|Email Virus Safety|
Viruses can be launched from email attachments. If you were to never open an email attachment or allow an Active-X component to run, you would in all likelihood be safe from email-transmitted viruses. However, in the real world, that is simply not possible: your co-worker may email you a computer graphic of an ad layout design for your approval; your cousin may email you a picture and birth announcement of their new baby; or you may get an attachment from your boss of your schedule for the week.
From here, you may decide to limit the attachments you open to just those people you know and trust. But to further muddy the waters, many viruses masquerade as being a normal email from people you know. Sometimes they even pull text from previous emails, which may make it look more authentic.
So how do you know which attachments can be opened safely? Are there viruses that can spread via email even if you never open attachments? How do these viruses attack your computer, anyway? And what can you do about them? Do your well-meaning friends send you a myriad of virus warnings?
*** How do viruses use email to attack my computer?
There are two main methods. The first method is by attaching the virus “installation” program to the email as an attachment, even as an attachment disguised as something else.
The second method is by spawning an “Active-X” procedure, which, in some cases, could allow the virus to take control of your computer and read or write files. Set your email preferences to “disable Active-X controls”, or to “ask first”. This will all but eliminate the Active-X threat.
Regardless of the method used, some viruses, after infecting a system, have the abilities not only to cripple or tamper with your system, but to generate emails on their own. They will then email themselves to some or all of the email addresses in the address book found on the infected system. Some even will search the local hard drives in the infected system to look for email addresses in addition to the ones in the address book.
If the virus simply sent emails, it could possibly cripple email servers and fill mailboxes, and would be a nuisance. However, most of them will attach themselves to the email so that when the recipient opens the attachment, it will run and infect the recipient’s computer. From there, it will start sending itself to the emails in that recipient’s address book; and of course will snowball from there.
*** How does the Route24.net’s Email server help protect Route24.net email accounts?
Route24.net’s Email server is protected by anti-virus software. This software is kept current--both the program itself, and the virus definitions. This software continually monitors new virus definitions as they are discovered and updates itself to protect against these new viruses.
All incoming and outgoing emails and attachments are scanned for viruses. If a virus is found in the attachment, the virus is removed from the email.
The emails you receive that have had a virus removed come with an attachment named 'DELETED0.TXT' (or with any number where the 0 is). This means a virus-contaminated email was sent to you, and our mail server has already stripped the virus off the email for you. This email is safe for you to open and read. Even the attachment is just a text file, with the text in it just indicating that a virus has been removed.
*** So, what emails can I open?
DO NOT open emails or email attachments that are from someone you don’t know. Just delete them immediately. If they appear to be from someone you know, and you weren’t expecting the attachment, you would be safest to contact the sender and ask them what they sent. NEVER open ANY email attachment if you are not running an anti-virus program that is kept current and that automatically scans ALL email attachments.
Of course, you may receive emails for business and personal that may be a new client or a long-lost cousin. In these cases, reading the “From:” and the “Subject:” could be enough to reassure you that the email is probably a bona fide, non-malicious email. If you have your email client’s ability to run Active-X components turned off and if you have an up-to-date anti-virus program running, it is probably safe for you to open the email and read the text. Any attachments should not be opened, though, until you are completely sure it is safe using the guidelines in the preceding paragraph.
*** What about all these virus warnings my friends send me in email?
For the most part, you should COMPLETELY IGNORE, and IMMEDIATELY DELETE any emails that talk about warnings, security patches, viruses, etc. Please do not forward them on to everyone in your address book. Usually they either (1) contain a virus themselves (which our mail server will have stripped off); or (2) are a fake warning about a virus that doesn't exist, just designed to scare you, or, in some cases, suggest that you delete a file from your system, which you should NOT do. So far, in the ones we’ve seen that actually tell you to delete a file off your system, it has usually been one of the non-essential Windows operating system files. However, nothing is stopping people from instructing others to delete a crucial file from their Windows system in the future, so please research before you delete any file off your computer.
Almost 100% of the emails passed around that are similar to these characteristics are hoaxes.
If you feel there may be some merit to one of these emails and you really feel you should pay attention to it, please research it first. To do this, go to Symantec’s website (or another anti-virus software company’s website) and find a write-up on it. If there is a “warning” or a real virus in circulation, it will most likely have a write-up on Symantec’s website.
Steps to research a virus warning’s credibility on Symantec’s website:
1. Go to http://www.Symantec.com
2. Click on the “Security Response” button beneath the heading, about halfway across the screen.
3. Click on the “Search” button on the left-hand side of the screen.
4. Enter one or two key terms from the email you received (I.e. “worm”, “teddy bear”, “I love you”, etc.) and click on the “Search” button.
5. A list of possible write-ups will be summarized on the screen. Pick the one that seems closest to what you are looking for. Click on it and it will bring up a full-page write-up.
6. If it doesn’t seem to be referencing the email you’ve received, use your browser’s back button and try the next article in the search results list – there are several variations on many of these virus hoaxes.
7. Most of the time you will find in the write-up the text (very closely worded, if not exact!) of your “warning” email, and it will be a hoax.
If you find that you have a real virus warning, or that the email you just received may have been carrying a virus (this can happen, especially with some mail servers other than Route24’s), there will usually be instructions from Symantec (or whoever’s website you looked it up on) for you to follow in avoiding or getting rid of the virus. Please follow these instructions carefully. Please do not follow instructions that arrive in an email for removing viruses unless you know the source and have good reason to trust them.
*** Can I configure Outlook Express to be safe, yet usable?
First, you may want to configure Outlook Express to prohibit running Active-X controls – or at least to ask you before running them. To do this, from Outlook Express, click on “Tools”, then on “Options”, then click on the “Security” tab. Under the section labeled “Virus Protection”, find the option “Select the Internet security zone to use” and select (darken) the “Restricted Sites Zone” button.
To completely prohibit Active-X controls, you will also need to go into the “Tools”, “Internet Options” of Internet Explorer (or go to “Start”, “Settings”, “Control Panel”, “Internet Options”), click on the “Security” tab, click on the “Restricted Sites” icon to highlight it, then click on the “Custom Level” button. In the “Security Settings” window, go through each option for running ActiveX components and disable them (or use “Prompt” instead of “Disable” if there are some you will need to run and you feel comfortable knowing which are safe).
Another Outlook Express security setting you could use is to automatically prohibit you from running or viewing any attachment that could contain a virus. The key word here is “could” – this means that Outlook Express will not allow you to access any attachment that could contain a virus; whether or not it actually HAS a virus. The problem with this option is that you will then not be able to open most of your attachments – even the safe ones.
To get to this setting from Outlook Express, click “Tools”, click “Options”, then click on the “Security” tab. Look about in the middle of the screen and there is a checkbox labeled “Do not allow attachments to be saved or opened that could potentially be a virus”.
For safe opening of attachments, it is recommended that you leave the checkbox empty and simply follow the guidelines already outlined in this article for determining whether an attachment is safe to open.
***Email Virus Summary***
- Viruses can attack your system through your email.
- Viruses can email themselves to the email addresses stored on your computer.
- Never open email attachments unless you know who sent it, what it is, and that it is safe.
- Route24’s mail server will scan all incoming and outgoing emails for viruses, and remove them.
- Research e-mailed virus warnings by visiting www.Symantec.com, www.McAfee.com or other well-known anti-virus or system security software publisher before following any instructions in an email*. Or just delete the warning emails – most are hoaxes.
- Set your email security settings to prohibit Active-X components so they cannot be automatically run.
- Install an anti-virus software program and keep it updated! Weekly. Or even more often if you can! Most anti-virus software programs have built-in functions to keep themselves updated, either automatically or when you choose an update option.
- Set your anti-virus software to automatically scan all incoming and outgoing emails, and to perform a complete system scan weekly.
[Copyrights: Symantec’s Norton Anti-virus, www.Symantec.com, www.McAfee.com, Microsoft Outlook Express and Internet Explorer are used in the article from time to time and are copyrighted by their respective copyright holders. Also, although we will use these as our examples, there are other software programs and websites out there that provide equivalent functionality. ]
Back to Column Listing
|Disclaimer: The information on this page is provided to you 'as is', with every intention of being helpful to you, but with no warranty of any kind. If you find an error, please report it to our Web Development department. The Internet and its related technologies (for example, email client software programs) change rapidly, and to make every effort to keep this page current, we welcome your suggestions.
Copyright © 2002-2004 Route24 Computers, Inc. All Rights Reserved.