WyzGuys Computer Tutors

 Computer Instruction. Web Design Instruction,  and Web Hosting 

 

E-Mail and Attachments

 

Site Navigation

Security Home
Registration
Security Resources
The Security Problem
Security Issues
The Control Panel
Computer Security
Network Security
System Restore
Repair Your System
911 Online
E-Mail Security
Spam
Phishing
Phishing Examples
Phishing Web Sites
419 Fraud
Parental Controls
Appendix
Conclusions
Course Evaluation

More Info

Glossary
Internet
E-Mail Attachments
Passwords
Firewalls
NAT
Ports
Broadband
WiFi Networks

How do worms and other viruses spread?

Virtually all viruses and many worms cannot spread unless you open or run an infected program.

Many of the most dangerous viruses were primarily spread through e-mail attachments - the files that are sent along with an e-mail message. You can usually tell if your e-mail includes an attachment because you'll see a paperclip icon that represents the attachment and includes its name. Photos, letters written in Microsoft Word, and even Excel spreadsheets are just some of the file types you might receive through e-mail each day.   See the example below.  The virus is launched when you open the file attachment (usually by double-clicking the attachment icon).

Tip

Tip:  Never open anything that is attached to an e-mail message unless you were expecting the attachment and you know the exact contents of that file.

If you receive an e-mail message with an attachment from someone you don't know, you should delete it immediately. Unfortunately, you're no longer safe opening attachments from people you do know. Viruses and worms have the ability to steal the information out of e-mail programs and send themselves to everyone listed in your address book. So, if you get e-mail from someone with a message you don't understand or a file you weren't expecting, always contact the person and confirm the contents of the attachment before you open it.

Other viruses can spread through programs you download from the Internet or from virus-ridden computer disks that you borrow from friends or even buy in a store. These are less common ways to contract a computer virus. Most people get viruses from opening and running unknown e-mail attachments.

E-mails with executable links

Another type of e-mail to be aware of is the fraudulent e-mail with a link to an executable file on a web site.  Look at the example to the right.  The first thing to notice is the web site is in Romania (http://post-card.go.ro).  The next thing to notice is the use of the double file extension.  The file name postcard.gif would indicate a picture file, but the name  potcard.gif.exe says this is a program. The last file extension is .exe, and the last file extension wins.

The web site www.yourpostcard.com does not even exist, and the domain name is being held by a cybersquatter who is trying to sell it for $7000.

My ISP identified this correctly as ***Spam***, which accounts for the subject line.  Also notice the misspelling of "Hy there!"

If you click here to get your animated postcard, you will actually be installing some kind of malicious software program, probably a Trojan horse.  You most certainly will get animated by the money you will spend to clean this infection out of your computer.

What can I do if I get a suspicious file by email?

(Courtesy of PC Magazine www.pcmag.com)

Any time you set an e-mail attachment that ends in an executable file extension, i.e. .exe, .com, .pif, .bat, or any of the other file extensions shown on the next page, you should be on your guard.  If you did not specifically request the file attachment, even if it is form someone you know, it may be a virus or other malicious code.   The question is how to be certain?

VirusTotal is the place to go when you encounter a suspicious program and want to see whether it's malicious. Upload the program via their web site to VirusTotal's servers and they will scan it with a large collection of 17 anti-virus scanners.

AntiVir 6.30.0.7

AVG 718

BitDefender 7.0

ClamAV devel-20050307

DrWeb 4.32b

eTrust-Iris 7.1.194.0

eTrust-Vet 11.7.0.0

Fortinet 2.51

F-Prot 3.16a

Ikarus 2.32

Kaspersky 4.0.2.24

McAfee 4451

NOD32v2 1.1030

Norman 5.70.10

Panda 8.02.00

Sybari 7.5.1314

Symantec 8.0

 

You can also attach a file to an e-mail message and send it to scan@virustotal.com with the word SCAN as the subject line. You will receive an e-mail report of the scan.

Virustotal offers a free service for scanning suspicious files using several antivirus engines.
Use the upper textbox to select and send any suspicious file to Virustotal for a scan. If you wish, you can also send files using your email client. In that case, please follow these steps:

  • Create a new message with scan@virustotal.com as destination address of your email.

  • Write SCAN in the Subject field (write SCAN- if you do not want to distribute your sample to any AV company).

  • Attach the file to be scanned. Such file must not exceed 10 MB in size. If the attached file is larger, the system will reject it automatically.

  • You will receive an email with a report of the file analysis. Response time will vary depending on the load of the system at the time of placing your request.

How can I tell if I have a worm or other virus?

Fortunately, most anti-virus programs do an excellent job of detecting and quarantining viruses that arrive in an e-mail.  Since new viruses are being written daily, it is paramount that you keep your virus definition files up to date, by running your updater automatically or manually every day.  Unless you have up-to-date antivirus software installed on your computer, there is no sure way to know if you have a virus or not. If you don't have current antivirus software or if you're interested in installing ZoneAlarm Internet Security, visit our Software Store.

When you open and run an infected program, you might not know you've contracted a virus. Your computer may slow down, stop responding, or crash and restart every few minutes. Sometimes a virus will attack the files you need to start up a computer. In this case, you might press the power button and find yourself staring at a blank screen.

All of these symptoms are common signs that your computer has a virus—although they could also be caused by hardware or software problems that have nothing to do with having a virus.

Beware of messages warning you that you sent e-mail that contained a virus. This may mean that the virus has listed your e-mail address as the sender of tainted e-mail. This does not necessarily mean you have a virus. Some viruses have the ability to forge e-mail addresses.

Back More on this topic Next

 

Curriculum developed by WyzGuys Computer Tutors

All Rights Reserved - updated 12/07/2006

Hosted by WyzHost.com

contact support@wyzhost.com