| TECHNOLOGY
TALK: |
BY
JOHN ANDERSON
|
|
Protecting Your Inbox
By John Anderson
E-mail viruses are a fact of life. We do our best to try to protect ourselves
from incoming attacks (and prevent ourselves from contributing to the spread
of these messages if our systems are infected) by installing anti-virus programs
and firewalls. Some of us take some more creative and extreme measures to protect
our computers from the dark side of e-mail messaging.
Beware Attachments
For most of us, e-mail is a convenient and easy method of keeping in touch
with friends, family, colleagues and clients. Sure, we get spam and do our
best to try to keep it from our inbox, but, while spam is an annoying nuisance,
it is also closely related to its evil twin: the virus message. Messages containing
viruses often masquerade as spam (or a cute message sent from someone we know)
and almost always have a very eye-catching subject line.
Some messages that I know are spam seem so outrageous that I am often tempted
to open it just to see what exactly spammers are expecting us to buy. Our curiosity
sometimes gets the best of us, but it's important to remember that these messages,
no matter how harmless they seem, are gateways to virus attacks. Viruses rely
on our curiosity and our thinking of security after our initial interest. A
short and catchy subject line is bound to trick at least one careless recipient
into clicking an attached file that swipes the user's address book, which is
then used to perpetuate the e-mail onslaught. And along the way, damage is
often done to files on each victim's system. Most of us remember the "I Love
You" virus which used each victim's own address book to send out fresh copies
to other unsuspecting users. This falsification process, called spoofing, is
a key strategy that viruses use. Triggered by a single e-mail recipient, an
attack can spread quickly.
Most often, attacks require a recipient to activate a program attached to
the message. Because of the.exe or other program file extensions, it didn't
take long for us to become suspicious of these attachments. But new viruses
have grown a little more clever; they soon switched to Visual Basic scripts,
a file type and filename extension with which most users aren't familiar.
Attacks without Attachments
We like sending and receiving fancy e-mails, and I just don't just mean
the ones with pretty backgrounds and little animated smiles. I'm talking about
the less-glamorous fancy messages with bold and italicized text in the font
of our choice. Most of us wouldn't consider these basic text tools as fancy,
but they do rely on using an HTML-based mail message. These HTML messages can
have hidden scripts, images or false links that can also infect your computer.
To ward off any possibility of these messages from infecting your system,
put your MS Outlook program on a plain-text diet. In Outlook 2003, choose Tools,
Options, select the Preferences tab, click E-mail Options,
select Read all standard mail in plain text, and click OK twice.
If you have a different flavor of Outlook or other e-mail software, pressing "F1" will
connect you with the help you need to track down this setting which should
be available in most e-mail programs.
Defend Against Attacks
The first level of defense against e-mail viruses is not your anti-virus
software or firewall, but rather your own better judgment. Delete any e-mails
that look suspicious, not just the ones with attachments. This includes messages
from unfamiliar senders, messages with odd subject lines, messages with embedded
links, and all mail attachments.
The next level of protection is antivirus technology that can detect viruses
before they can do damage. There are several products that recognize and respond
to both suspect code and suspicious activity. The most popular are Symantec
Norton AntiVirus and McAfee VirusScan.
Of course, antivirus software works only when it is kept up-to-date
– no small task, since new viruses spring up by the dozens every day.
Ensuring that every PC in a company has current antivirus protection is a time-consuming
process, but enterprise-level antivirus products can ease the burden because
the software is centrally-managed.
Some personal firewalls, such as Zone Labs ZoneAlarm, monitor Internet traffic
for dangerous attachments. Symantec Security Check is an online security assessment
product that checks individual desktops for the presence of active antivirus
utilities.
Ample Antidotes
There are some other solutions that some people have put into practice
to help protect themselves. Some are a little more creative –
and effective – than others.
One solution that I hear of every now and then might have been effective
against older viruses but should probably not be considered an effective solution
to protecting your address book. The method asks you to create a contact in
your e-mail address book with the name !0000 with no e-mail address in the
details. This contact is the first contact in your address book and if a virus
attempts to send a message to everyone in your contact list, your PC will generate
an error message and stop processing the request. Since this relies on all
programs to operate in a similar fashion (i.e., stopping the process
because of the error), this method should be considered unreliable.
The next method suggests not using the integrated address book at all. In
this case, if you are infected you will not send out any messages to your contacts.
The address book is such a useful tool with a lot of features that giving it
up cold turkey might be difficult for a lot of us. This would certainly be
effective, but it would only affect the spread of viruses significantly if
the majority of users adopted this practice. Often, the only clue we have that
our systems are infected are the reports from our contacts that odd e-mails
were received from our account. Also, while this would eliminate the majority
of address book attacks, some viruses will peruse recently-opened messages
to find new and interesting people to send messages to.
E-mail viruses can be controlled and your address book protected. Up-to-date
virus software, firewall programs and vigilance are the best solutions.
