
	Home > Ask the Security Experts > Questions & Answers > Is spyware allowing someone to read my e-mail en route to my client?

Ask The Security Expert: Questions & Answers

EMAIL THIS

Is spyware allowing someone to read my e-mail en route to my client?

EXPERT RESPONSE FROM: Ed Skoudis

		Pose a Question

		Other Security Categories

		Meet all Security Experts
		Become an Expert for this site

QUESTION POSED ON: 09 March 2004
I have discovered that someone is reading my e-mail between my client and me. This person is using spammer tricks to return the e-mail to me that contain my replies to my client and the client's original response; one message contained a smart remark from the perpetrator that referenced the topic of the e-mail. Obviously this person is reading my mail or my client's mail. I would like to know what I can do about this problem aside from using encryption technology, which only confuses my clients and may even scare them away. (I am just a small businessman dealing with small clients.)

The attacker could be anywhere from your machine to your client's machine. It's possible that your own machine or your client's is infected with a packet sniffer or keyboard capture program. To get rid of that type of malfeasance, make sure you have an up-to-date antivirus tool on both sides of the connection. Also, because some antivirus tools don't check for spyware, also download and run the free Ad-Aware anti-spyware program from www.lavasoftusa.com to look for common spyware examples.

If your machine and your client's box is safe, the attacker could alternatively be on any network between you and your client. This could include your own neighborhood if you use a cable modem, your ISP, your customer's ISP, any other ISP through which the message travels or even your own client's network. The only way to eliminate that is to use an encryption package. I know you don't want to rely on such technology, but there is just no other way to prevent snoopers at ISPs. There are some relatively easy-to-use encryption programs available at a low cost, such as the Pretty Good Privacy program from PGP, Inc. Don't be intimidated by it. You can have it up and running in just a few minutes. Of course, both you and your client will have to have the same crypto program for it to work. However, that's a small burden compared to the peace of mind you'll get in knowing your traffic cannot be seen by the attacker.

For more info on this topic, please visit these SearchSecurity.com resources:

Virus Prevention Tip: Fighting browser-based spyware

Ask the Expert: Spware's impact on the network

Best Web Links: Cryptography/PGP/PKI

Digg This!

StumbleUpon

Del.icio.us

RELATED RESOURCES

	2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
	Search Bitpipe.com for the latest white papers and business webcasts
	Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Find Security Solutions for Your Business

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy