What's the meaning of these blank emails?

Question

I have been getting a lot of empty e-mails with no sender’s name or subject in the header. Is this possibly a new attempt by someone to deliver a virus or more likely someone that doesn't know how to send e-mail?

-Reyn

Answer

This question was answered on December 29, 2004. Much of the information contained herein may have changed since posting.

The ‘blank e-mail’ trend that seems to be growing can be attributed to a number of possible causes.

One likely cause is from a spammer that is operating an ‘address probe’

process which simply sends a blank message to a mail server to see if it will accept it If it does, the automated system makes note of the address and adds it to a list of validated addresses If it’s rejected, then it knows not to send anymore spam to that address.

Another possibility is an automated spam attempt that has the recipient addresses but none of the other information (including the spam itself!) made it into the message because of poor scripting or coding.

All large-scale spam operations work with automated processes and much of their automation is derived from the process of trial and error in an effort to beat out spam filters.

Another very likely cause is that a malicious ‘worm’ with a poorly coded ‘payload’ (which is the resulting actions after a successful attack) has infected a computer that has your e-mail address in its address book and is inadvertently sending these blank e-mail messages as a result.

The majority of known e-mail worms and viruses have very poorly written routines that often breakdown in the middle, which prevents the intended malicious activity from ever completing properly.

There are a handful of known virus and worm attacks (most notably the W32.Beagle family) that can use a blank message as a delivery vehicle, but they are always accompanied by an attachment (usually an .exe file) that is required to be opened in order to complete the attack.

Many large corporate e-mail servers as well as many ISPs will strip away known malicious file attachments from messages before delivering them to its users, which would result in a message to the recipient with no subject, no sender, no message and no attachment.

Depending upon how your mail server handles this situation, you may or may not get a notification about a stripped file attachment, so you may want to contact your administrator or ISP to find out if this is a possibility.

There is yet another more technical possibility which has to do with the format of the message.

E-mail programs that are capable of displaying HTML messages (much like a web site) can be fooled into running a script in the background of a message, while displaying what appears to be nothing to the user.

These scripts a.k.a ‘web bugs’ can notify the spammer that not only did you receive the blank message, but you also tried to read it, which makes you an even more desirable target for them.

All of these possibilities should be a wake up call to lazy e-mail senders that don’t bother to put anything into the Subject line; your mail is now even more likely to be ignored or deleted before it’s opened!

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Ken of Data Doctors on December 29, 2004