What is an email virus? Unlike an attached file that the user must execute, email viruses are actually embedded within the email itself. Attachments may also be involved and these attachments will automically execute when the user reads, or, in certain cases, previews the email. Thus, email viruses differ from email-borne viruses, the latter which require users actually open the attachment in order to become infected. Historically, email viruses have targeted Microsoft Outlook and Outlook Express users, though theoretically other mail clients could pose a risk. In any event, if an attachment is involved the user can still choose to open it and become infected, as was the case with the BadTrans.B worm. For this reason, it is equally important to understand both how to prevent attachments from being automatically executed by the mail client and how to recognize potentially harmful attachment types.
Examples of email viruses
Click the highlighted name to view a description of the virus
In addition to viruses, there are email wiretapping schemes possible that allow forwarded email messages to be copied and read by others. For details on how your email can be tracked and spied upon, view the article: Email Wiretapping.
How do I prevent email viruses?
Rule 1: Identification - Understanding the nature of the attachment is the first step towards email safety. Any executable type attachment has the potential to be infected. This covers a wide range of extensions. Complicating matters is that, by default, Windows suppresses file extensions. Click here for instructions on enabling file extension viewing and to view a partial list of suspect file attachment extensions. You may also wish to refer to the Infected Attachments Center which provides a partial list of names of known infected attachments cross-linked with the corresponding virus description.
Rule 2: Intent - An executable type attachment should not be opened unless it was specifically requested or expected. Since email worms are sent to addresses found on infected users' machines, just knowing the sender is no proof of intent. In fact, odds are an email worm will arrive from someone you know and the sender is oblivious to the viral email being sent from their machine. If you receive such an email from someone you know, email that person and ask if they intended to send you the attachment. If you don't know the sender, stifle your curiousity and delete the email.
Rule 3: Necessity - This is the simplest rule to follow, but one that many people ignore. If you do not need the attachment, don't open it. Delete the email instead.
Rule 4: Disable scripting - To date, email viruses have taken advantage of security vulnerabilities found in Microsoft Outlook and Outlook Express. However, any mail client that supports HTML and scripting should be considered at risk. For instructions on securing your particular mail client, choose from the list below:
Rule 5: Patch your system - Microsoft routinely releases approximately 100 security patches per year. Keeping abreast of these and understanding which are applicable to your system can be a daunting task. Microsoft simplifies this by providing a Windows update site. The site will automatically scan your system and provide a list of recommended updates specific to your operating system. Any included in the "Critical Updates" section should be installed. Of course, security is an ongoing process as new vulnerabilities are constantly discovered. You should make it a point to pay periodic visits to the update site to ensure necessary patches are in place.
© 1996 - 2004 WEBBWORKS, INC. All rights reserved.
WEBBWORKS.COMô and the WEBBWORKS.COMô Logo
are Trademarks of WEBBWORKS, INC. Company
(509) 545-9706 - 4006 Desert Drive, Pasco, WA. 99301-9405