install a virtual machine and an operating system on it so that you can open the files there, this way it doesn't affect your OS if something goes wrong.

Solution 3

My suggestion is to download Sandboxie.

Run your email client and attachments inside the Sandbox.

Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.

The red arrows indicate changes flowing from a running program into your computer. The box labeled Hard disk (no sandbox) shows changes by a program running normally. The box labeled Hard disk (with sandbox) shows changes by a program running under Sandboxie. The animation illustrates that Sandboxie is able to intercept the changes and isolate them within a sandbox, depicted as a yellow rectangle. It also illustrates that grouping the changes together makes it easy to delete all of them at once.

enter image description here

Solution 4

Another option (which might not be possible with all e-mail clients) is to open the e-mail as plain text. This might be an option like "View source" for example.

This may give you something that's hard for a human to read as the message is buried in HTML coding, but there's no chance that any scripts will be run or files downloaded/opened from remote websites.

Solution 5

Use a livecd - check the mail there, and if anything gets through, you can either upload it somewhere for checking, or simply switch off the system.

You could even try opening the attachments in this case, just for amusement's sake.

Share:
87,951

Related videos on Youtube

Michael McGowan
Author by

Michael McGowan

Updated on September 18, 2022

Comments

  • Michael McGowan
    Michael McGowan almost 2 years

    Suppose I receive an email that I highly suspect is some form of spam but I'm not 100% sure. Suppose also that I'm using form of webmail (like Gmail) with good spam filters, but this message made it through safely.

    Obviously I should not open any attachments, but is this email otherwise safe to open? If not, is there a simple way to safely open it?

  • Michael McGowan
    Michael McGowan almost 13 years
    I'm specifically interested in webmail and not desktop email clients; is your answer still relevant in that case?
  • Joe Internet
    Joe Internet almost 13 years
    Just run the browser inside the sandbox...
  • Tamara Wijsman
    Tamara Wijsman almost 13 years
    It's kind of a work-around to install a VM and an OS just to check if a mail is suspicious. On the other hand, this most likely is the safest way of the ones listed here, +1.
  • Ravindra Bawane
    Ravindra Bawane almost 13 years
    The odds of getting a virus by opening an email in a webmail site is very, very low, evern without a sandboxed browser. That being said, I believe Chrome already runs everything inside a sandbox, and IE9 may have a similar function as well.
  • Tamara Wijsman
    Tamara Wijsman almost 13 years
    This comment thread has been moved to a chat discussion. Mehrdad, please join...
  • kreemoweet
    kreemoweet over 9 years
    No one was asking about clicking links in an email.
  • Kellen Stuart
    Kellen Stuart almost 6 years
    Yes, but overkill

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Security difference between webmail access and desktop email client?
does Gmail or any other popular webmail service scrub javascript from html emails? if not, any reason why?
Why does Google call Thunderbird "less secure"?
Should our company allow employees to forward their Exchange email to GMail?
How to send a batch file by email
Your connection is not private - Attackers might be trying to steal your information
Flutter receive emails
css - problems with negative margin in mail template
Swiftmailer config : send mail using gmail
Sending Email to Gmail's SMTP server using TLS and Plain Authentication