?
Solved

Need ideas for a test - Someone is reading my emails??

Posted on 2005-03-14
10
Medium Priority
?
168 Views
Last Modified: 2013-12-04
Well, not my emails, my friends emails at their place of work.

The company are shady at the best of times but they have let a few things slip that could only mean they are monitoring their employees emails (work AND personal)

I am looking for ideas on how to test this, maybe a tracking image in the email? But not sure how to go about it?

Any other ideas welcome
0
Comment
Question by:gump2k
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 4

Expert Comment

by:DaGo21
ID: 13543193
Well in my country this is illegal, however you can do multiple things;

Sending e-mail with password protected ZIP files with message in it,
password protected Word Document with your message, etc, etc.

Good luck
0
 

Author Comment

by:gump2k
ID: 13543203
It was not a solution to getting emails through unread that I had in mind, my intention is to catch them at it and then take things further. So I need a way of knowing that someone has read an email other then the intended recipient.
0
 
LVL 4

Accepted Solution

by:
DaGo21 earned 172 total points
ID: 13543391
I am afraight that is not possible - you could check the headers if something is in there, however I do expect it's simply cached somewhere, you get the e-mail and a copy is stored somewhere else.

I know the older spam filters where admins could put them in a container, manually review them and then send them through. I never could work out it is was a manual job or only the server.  Only sometimes an e-mail took 2 days to get delivered, but reading your post that's not the case.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 164 total points
ID: 13545126
If they have a company policy, as most do, that states that all email, and other electronic communication or other data is the property of the company. This is typical policy and the only thing you can do about it is not conduct personal email through their work email. It's not their pc, it's not their email, it's not their instant message, it's thier companies. They should get a hotmail or gmail account to do personal emailing.

If they are monitoring personal email, which is possible, with keyloggers, or a proxy server, the only way to combat this... and it's not really going to combat a key-logger, is to use a pc at home. Connect to their pc at home over RemoteDesktop, or vnc. Again this doesn't stop keyloggers.
-rich
0
 
LVL 24

Expert Comment

by:SunBow
ID: 13548034
First try to come up with a reasonable list of possible suspects. Good idea for meeting at the local pub.

Look at candidates, and find out what they have in common, and what their differences are.  What are the interests, what do they like to talk about?   This is intended to indentify what to place in future emails.  Get them an interesting topic, include details no one else knows, and then wait for the news from the water cooler.

Try Cookoo's Egg, one of the ways that was done.

You have a solid beginning somewhere, for example, you know someone is doing this. How do you know? Exploit that knowledge.    Buy another round at the bar and see if you can come up with ideas of how it is being read.  Does someone print it first, and then discard it, without shredding before someone raids the garbage can?  I thought not. Coul another recipient of memos actually be involved in the forwarding of info to a suspect. Get friends to do a little more thought ans some discrete homework
0
 
LVL 24

Expert Comment

by:SunBow
ID: 13548092
> I am looking for ideas on how

Next time, include the system administrator in the meeting at the pub.  Before that, try to identify better where the lines of trust are drawn, and who knows who.  Possibly, the admin would not know you were friends with the victims, and you could ask for some expertise setting up a good spy system at place you work, rumors being that your company would pay out some side money to contractor for discretionary help.

Alternatively, the admin is more nice, interested in protecting policy, and is either unhappy about company spying or is currently ignaorant and would be a valuable ally.  

and alternatively, if the admin is snooping on their own, it is in company best interest to throw them out the door before getting entangled in too many lawsuits and bad publicity, leading to loss of market
0
 
LVL 24

Assisted Solution

by:SunBow
SunBow earned 164 total points
ID: 13548257
gump2k > It was not a solution to getting emails through unread that I had in mind, my intention is to catch them

good.
but go with a very slow start until you have a better clue about how it is being done by whom.
Possibly, there is a valid criminal investigation, and there's been some inadvertent views of memos with some unfortunate leaks.

So give credit to whoever, to possibly have unlimited budget and resources, yet maybe not harmful, but still you want to appear innocent and not tip your hand during the learning process.

Consider, each terminal could have a half dozen different spy gadgets on it before any memo is opened or sent. This means you cannot use the terminal to communicate you ideas and plans, for it defeats any encrytion schem when keys are tracked, files are watched, and a few monitors are monitoring the monitor.

Part of your disclosure process should have a built in measurement to help identify how it is done.  For example, does the perp seem to have physical access. Is physical access required? could it be a webcam over your shoulder, a snoop employee looking over your shoulder when you concentrate too much and are unaware... could their be a 2nd PC for each one in company, some fancy room with a sceen identical to every screen employees use.

Consider their may be no perp. Maybe too many people talk about too much on telephones, not knowing that they are being overheard.  Please keep your cell phones out of my pub.  I do not want to know your business, whether it is private or not.

Consider potential recklessness of employees. For example, long time out on no activity, or no screensaver, no logoff before going for drink of water, then not returning to desk until lunch.... and so it goes after work as well. Namely, ask yourself if anyone, even a custodian could have physical access to employee work area and equipment, and just simply use it with the basics. Many employees like to boot up without using a password.  THey should not be listened to about complaints that others use their machine and can then view their mail.
0
 
LVL 4

Expert Comment

by:DaGo21
ID: 14228751
I agree to the suggestion
0

Featured Post

WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses
Course of the Month8 days, 14 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question