Can I be hacked by just clicking on an image in email?

Question

I opened an email and clicked on image in it to be displayed as a preview. Can the sender use this to hack my computer?

I'm using fedora 25 I opened the image from outlook webmail.

So I want to know If I have to reinstall a new operating system or it's safe?

Answer 1

In most cases, no. In older, unpatched systems, maybe, or using very specific exploits in very specific formats.

With most modern OSes, such exploits are proactively patched, and most systems have fairly sensible defaults for permissions.

Considering the relatively small number of linux systems of a specific distro, DE and version - its pretty unlikely.

In this specific case you'd need to open an image that's not an image, which would run some script or payload that would then exploit your system. Its unlikely.

If you saw a log in screen, and well, logged in, change that password - I suppose images might be handy to phish, a simple image should be harmless on its own

So, no, you don't need to reinstall your OS if you don't want to, and from the information you've given this seems excessively paranoid.

Answer 2

Theoretically yes, you could have been subject to attack. However the following concerns apply:

• I don't see how your PC could have been infected with the malware after previewing the image in the email. This procedure does not involve code execution so you did not execute any code from unknown source
• Reinstalling the OS is excessive measure and will not provide security benefits. Don't do it unless you have other good reasons to do so.
• The worst thing that could have happened - some of your private data could have been stolen (chances are really low because Outlook Web Email is regularly patched for secuirty). This may include your physical location, IP address, browser version and potential some identification data for your web mail
• If you want to be extra careful, change your email password and block the suspiciou sender, That's about as much as you can do.
• Also report the original email sender to your mail provider if you believe the email was suspicious

Answer 3

If you have allowed HTML in emails, the image could be a hyper-link to a site which connects the e-mail address they sent to (encoded in the link) to your IP adress which probably tells your whereabouts if you are not using a VPN. Since you probably connect using your default browser then all of browser info which likely identifies you uniquely (according to EFF) could be grabbed. It could go on to fish all your cookies if you are not in non-cookie-hoarding mode gathering lots of info about you, which sites you visit and so on. Probably enough to tie it to the physical person you or at least one of the physical persons who are using the computer you are using.

Not exactly "hacked" as someone controlling your machine. But hacked in the sense someone you don't know probably knows more about you now than your closest family and friends do.

Answer 4

It depends

It depends from the mail, the image, how is updated your program/system, how it is vulnerable (and this it will be maybe known only later...).

A standard procedure should be:

1. to check the content of the original email (or ask to someone able to do it).

   • I mean not what you see but what it is really: the source code
     (For example load the clean google page and press Ctrl-U to see what that page really is).
   • "Original": if it was a trojan horse it should be, in theory, able to execute something and substitute itself. (Really low probability, eventually you may check with your email provider if the mail on their server is the same that you have locally).

2. Then you may pass to check for the second security problem source:
   the image itself and the libraries used to visualize it.
   Even if this is a "remote" possibility, go to check if the image is trying to use some kind of exploit and at the same time your system is not protected (for example if you have OpenJPEG 2.1.2+ you should be protected from the known ones; note that your email providers may have already scanned that picture searching for that malicious code too).

Of course you can reinstall the system to be sure, but you should check even all your data when you will put on the new installed system.

IMHO

The possibility you were hacked with a picture preview are little.
You can investigate yourself the code of the email (the more dangerous possibility) and control the library version of OpenJPEG.

In theory there is always the possibility that new exploit are discovered, but it is extremely improbable that you will be the first to experiment them on your own skin.
So keep the defences up and the system updated. (Save the mail and the picture in a secure place for future investigations).