|
|
|
|
|
|
by Mister_Snuggles
4585 days ago
|
|
|
I just saved an attachment from GMail. When I go into the Get Info box (OSX), I can see what URL it came from. I'm sure that Windows attaches similar metadata when it saves attachments. Maybe something like this could serve as a basis for what you propose. The attachment I saved came from https:///mail-attachment.googleusercontent.com. Maybe the solution is as simple as webmail providers putting some standard hostname in their attachment URL that identifies it as an email attachment. Unfortunately though, there are legitimate reasons to circumvent this (have you ever emailed yourself something so you could run it on another computer?), so it would only be a matter of time for attackers to figure out the social engineering required to convince people to jump through those hoops. |
|
|