What is the purpose of a targeted email without any meaningful content?

Attempting to send a message to a non-existant email address will typically result in a “bounceback” message with an error code like 510 or 550 invalid address. If you try several addresses and there is no error message for only one of them, you know this one actually exists.

Someone who has a mailbox on a corporate email server also probably has access to multiple other systems or services, possibly with the same user name. The sender now has the name/handle of an account they can target on these systems.


Could have also sent a 1px image with some code to call back specific information. It’s pretty simple to do and things like this can be used for good as well (canaries). Just something to think about and check since you wouldn’t have seen it anyway.

Tags:

Email

Phishing

Related

Do you rather trust a widely adopted algorithm or an underdog if they're cryptoanalytically on a level playingfield? Can I change my public IP address to a specific one? Should a server set a cipher order? TPM or OpenSSL for key generation? Are SSL certs auto-revoked if their Not-Valid-After date is reached without renewing? If malware does not run in a VM why not make everything a VM? Does phishing include ransomware? How can you bind a public key to a certificate if the public key depends on the choice of algorithms? How does having a custom root certificate installed from school or work cause one to be monitored? Could receiving a URL link, not clicking on it, ever pose a security problem? Trojan "Win32/Tnega!MSR" found by Windows Defender - aliases used by other antiviruses? How do hackers trick frontend validation?

Recent Posts