Sniffing outlook.com email

Discussion in 'privacy technology' started by Mover, Apr 22, 2014.

Thread Status:
Not open for further replies.
  1. Mover

    Mover Registered Member

    Joined:
    Oct 1, 2005
    Posts:
    165
    If an attacker on the internet wants to sniff/intercept the email of a person (ie. A@outlook.com), can he do so by just knowing the persons email address ?

    Assume that 'A' is using outlook.com webmail as is. (without addition of any extra encryption like Mailvelope).

    Also, the attacker is not part of the LAN that 'A' is on.
     
  2. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    Just knowing the email address but not being connected to the same lan/wifi? I wouldn't think so. They'd have to be doing a sort of man-in-the-middle attack on you. https://en.wikipedia.org/wiki/Man-in-the-middle_attack
    That'd mean also that they'd have to have access to something between wherever you send the email and wherever the outlook server is you're connecting to. So unless it's your ISP/Government you'd be more likely to be sent a keylogger by the average person trying to see what you're writing.

    But the best way to be sure that no one is reading the email between your computer and who its meant for would be https://en.wikipedia.org/wiki/Pretty_Good_Privacy
     
  3. Mover

    Mover Registered Member

    Joined:
    Oct 1, 2005
    Posts:
    165
    Some large corporations (ie. large national banks) have alot of $$$$$$$ and dedicated IT security departments.

    Although they may not have the budget of the Government, I would hazard a guess that any large corporation (ie national bank) has the money, resources,
    and time to snoop around on its employees/persons of interest much better than the average person.
     
  4. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
  5. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    Yes, trust in your email provider is very important. https://www.techdirt.com/articles/2...t-accounts-to-identify-windows-8-leaker.shtml
    The connection from your computer to Outlook is encrypted, there may be ways to attack/bypass it if you do email on the network of a large corporation. However other ways can be a lot easier.
    Most large corporations have their own email service or use a third party with mail hosted on their own servers. Even if employees use another sevice like Outlook, computers owned by the corporations often have RAT tools(commercial spyware) installed, so unless you use your own device and you can be sure there is nothing installed on it by the corporation you can be monitored as well.
     
  6. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    The answer is NO, but there are two exceptions:
    1. If the attacker is a government agency. In this case it can probably just ask outlook.com for data.
    2. If the attacker is capable of hacking outlook.com and taking over the victim's account. While this is not impossible, I'd say it is pretty unlikely in a normal scenario.
     
Loading...
Thread Status:
Not open for further replies.