Email Security

Below we show you a simple way to test your email security and verify that it is safe to use.

All it takes is an e-mail addressed to you that contains a link; once you follow the link, you may have given control of your email account to someone else.

Problems with Email Security

Unless you are preventing your browser from telling sites where you came from, your computer will pass along this private information. This information will show up in the log files of the site you visit and may look like this:
http://e20.email.excite.com/msg_read.php?t=0m=0s=1d=1mid=2ArdSI=
bbf616913386bbb8d7ed57ee63c94eaaArdSI=bbf616913386bbb8d7ed57ee63c94eaa

The malicious website owner can enter this information in their browser and possibly access your account. The information in the link above is a valid example and points to an address I have at excite.com. In this case, excite will inform you that your session expired and you will need to reenter you password. This is an example of a secure mail system.

Unfortunately, many popular web based e-mail systems are not as secure. In either case, you have the right to know if you are at risk!

Email Security Test

Here is a very easy way to test for this vulnerability:

Simply open your web based email account and read any of your messages.

Highlight the URL (this is the address and will look like the one above) and copy or write this information down.

Go to another computer (or email a trusted friend the URL) and open the browser. Paste the copied text into the URL and press enter

You are done. You should NOT be able to see your message and should receive a message asking you to log in or that your session expired.

If you did see your message, then you may be vulnerable. Notify your e-mail service provider and DO NOT click on any e-mail links; instead, copy and paste the link into your browser. Should you find an e-mail system that is not secure, please contact the owner of that system and let them know as soon as possible.