Test your e-mail program

Does your e-mail program accept hidden JavaScript commands?

My last posting, Defending against a phishing e-mail message, described a JavaScript trick bad guys use to make a link appear to go one place when it really goes somewhere else.

So you can test if your e-mail program (or Webmail system) falls for this type of forgery, I created a test e-mail message.

To receive my test e-mail message, send an e-mail to:

testmyemailprogram@michaelhorowitz.com


It does not matter what, if anything, is in the subject or the body of your message.

The test e-mail message contains a link that appears to go to CNET, but really goes to my personal Web site. When you move the mouse over the test link, you should see my personal Web site in the status bar. If however, you see the silly message below, then your e-mail program is vulnerable to manipulation with JavaScript.


Hope you pass the test.

Featured Video

Apple dethroned as world's most highly valued company

An old foe with a new name took the title away from Cupertino. Also, Yahoo's looking at yet another big shake-up.

by Iyaz Akhtar