Who is snooping on my email?
by Richard M. Smith
Dec. 23, 2005
With all of the controversy about the news that the NSA has been monitoring,
since 9/11, telephone calls and email messages of Americans, some folks might
now be wondering if they are being snooped on. Here's a quick and easy method
to see if one's email messages are being read by someone else.
The steps are:
The trick is to make the link enticing enough for someone or something to want
to click on it. As part of a large-scale research project, I would suggest sending
out a few hundred thousand messages using various tricks to find one that might work.
Here are some possible ideas:
- Set up a Hotmail account.
- Set up a second email account with a non-U.S. provider. (eg. Rediffmail.com)
- Send messages between the two accounts which might be interesting to the NSA.
- In each message, include a unique URL to a Web server that you have access to its
server logs. This URL should only be known by you and not linked to from any other
Web page. The text of the message should encourage an NSA monitor to visit the URL.
- If the server log file ever shows this URL being accessed, then you know that
you are being snooped on. The IP address of the access can also provide clues
about who is doing the snooping.
Besides monitoring the NSA, this same technique can be used if you suspect your email
account password has been stolen or if a family member or coworker is reading your
email on your computer on the sly.
- Include a variety of terrorist related trigger words
- Include other links in a message to known AQ message boards
- Include a fake CC: to Mohamed Atta's old email address (firstname.lastname@example.org)
- Send the message from an SMTP server in Iraq, Afghanistan, etc.
- Use a fake return address from a known terrorist organization
- Use a ziplip or hushmail account.