Support

Viruses

Operating System: All

Tips: How can I protect myself against email viruses? How do I keep my computer virus free?

View Printable Version

Trust no one

You used to be able to protect yourself from an email virus if you only opened attachments sent from someone you knew. Those days are long gone.

Viruses today almost always include a program that searches for email addresses stored on the infected computer, such as in the Outlook address book, Instant Messenger buddy list, and even email addresses referenced in files on the hard drive. Once the virus has built itself an email address list, it sends itself to those addresses without the unsuspecting victim even knowing it is happening.

So, today it is more likely that you will receive an email virus from someone you know, rather than someone you don't know.

Recognize hooks

One thing that determines how quickly a virus will spread is the "hook", which is something about the email that makes the recipient want to read it and then open the associated attachment.

A good example of a virus with an effective hook, as proven by how rapidly it spread, is the Love Letter worm from a few years ago. The subject of the email was "I Love You," and the message referred the reader to an attachment that was supposedly a love letter, but was actually a virus.

Another example of an effective hook was the Anna Kournikova virus, which was designed to make the recipient think it was a picture of the popular tennis star. Not surprisingly, it was mostly men that fell for this one.

Because these emails have an intriguing subject, and they come from someone we know, we are more likely to let our guard down and open the attached file.

Watch attachments

Look for these extensions on file attachments: .exe, .vbs, .bat, .pif, .scr, and .com. Any file with one of these extensions is an executable file, meaning that when you open the file, a script or program will execute. Unless you can verify that an attachment was purposefully sent by someone you know, delete the message. Do not open it. Even with a trustworthy source, scan the file for viruses before opening it.

Virus writers realized that we were getting wise to the file extensions commonly used for viruses, so they started hiding the extensions. For example, the Anna Kournikova virus mentioned earlier was actually a file named "AnnaKournikova.jpg.vbs". If you look quickly, you might miss the .vbs and think that the file was a .jpg, which is a harmless picture file. Worse yet, there is a default setting in Windows that hides the file extensions of many common file types. So, if Windows is set to hide common file extensions (like .vbs, .exe, etc.) you would only see the AnnaKournikova.jpg portion of the file name. You should make sure that Windows is not configured to hide known extensions. Instructions for updating your settings follow:

For Windows 95, 98 and Windows NT 4.0:

Click the Windows Start menu.
Select Settings, Control Panel to open the control panel.
From the View menu, select Options.
Click the View tab.
Uncheck Hide files of these types and Hide file extensions for known file types.
Select Show all files.
Click OK.

For Windows 2000:

Click the Windows Start menu.
Select Settings, Control Panel to open the control panel.
From the Tools menu, select Folder options. Click the View tab.
Select Show hidden files and folders, which is under Hidden files and folders.
Uncheck Hide file extensions for known file types.
Uncheck Hide protected operating system files.
Click Yes to confirm.
Click OK.

Keep up with new virus tricks

Some viruses are written in the old DOS Command language, which has a file extension of .com. For example, the "My Party" virus was attached to an email that invited you to go to a Web page that promised "absolutely amazing" photos of a party. People fell for this one because they thought they were simply clicking on a Web link to go to a friend's Web site. In actuality, they were launching a virus by opening an executable file with the name www.myparty.yahoo.com. The virus writer named the file so that it looked like a Web site address in order to trick more readers. We will probably see more viruses that use this tactic in the future.

Okay, so you now know all of these sneaky tricks, and you will be more careful about opening attachments. However, Internet Explorer users have yet another problem. Virus writers discovered a vulnerability in Internet Explorer that in certain cases will cause an attached file to execute when you preview the message. You get the virus without even opening the attachment! Microsoft provides a patch to fix this vulnerability, which affects Internet Explorer 5.01 and 5.5. If you are running either of these versions of IE, you should install the patch immediately. For more information on this vulnerability and a link to download the patch, see the Microsoft web site.

Protect yourself

The best and last line of defense is to have up-to-date virus protection software. These programs are designed to identify viruses before you execute them. There are many products available, but whichever you choose, make sure that you get regular updates. Most programs allow you to automatically download updated virus definitions, which you should do at least once a week and whenever you hear about a new virus.

For a list of anti-virus vendors, check out www.cert.org.

Back up often

It is a good idea to back up your data regularly so you can restore valuable files in case of a virus attack.

Menu

Support Search

| Clear Search