Need ideas for a test - Someone is reading my emails??

Posted on 2005-03-14
Medium Priority
Last Modified: 2013-12-04
Well, not my emails, my friends emails at their place of work.

The company are shady at the best of times but they have let a few things slip that could only mean they are monitoring their employees emails (work AND personal)

I am looking for ideas on how to test this, maybe a tracking image in the email? But not sure how to go about it?

Any other ideas welcome
Question by:gump2k

Expert Comment

ID: 13543193
Well in my country this is illegal, however you can do multiple things;

Sending e-mail with password protected ZIP files with message in it,
password protected Word Document with your message, etc, etc.

Good luck

Author Comment

ID: 13543203
It was not a solution to getting emails through unread that I had in mind, my intention is to catch them at it and then take things further. So I need a way of knowing that someone has read an email other then the intended recipient.

Accepted Solution

DaGo21 earned 172 total points
ID: 13543391
I am afraight that is not possible - you could check the headers if something is in there, however I do expect it's simply cached somewhere, you get the e-mail and a copy is stored somewhere else.

I know the older spam filters where admins could put them in a container, manually review them and then send them through. I never could work out it is was a manual job or only the server.  Only sometimes an e-mail took 2 days to get delivered, but reading your post that's not the case.
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 164 total points
ID: 13545126
If they have a company policy, as most do, that states that all email, and other electronic communication or other data is the property of the company. This is typical policy and the only thing you can do about it is not conduct personal email through their work email. It's not their pc, it's not their email, it's not their instant message, it's thier companies. They should get a hotmail or gmail account to do personal emailing.

If they are monitoring personal email, which is possible, with keyloggers, or a proxy server, the only way to combat this... and it's not really going to combat a key-logger, is to use a pc at home. Connect to their pc at home over RemoteDesktop, or vnc. Again this doesn't stop keyloggers.
LVL 24

Expert Comment

ID: 13548034
First try to come up with a reasonable list of possible suspects. Good idea for meeting at the local pub.

Look at candidates, and find out what they have in common, and what their differences are.  What are the interests, what do they like to talk about?   This is intended to indentify what to place in future emails.  Get them an interesting topic, include details no one else knows, and then wait for the news from the water cooler.

Try Cookoo's Egg, one of the ways that was done.

You have a solid beginning somewhere, for example, you know someone is doing this. How do you know? Exploit that knowledge.    Buy another round at the bar and see if you can come up with ideas of how it is being read.  Does someone print it first, and then discard it, without shredding before someone raids the garbage can?  I thought not. Coul another recipient of memos actually be involved in the forwarding of info to a suspect. Get friends to do a little more thought ans some discrete homework
LVL 24

Expert Comment

ID: 13548092
> I am looking for ideas on how

Next time, include the system administrator in the meeting at the pub.  Before that, try to identify better where the lines of trust are drawn, and who knows who.  Possibly, the admin would not know you were friends with the victims, and you could ask for some expertise setting up a good spy system at place you work, rumors being that your company would pay out some side money to contractor for discretionary help.

Alternatively, the admin is more nice, interested in protecting policy, and is either unhappy about company spying or is currently ignaorant and would be a valuable ally.  

and alternatively, if the admin is snooping on their own, it is in company best interest to throw them out the door before getting entangled in too many lawsuits and bad publicity, leading to loss of market
LVL 24

Assisted Solution

SunBow earned 164 total points
ID: 13548257
gump2k > It was not a solution to getting emails through unread that I had in mind, my intention is to catch them

but go with a very slow start until you have a better clue about how it is being done by whom.
Possibly, there is a valid criminal investigation, and there's been some inadvertent views of memos with some unfortunate leaks.

So give credit to whoever, to possibly have unlimited budget and resources, yet maybe not harmful, but still you want to appear innocent and not tip your hand during the learning process.

Consider, each terminal could have a half dozen different spy gadgets on it before any memo is opened or sent. This means you cannot use the terminal to communicate you ideas and plans, for it defeats any encrytion schem when keys are tracked, files are watched, and a few monitors are monitoring the monitor.

Part of your disclosure process should have a built in measurement to help identify how it is done.  For example, does the perp seem to have physical access. Is physical access required? could it be a webcam over your shoulder, a snoop employee looking over your shoulder when you concentrate too much and are unaware... could their be a 2nd PC for each one in company, some fancy room with a sceen identical to every screen employees use.

Consider their may be no perp. Maybe too many people talk about too much on telephones, not knowing that they are being overheard.  Please keep your cell phones out of my pub.  I do not want to know your business, whether it is private or not.

Consider potential recklessness of employees. For example, long time out on no activity, or no screensaver, no logoff before going for drink of water, then not returning to desk until lunch.... and so it goes after work as well. Namely, ask yourself if anyone, even a custodian could have physical access to employee work area and equipment, and just simply use it with the basics. Many employees like to boot up without using a password.  THey should not be listened to about complaints that others use their machine and can then view their mail.

Expert Comment

ID: 14228751
I agree to the suggestion

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
Integration Management Part 2
Suggested Courses

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question