hosting account domain registration databases sitebuilder file transfer web email network status support
Support Center » Knowledgebase » Email Security - Viruses
 Email Security - Viruses
Solution When we first start out on the 'net, our email inboxes tend to be fairly easy to manage. Then, especially as we progress to establishing our own online presence, the volume of mail increases greatly, some from visitors and clients, much of it spam - and some of it viruses.

Different kinds of viruses

There's a lot of confusion as to the different kinds of viruses and infections that can occur. "Normal" viruses are small executable programs that piggy back on other legitimate programs or documents. A simple virus scan before setting up software or opening documents that have been introduced onto your system is all that is necessary to keep from being infected.

A trojan virus is a small program that opens up your computer to people scanning for compromised systems - passwords, files - everything. Once your computer is infected; other people can even take control of your computer's behaviour - including your mouse, screen, cd-rom and any software you have installed.

Most modern anti-virus scanners will intercept these. Trojan viruses usually masquerade as other programs when you receive them on disk or as an email attachment. They may be touted as being a security patch or a screensaver. When executing them, nothing seems to happen - but the trojan has been installed on your system - and it's usually hidden.

Email viruses

Viruses attached to email messages are usually easy to pick through subject line or body text language, plus the attachment will have an executable extension such as .pif, .scr. .exe, .bat .vbs etc. Again, by scanning these attachments, you can prevent infection. Some virus writers try to trick people into opening the attachment by making the file name look like a harmless file at first glance. The use of a double tail extension soon reveals the true nature of the attachment; e.g. file.jpg.scr.

"True" Email viruses are actually embedded in the email contents. You can be infected by just reading the email or having the contents of the email display in your email readers' preview window. There may be no visible attachment. These viruses are often known as worms and can also infect web pages and other documents. The Nimda virus of September 2001 spread itself via a number of ways:

  • By email

  • Via open network shares

  • Infection of Microsoft IIS web servers


The Nimda virus caused massive damage around the world and spread very quickly.

Modern email viruses are particularly nasty in their forms of deception. Many viruses, once activated, will scan the hard drive for email addresses and names - then send itself out under those names/addresses.

If you own a web site where you have regular communications with your visitors, the chances are at some stage you will receive email viruses that appear to be from yourself. These may be the result of a virus infection on another system. You may also receive email from irate subscribers stating that you have sent them an email virus. It's important to clarify the situation when these complaints arise and demonstrate to the complainant the steps you take to ensure that you don't send out viruses.

Anti-virus software - first line of defense?

You may be asking - "Won't my anti-virus software intercept worms?" Yes, it will if it's up to date. Many people install anti-virus software, but forget to update the data file. The software is only as effective as the latest data file that contains updated virus signatures. Downloading an update *after* you're infected may not work. Many viruses also compromise anti-virus software that hasn't been updated, rendering further updates useless. You'll need to find out from the vendor of your software the next steps should this situation occur.

The other point to bear in mind is that your anti-virus software should be seen as the last line of defense, not the first. The first line of defense is you.

In the case of email worm viruses, the best first line of defense you can implement is to turn off the preview window in your email reader. The following are some instructions on disabling the preview window.

Outlook Express

  • Select View on the menu bar.

  • Select Layout from the drop-down menu

  • Uncheck the Box Show Preview Pane.


Microsoft Outlook

  • Select View on the menu bar.

  • Click Preview Pane on the drop-down menu

  • Note: You'll need to do this with each folder.


For Netscape users, please consult your Help file for instructions.

You can also set your Internet Options to disable JavaScript and ActiveX, but as these are shared with your browser settings (Internet Explorer), this may affect your general surfing. Legitimate JavaScript is used on many web sites.

Deleting suspect emails

If you are using Outlook and Outlook Express, remember that deleting a message sends them first to the Recycle Bin. Leaving a virus in the Recycle Bin is rather risky. To be totally rid of the message, use the Shift + Delete option.

Free virus scanners

Virus scanning software can be very expensive. Thankfully there's a reliable freeware option - AVG Antivirus. You can learn more about AVG here:

http://www.grisoft.com

When you receive a virus...

When you receive a virus via email, the temptation is to contact the person via email to let them know that their system is infected - don't. Here's why:

a) That person may not be the one sending the virus, remember that many viruses forge email addresses
b) If you do manage to email the right person, because their system is infected , you'll only be emailed more viruses.

At times you may get hundreds of email viruses originating from the "same person". This can cripple your communications systems. The only way to stop the flow may be to contact the originating ISP and get them to investigate. To determine the originating ISP, you'll need to view the header of the email. This must be done very carefully to in order not to accidentally open up the email and risk infection.

How do I view an email header?

In Microsoft Outlook, simply right mouse button click over the e mail and select "Options". In Microsoft Outlook Express, highlight the email and then select "Properties" from the File menu. Then click the "Details" tab, then "Message source". For more recent versions of Netscape, click on the "View" menu, then "Page Source". Further information on translating header information can be found in this tutorial.

Viruses are an unfortunate, but normal part of online life. While we can't stop them flooding into our accounts, we can be responsible in taking steps to ensure we never send them.

Article Details
Article ID: 41
Created On: 22 Jan 2008 02:21 AM

 Back
 Login [Lost Password] 
Email:
Password:
Remember Me:
 
 Search
 Article Options
 Print Article
 PDF Version
 Email Article
 Add to Favorites