Just how private is your inbox?

Source: Cliparts

With almost every app you download, store you go into, and account you sign up for requesting your email address it has become impossible to avoid email marketing and overall email spam. Often you may wonder what the point of all these emails are? Most people seem to delete them anyways, or if you are like me, leave them eternally unopened, letting your unread email count rise higher and higher.

However, there is more to these marketing emails than what meets the eye. Behind any effective email marketing campaign there are analysts reviewing the data that is coming back to them. The data provides them with the number of opens an email has received, and if there is a link in the email, often referred to as a call to action, the number of clicks can be collected as well.

You may wonder how this type of a data is collected? Wouldn’t these companies have to spy on your inbox in order to collect this type of information? The answer is yes! Essentially marketing software allows companies to become a sort of “fly on the wall” within your inbox. This is done by adding “a tiny invisible image to the body of your email. This is often called a “web beacon” or tracking pixel.” These emails can be referred to as “spymail” and the tracking pixels contained in them are not something most people would realize exist, especially when working with standard email and browser settings without any extensions installed.

This is information that came a surprise to me, mostly because I had never given it that much thought and if I did, naturally I was plagued with the optimism bias. Meaning I tend to take the “it won’t happen to me” approach. Why would someone want my information? I’m not very interesting and neither are my emails? But they do want my information, they want everyone’s information! For the most part tracking pixels are used to complete marketing metrics that can be valuable for companies, but they can also can leave you more vulnerable to a security breach.

After installing something called “UglyEmail”, which is a “Gmail extension that allows you to see if the email is being tracked before opening it” I was quite surprised to find how many tracking pixels could be found in my inbox. Flagged emails are represented by the eye that is seen on many of my emails to the left of the subject line.

Screen capture taken of my Ryerson email account after searching “unsubscribe”. Unsubscribe brings up any emails that I have subscribed to intentionally or accidentally as they typically have a “click to unsubscribe” link in the email.
Screen capture taken of my personal email inbox in an area that was particularly heavy with “UglyEmail” flags
Screen capture of an Uber receipt

As seen in the pictures many of my emails have been flagged by the UglyEmail eye. I noticed that all of my Uber receipts, which you receive almost instantly after being dropped off contain tracking pixels in them as well. Another interesting bug that I noticed is placed in all my emails from “ShiftNote”, which is the scheduling software that was used by one of my part-time jobs. Everyday I received many emails from ShiftNote, as employees were notified whenever they had the opportunity to pick up a shift.

After installing UglyMail I decided to do some more digging to learn more about tracking pixels and why they are important to understand. When an email is opened that contains a bug it can collect metadata that is referred to at M@ilControl by the acronym “LOSS”.

Spymail can track your…

Location— your physical location

Open Info— if, when and how many times you open an email

System Info — the device, operating system and browser

Subsequent communication — if and where the email was forwarded

That is much more information than you would assume to be taken from simply opening an email. As well, when a link is placed into an email the link is replaced with one “that notifies the sender when it is clicked and redirects the recipient to the original link or file”. This is what gives companies a click through value. This amount of information, if in the hands of the wrong people can be used for much more than just studying marketing metrics. This is something that companies must be incredibly aware of, as information on details such as operating systems can lead to future hacking and other security breaches.

Many people are not aware that emails that they open everyday contain these tracking pixels, just as I was not. This is expected, as companies do not want you to be aware of their presence, hence the invisibility. When considering cyber-security it is important to do your research so you can understand what is being done with your information as issues such as these are not moving in the direction of becoming more transparent. With the development of more apps, location settings and digital check in points the saying “ignorance is bliss” certainly should never apply.

To read more about spymail click here and to download UglyMail so that you can see which of your emails are being tracked click here.

Thanks for reading!

Jamie

Like what you read? Give Jamie Holman a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.