Quote:
Originally Posted by janusz
Oh yes, indeed very personal and sensitive, nay intimate, details  |
Don't dismiss this issue too quickly. This was a very controversial a few years ago when Facebook combined "Big Data" with this feature:
https://en.m.wikipedia.org/wiki/Facebook_Beacon
These web beacon images can interact with exiisting cookies and return browser version and your IP address, further assisting the email sender from tracking your behavior. For example, they might guess that two different people are at the same household and sometimes sharing the same PC but at other times using different PC's. The problem isn't just one piece of information about you, it's the accumulation of a dossier on you over months of data accumulation. A scammer in a third world country can do this for very low cost.
In addition to uses by advertisers and others you know to track you opening their emails, spammers and phishers can send you many differently designed emails and see which ones evade your email spam filters and are actually opened. And if they send emails to two or more addresses which interact with their cookies they know that computer is associated with those different email addresses. So now they know the computer they can associate with an easily known name on social media or via other means is now associated with that email account you thought was not so easily trackable.
The bad guys can also just send out random dictionary spam to a domain (such as a FastMail-owned domain or your private domain) and see which addresses exist (because you downloaded the beacon image). This would be like walking along the street and someone comes up to you and says, "Hi, Sam, good to see you after so many years." They will be ignored or told "Wrong person" by nearly all they encounter, but finally they find a Sam. So now they know that person's name, and another scammer can the next day try get more personal details from Sam by trying random ploys. It's like the old trick of "cold reading", where someone can use several somewhat random guesses to find our something about you, then fool you into revealing more that you realized. In this case, you have no idea the scammers are building a profile on you.
I'm not saying that this happens every day in your incoming email, but scammers are going to try every trick which advertisers have developed to build a detailed profile of who is associated with a particular email address. When this is automated and appears in what appears to be spam from different sources (even though it might be the same scammer using different types of phishing from different countries) you won't realize that you have been compromised. Criminals are very ingenious.
Bill