How
Can We Stop E-mail Viruses?
By
Henry Wong
|
In
the early days, as long as computer viruses were transferred
by floppy disks, they spread slowly. However, e-mail
has changed all that. Now you can exchange files much
more quickly and infecting your PC is as easy as clicking
on an icon - or easier. E-mail has become the biggest
source of viruses. It is because nowadays many viruses
can spread themselves automatically by sending virus-contained
e-mail to every address in the address book on the
infected computer. Latest viruses even pick up e-mail
addresses from the victim's hard disk and insert them
in the sender field of the infected e-mail, and it
is therefore difficult to trace the origin of the
sender.
Although
computer viruses spread everywhere, we could minimize
the chance of being infected by taking sufficient
preventive measures. The following provides some guidelines
on preventing your computers from being infected by
viruses spreading through e-mail:
-
Install
Anti-virus software
-
Always
run updated anti-virus software to protect all
your computers (including your office, home,
and mobile computers).
- Enable
the "scan email" or "internet
download scan" function.
- The
anti-virus software must be updated regularly to ensure
that it can detect all the viruses.
- If
a file is found to contain virus, you should delete
it immediately.
- Apply
updates/patches on your Windows O/S and Internet software
-
You
should perform Windows Update as frequently
as possible in order to obtain and install the
latest security patches from Microsoft. You
may need to restart your computer to
make the updates effective.
-
Make
sure that you are using the most up-to-date
Internet software (e.g. Internet Explorer, e-mail
clients). More recent versions of the software
often offer enhanced security protection.
-
- Be
careful on e-mail attachments
-
Never
open any attachment (even if it comes from a
trustworthy source) included with e-mail unless
it had gone through an anti-virus tool scan
first.
-
Never
open e-mail attachments from unknown sources
even though the attachments have been scanned
by the anti-virus software. It is because the
anti-virus software is most effective on known
virus and less and even ineffective on unknown
ones.
-
Take
care of attached office documents (e.g. files
of MS Word, MS Excel) that contain macros. Disable
macro execution in your MS Office software by
default.
- Disable
scripts (e.g. JavaScript and ActiveX) on your e-mail clients
Nowadays many computer viruses come with e-mail containing
scripts (computer program codes) which, if activated,
will infect your machine as well as using your address
book to propagate the virus itself. In order to prevent
your computer from getting infected by computer virus
via e-mail, you should tighten the security configuration
of your e-mail software (e.g. Outlook Express) to prohibit
scripts from running within e-mail.
- For
example:
- Do
not send e-mail with scripts (e.g. ActiveX)
-
Think twice before following the instructions
of a suspicious e-mail
Sometimes you may receive an e-mail saying that:
"...
your machine has been infected ... you must delete
file xxx from your hard disk"
"... Your e-mail account has been temporarily
disabled because of
unauthorized access. Our main mailing server will
be temporarily
unavailable for next two days, to continue receiving
mail in these
days you have to configure our free auto-forwarding
service ...
For more information see the attached file.
For security reasons the attached file is password
protected. The
password is ..."
Please
think before following any actions recommended by
the e-mail. For example you can:
-
Check
if the e-mail is a "hoax" (a Virus Hoax
is an untrue virus-related warning/alert started
by malicious individuals.) or "virus"
against the virus lists published at http://www.hkcert.org/valert/
-
Double
check with the claimed-sender. For example, if
it said it is from Microsoft, you should check
with www.microsoft.com
-
-
Do
not panic when received a message claiming that you
have sent a virus-infected e-mail
You
may have experience in receiving an undeliverable e-mail
notification or virus alert message from an e-mail server
(e.g. Mailer-Daemon) saying that your e-mail sent to someone
was rejected because it contains a virus or an
unsafe file. However, you have never sent such
an e-mail!
This
kind of e-mail is in fact related to the spreading of
the massing-mailing viruses/worms. The virus-infected
e-mail was actually sent by the virus itself from
an infected computer automatically, and the sender address
was faked by the virus. If your e-mail address was found
in the infected computer, it could be picked up by the
virus to fake the sender address. As a standard
procedure, when a mail server detects an e-mail with a
virus or unsafe file, it will reject the mail and send
an undeliverable notification to the "sender",
which could be your e-mail address. That is why you received
an undeliverable notification for an email that you have
never sent
When
you receive such an e-mail undeliverable notification
or virus alert, you can:
-
If you are sure that your computer has
not been infected by any virus, you may
simply discard the message.
-
If
the notification e-mail shows the full mail header
of the virus-infected e-mail, you can trace the
mail header to find out the source machine of
the concerned e-mail. Please visit the E-mail
FAQ page at http://email.cityu.edu.hk/faq/undeliverable.htm
for more detailed information.
Finally,
if you are unsure, your can always seek advice from the
CSC Help Desk.
|