HoneyMail

Background

The HoneyMail project studies email interception. Since the content (and metadata) of intercepted emails can be trivially read, convention wisdom tells us that confidential information should never be sent via unencrypted emails. The proposed project explores whether such advice is actually prudent. That is, we aim to answer the question "how often are emails actually intercepted on the Internet?"

To determine the regularity of which interception occurs, we will transmit (false) emails whose content would be attractive to potential eavesdroppers, but are sent only between our own email accounts. In particular, our fake emails  contain URLs that purportedly contain sensitive information about mortgages, bank accounts, passwords, and shared files. The emails will be sent between geographically distributed email servers located through the globe, with embedded URLs that resolve to web servers under our control. Since the emails are sent only between our email servers and are addressed to fictitious email accounts, any visit to one of the embedded URLs must be due to the (illegal) interception of our email.

Potential Benefits

From a theoretical perspective, we hope to validate the value of using tracker techniques to detect unauthorized access to data. From a practical perspective, we hope to understand who is reading email and if they take action on the information. This is a particularly pernicious problem in the financial services area.