Going undercover online

Email is not anonymous

Many people think an anonymous approach can be made using free webmail services, however these may not be totally without risk.

As with casual web surfing, hidden information is betrayed every time you send an email. 

When we view our incoming mail, we normally see three fields of information; 1) who sent the email 2) its subject and 3) its message body.

The hidden information is contained in fields called the "headers" - which most email programs and webmail services can be configured to display.

Among other things, the headers betray the IP address of the Internet connection used to send the email. So if you log into a free webmail service from your office, the IP address of your company may be given to the person you email.

The headers can look rather confusing, but the journey the message took to get to the recipient is displayed in the "received" fields - the bottom received field showing the initial IP address.

The image below shows the headers that Yahoo Mail displays for an email it received from someone's Hotmail account. The sender used a computer within the BBC to access Hotmail and the IP address of this BBC computer is displayed in the header fields.

The IP address can then be traced back to its Internet service provider using a WHOIS service like www.coolwhois.com

Even opening an email is dangerous!

Emails can be sent with hidden tracking code that will, without you knowing it, send details of your internet connection back to the sender.

Readnotify detects that an email sent to a recipient's hotmail account was opened while she was using a computer within the BBC.

next>