Thank You Avast! But What Is This??

[CoJo]

hello to all...

I just received a warning (while downloading music from a site I have used previously) when this came in thru OE...


<iframe> tag found, it may be dangerous


Sender:  "administrator" <webbot@puremail.com>
Recipient:  "Inet Receiver" <receiver@smtpserver.com>
Subject:  Letter

I deleted it...do I need to do anything else? It's the first time I have gotten this type of warning

Any advice or reassurances would be appreciated
cojo

[.: Mac :.]

well scan with avast of course and housecall

[MikeBCda]

Hi CoJo,

I'm sure the experts will correct me if I'm wrong, but I'm gussing this is similar to what I'll sometimes get from the email provider.  Any executable attachment (such as an Exe) trips a "May be dangerous" warning from avast even though the file itself doesn't get scanned at that point.

I have HTML-content enabled in my Eudora, and once got a similar iframe-tag warning.  Turned out it was nothing more than Yahoo's own advertising, which we're stuck with in Yahoo Groups.

So a reasonable guess is that the warning is triggered by the file-type (or the existence of the iframe tag) as a general class, rather than anything specifically in it.  And that's why the "may be ..." wording of the warning.

Best,
Mike

[CoJo]

Thanks Mac and Mike!

I use plain text for mail and newsgroups and don't allow attachments...

I'll go ahead and scan just to make sure, though!

Thank you, my friends!
cojo

[DavidR]

The iframe tag is normally used in html pages and is generally used to load dynamic content into a section (frame) of the existing page.

Because it calls another page/url if this is used in an email it can be potentially dangerous.

I think there may be some security settings that you can change to limit this.

I never have the preview window open (by default) in OE until I know the source/sender of any email and I am usually offline when i read my emails so they can't access the internet. This is I feel much better than viewing everything in plain text.

An html formated email even when viewed in plain text, still has the html content (the <iframe> tags) although you don't see it, the content is obviously still being reported.

David

[CoJo]

Thank you, David, for explaining this to me!
I also never use the preview pane, but did not think of reading my email offline ( I usually just fire a reply back!)
Is there anything else you would recommend?
TIA,
cojo

[DavidR]

Hi CoJo,

I scan my email servers with MailWasher pro prior to downloading my mail as well.

The major reason I like MailWasher is, you can delete spam/suspicious email directly from the server and don't have to download them to filter or virus check, etc. You can also fire off a quick reply (plain text) without having to download the email first. You could even delete the email from the server if you didn't want to keep a copy on your computer.

One other reason I don't use the preview pane and read offline is. If for any reason a spam email gets past MailWasher Pro, many spam messages have some form of tracking (usually a 1pixle image) that calls back home. This confirms that the email address is good and you are likely to see a rise in spam.

David

[CoJo]

Thanks, David!
When I get back home, I will look into this more...

cojo