Why you want to disable images in emails?

Spammers use email web beacons to determine if they have gotten a good email address.   These web beacons can be defeated if you set your email client or your web mail to not display images in the emails.

The way it works is that spammers sends out whole bunch of emails.  The email contains a web beacon — this is an image in the email where the source of the image is from a domain name that is owned by the spammer.   When you read the email and if you have images turned on, you email client or web mail will need to make a server request to retrieve this image from the spammer’s server.  This retrieval is detected and logged in the spammers web server.  When spammer examines the logs, they will know that you have opened that email address and hence they know that they got a good working email address.  Supposedly they can then sell these email addresses to other spammers saying that these addresses had be “validated”.

Of course there are legitimate uses of web beacons.  For example, you might have signed up for an electronic newsletter and they are using web beacons to track how many people are reading the newsletters.

However, it is still a good idea to disable images in your email client by default.  And then if you read the text content of the email and it appears to be a legitimate email.  You can then tell your email client to display images for that particular email only.  This way you can still view legitimate emails with all its graphics and nice HTML layout.  (I understand that some legitimate email newsletters looks nicer with images turned on).

However, be careful of “spoofed emails”. These are fake emails that are made to look like legitimate emails by imitating a legitimate email. For example, have you ever gotten a twitter invite from someone you don’t even know? The email looks nearly identical to an legitimate email that a friend would send out from twitter inviting you to follow him or her on twitter.

Except it is from someone you don’t know and if you were to examine the source code of the email it would indicated “spammer characteristics”. In fact, it did not even come from twitter. They imitated the exact looks of a legitimate twitter email and even made the “from address” as if it was from twitter. Even the links and the destination of the links appear to go to twitter. But the way that this email “get you” is the twitter logo image in the upper-left. The image HTML tag used in the code has a source of the image from a domain not associated with twitter. That image was implemented as a web beacon.  So if you have images turned out, the server request to retrieve that image would have told spammers that your email address is a good address to send more spams to.

Twitter was just used as one example; spoofed emails can appear to be from facebook, ebay, paypal, etc. Spammer like to use popular sites like those to spoof since they know lots of people use them.