Risks of Automatic Image Downloads in Gmail

This morning, as I logged into my Gmail account, I was notified that the company had decided to turn on automatic image loading for all email.  This made me wonder, isn’t this going to be a security issue?  Images contained within email are generally not embedded, but need to redirect to a specified URL located on a remote server.  Malicious users can obtain information about when you loaded an image and that the email you accessed the image from is legitimate and active, potentially spamming, phishing or attacking you with malware in subsequent email messages.  You can also give up your IP address, which can provide attackers with a close estimation of where you are located.  Any information they find regarding your whereabouts or Internet activity can be used to specially craft messages and URLs to obtain personal information or destroy your data.

So, how does Google plan to mitigate these risks for its customers?  Well, Google says that their proxy servers will host all images, preventing attackers from knowing where the email was opened from or exploiting any security vulnerabilities on the local machine due to embedded malware.  This proxy solution does not, however, prevent attackers from learning your location or whether your email address is active.  Loading images automatically also starts something called ‘read tracking’, whereby senders can tell whenever a message is read by a specific recipient.  

Loading images within the proxy servers will speed up the time it takes users to open Gmail messages, and Google could cache all email images before a recipient opens the message to prevent tracking.  If Google does cache all messages, attackers could implement a denial of service attack on the company by sending millions of images to their proxy servers.  

Luckily, for those concerned with this new setting, Google has allowed users to revert back to the previous configuration whereby each user needs to load the individual email messages manually.  From a security perspective, this is a much safer option.  We already receive enough spam and phishing attempts, and each suspicious email should be scrutinized for its authenticity – we do not need to now worry about strangers figuring out that our accounts are real and where we are located! Turn off the automatic image download option if only to protect your own privacy.