PDA

View Full Version : How can someone monitor an email address?



cmhbob
10-22-2018, 07:29 AM
Or can it even be done?

One of my characters (Andrea) has an email address at a hosting service, not a big name like Yahoo or Gmail. She eventually suffers from a fugue state and has apparently created a new personal history and claims to have no knowledge of her real past. She's recently been confronted with people from her real past (daughter and daughter's dad), and fragmented memories are starting to leak through.

Andrea's former lover Danny has a friend who's got lots of electronic knowledge and computing power available. I want him to be monitoring the email address for access, because I want Andrea to access it at a particular time and be found out.

I'm not sure if that's even possible - does anyone know if it is? Marco's got the tools to have changed the password on the account and get notified that way, but when Danny et al found out that the email address existed, they didn't want to do anything to it because they were trying to locate Andrea.

If this doesn't make sense, let me know. I'd also happily listen to other ideas here.

LesFewer
10-22-2018, 07:37 AM
If it's html email, you can put a link to a 1x1 pixel image in the email, the image is stored on your webserver. When the email is opened the 1x1 image is loaded by email client from your sever and there's an entry in the log for that.

It's used all the time by marketers who want to know if people opened their email.

So if she opens the email with link to the 1x1 image, he'll know she opened it.

cmhbob
10-22-2018, 07:38 AM
Hmm. I may just use a tracking pixel just like bulk emailers use. That would probably give me all the info I'd need.

- - - Updated - - -

Thanks, Fortz. We cross-posted. Sometimes it just take me writing it out for a post to figure out how it needs to happen.

Enlightened
10-22-2018, 07:41 AM
I'm confused. Andrea had the email since her real past, when she had the lover, and she remembers the email address to use it (username and password)? Or did she create the account with her new persona and Danny's friend somehow found the email?

The friend, to monitor, will either: 1) have to work at the hosting site; 2) know someone working at the hosting site; 3) or hack into the hosting site. If it is an inside job, there may be company policy against employees viewing private email accounts of users.

Read through privacy policies of sites like Gmail or Yahoo Mail. Maybe they have policies for employees not invading privacy matters of users. This may help if you go the inside job route.

EDIT: Interesting means suggested. Problematic if the person doesn't use the Web to read emails.

cmhbob
10-22-2018, 06:28 PM
SHe had the address in her real past, which she lost during the fugue state. But the old memories have been breaking through, and that's what's going to happen here as far as logging in to her email.

WeaselFire
10-23-2018, 05:24 AM
In a past life, getting access to someone's email account was part of what I did. Lots of easy ways, default passwords for example, phishing emails or plain old social engineering (call them and ask, you'd be surprised how many just tell you.) Other times we'd go to packet sniffing, hacking the server or email service or even spoofing the DNS to get access.

In your case, simply watching the email is easy enough to keep hidden for a long time. Quite possible, how much detail do you need to have in the story?

Jeff

cmhbob
10-23-2018, 07:02 PM
The tracking pixel will give me what I need, I think.

Bolero
10-24-2018, 02:13 PM
If it's html email, you can put a link to a 1x1 pixel image in the email, the image is stored on your webserver. When the email is opened the 1x1 image is loaded by email client from your sever and there's an entry in the log for that.

It's used all the time by marketers who want to know if people opened their email.

So if she opens the email with link to the 1x1 image, he'll know she opened it.

That's interesting. My email software blocks remote content - you have to agree to access remote content which I rarely do. So not accessing remote content would block the loading of the image?

cmhbob
10-24-2018, 08:05 PM
That's interesting. My email software blocks remote content - you have to agree to access remote content which I rarely do. So not accessing remote content would block the loading of the image?

Correct, and not loading the image blocks getting any information from the image.

Bolero
10-25-2018, 02:01 AM
Me getting info from the image, or them getting info? And is that in addition to I opened the email? Or just that I opened the email?

cmhbob
10-25-2018, 06:33 AM
If the image loads, the sender (or whoever is hosting the email) can see your IP address among other things, and confirm that you opened the message. If you don't load the image, they get no information.

Titus
10-26-2018, 11:03 PM
If Danny is underhanded or not opposed to "hacking", he could send an email with a virus included to gain whatever access he needs, include a phising email link, or a slew of other options. Basically, if Danny gets Andrea or her alternative personality to click a link or download an attachment he could probably had the code programmed.

[Common sense warning: Don't click links and attachments from people you don't know.]

Unpolished
11-21-2018, 09:53 AM
And an IP address (a region and/or ISP.)