Internet >
Email > Help >
Email Viruses
If I tell two friends, and they tell two friends, and so on, and so on...
-
Faberge shampoo, Television commercial, 1970's. |
You should always run the latest version
of a virus protection program and
configure it to scrub your email attachments as they arrive before
you
open
or
read
them.
Information about virus types, protection, and related issues is provided in the Internet viruses section. With respect to email specifically, if your email application is relatively up to date, and you are running a good virus protection program, then your email connection should be fairly safe from accepting or transmitting viruses. Nevertheless, there are enough vulnerable computers on the Internet that email is still the main transmission channel for viruses around the world. Email viruses spread in two main ways:
- Attachments. Viruses commonly hide in programs sent as email
attachments, and run when the user double-clicks on the program to start
it. Therefore, you shouldn't run programs received as email attachments
unless you have a virus protection program running and the attachment
is from a trusted source.
For example, a greeting card program forwarded from a friend of a friend is
not from a trusted source, and there is nothing to stop it from running malicious
system programming code behind its animated presentation once you start it running
on your machine. You should also be wary of opening documents that might contain
scripts and macros (see below). Some attachments will have two extensions to
try and trick you into believing they are just a harmless data file and not a
program, such as "coolpicture.jpg. exe".
Scripts.
One of the first script viruses was a MIME virus that attacked older versions of programs like Netscape Mail, Microsoft Outlook,
and Eudora, and could under certain rare conditions run a damaging program
as soon as the email was simply opened. In a variation on an old hacker technique, the attached MIME file was given a very long name that then triggered a bug that allowed the end of the name to
be run as a series of instructions, which could then be written to do damaging things to your computer. However, these early viruses remained
theoretical, and a fix for the bug was quickly developed by email
program vendors.
However, Visual Basic (VBasic) script viruses became very real, and have continued to do considerable damage across the Internet. VBasic is a very flexible and deeply powerful program development environment used by Microsoft for their operating system, office automation, and Internet applications. This means that VBasic viruses can run from anywhere in the Microsoft software architecture and affect the entire system, from email to operating system, giving them unprecedented reach and power.
The first widespread VBasic virus was Melissa, which brought down several of the largest corporations in the world for several days in late
March 1999. Melissa traveled in a Microsoft Word document and was triggered when the document was opened, opened the associated Microsoft
Outlook email program, read the user's email address
book, and then sent copies
of itself to the first fifty names. This clever architecture was quickly followed by many variants programmed by hackers around the world, including the KAK virus that triggered as soon as an email was opened, and the BubbleBoy virus that triggered as soon as the email was viewed in the preview pane.
If you upgrade your email program once and awhile, and run a virus protection
program with an automatically updated database, then you should be safe from
most script viruses. Also, select "No" if a document asks to enable
macros when you open it, especially if you don't know who wrote them.
|