Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

FTP Snatching

FTP Snatching -- In response to our FAQtoid that mentioned how spammers might capture your email address when you visit a Web page, Peter N Lewis <> noted a sneaky technique involving FTP:

Another way I've heard to snatch an email address when visiting a Web page is by coding an inline image with an FTP URL. The browser then automatically FTPs the file for you to show you the image - but when it anonymously FTPs the file, the browser typically uses your email address as the password (as anonymous FTP should - sending your email address is taken as a signature to abide by the usage guidelines). Thus an unscrupulous FTP server (or Web server using the anonymous FTP inline image) can capture your email address as well.


READERS LIKE YOU! Support TidBITS by becoming a member today!
Check out the perks at <>
Special thanks to Stephen Holmes, George Ricker, Brian Stevens, and
Jeffrey Jones for their generous support!