One of the security concerns with HTML based e-mail is the use of web bugs. Web bugs are
hidden images in your e-mail that link to the senders’ web server, and can provide them with
notification that you have received or opened the mail. Another flaw with HTML e-mail is
that the sender can embed links in the e-mail that identify the person who clicks on them.
This can give the sender information about the status of the message. As a rule, you should
use a mail client that allows you to disable the automatic downloading of attached or
embedded images. Another problem is related to scripts in the e-mail that may launch an
application ,if your browser has not been patched for security flaws.
For web based e-mail clients, you may have the option of disabling the automatic download
of images, or viewing the message as text. Either is a good security practice. The best way to
protect yourself against HTML e-mail based security and privacy attacks is to use text based e-
mail. If you must use HTML e-mail, beware!
