Pierluigi Paganini March 25, 2015

UglyEmail Chrome extension could help Google users to discover which are the companies on the web that track their email messages.

Even if the following names don’t ring you a bell, companies like Yesware, Bananatag, and Streak are aware of your existence, to be more specific, they know when you open e-mail sent by one of their clients.

Now there is a way to check if someone is trying to track Gmail user using the Google extension uglyEmail, created by Sonny Tulyaganov. Tulyaganov explained how these companies track users in his conversation with Wired:

“[Streak] allowed users track emails, see when, where and what devices were used to view email… I tried it out and found it very disturbing, so decided to see who is actually tracking emails in my inbox.” said Tulyaganov.

The experts used a trick to track his emails, he added a transparent image in the body of the messages that when are opened by the recipient send back to the server it originated the information of the recipient.

This is the idea behind the development of the UglyEmail plugin according to the expert:

“simply insert a transparent 1×1 image into an email. When that email is opened, the image pings the server it originated from with information like the time, your location, and the device you’re using. It’s a read receipt on steroids that you never signed up for.” explained Tulyaganov.

By using UglyEmail users can identify email messages identifying messages embedding tracking images  from Yesware, Bananatag, and Streak. The emails identified with tracking pixels will appear with an eye icon next to the subject.

In his interview with Wired, Tulyaganov confirmed that UglyEmail doesn’t store, save, or transmit any date from you’re your gmail account. There is also a plan to expand UglyEmail to other browsers like Firefox and Safari.

The developer has anticipated that UglyEmail will include more tracking services to its list allowing the users to verify who is attemting to track them.

Users that desire to completely prevent email tracking from the above companies can totally block the pixel tracking by using another chrome extension called  PixelBlock, that  “Automatically prevents all attempts, instead of Ugly Mail’s more passive strategy of simply informing you that they’re happening.”

About the Author Elsio Pinto

Edited by Pierluigi Paganini

(Security Affairs –  email,   UglyEmail )