Maryland Bar Bulletin
Publications : Bar Bulletin : March 2006

Previous | Next

 TECHNOLOGY TALK:

BY JOHN ANDERSON  

Protecting Your Inbox

E-mail viruses are a fact of life. We do our best to try to protect ourselves from incoming attacks (and prevent ourselves from contributing to the spread of these messages if our systems are infected) by installing anti-virus programs and firewalls. Some of us take some more creative and extreme measures to protect our computers from the dark side of e-mail messaging.

Beware Attachments
For most of us, e-mail is a convenient and easy method of keeping in touch with friends, family, colleagues and clients. Sure, we get spam and do our best to try to keep it from our inbox, but, while spam is an annoying nuisance, it is also closely related to its evil twin: the virus message. Messages containing viruses often masquerade as spam (or a cute message sent from someone we know) and almost always have a very eye-catching subject line.

Some messages that I know are spam seem so outrageous that I am often tempted to open it just to see what exactly spammers are expecting us to buy. Our curiosity sometimes gets the best of us, but it's important to remember that these messages, no matter how harmless they seem, are gateways to virus attacks. Viruses rely on our curiosity and our thinking of security after our initial interest. A short and catchy subject line is bound to trick at least one careless recipient into clicking an attached file that swipes the user's address book, which is then used to perpetuate the e-mail onslaught. And along the way, damage is often done to files on each victim's system. Most of us remember the "I Love You" virus which used each victim's own address book to send out fresh copies to other unsuspecting users. This falsification process, called spoofing, is a key strategy that viruses use. Triggered by a single e-mail recipient, an attack can spread quickly.

Most often, attacks require a recipient to activate a program attached to the message. Because of the.exe or other program file extensions, it didn't take long for us to become suspicious of these attachments. But new viruses have grown a little more clever; they soon switched to Visual Basic scripts, a file type and filename extension with which most users aren't familiar.

Attacks without Attachments
We like sending and receiving fancy e-mails, and I just don't just mean the ones with pretty backgrounds and little animated smiles. I'm talking about the less-glamorous fancy messages with bold and italicized text in the font of our choice. Most of us wouldn't consider these basic text tools as fancy, but they do rely on using an HTML-based mail message. These HTML messages can have hidden scripts, images or false links that can also infect your computer.

To ward off any possibility of these messages from infecting your system, put your MS Outlook program on a plain-text diet. In Outlook 2003, choose Tools, Options, select the Preferences tab, click E-mail Options, select Read all standard mail in plain text, and click OK twice. If you have a different flavor of Outlook or other e-mail software, pressing "F1" will connect you with the help you need to track down this setting which should be available in most e-mail programs.

Defend Against Attacks
The first level of defense against e-mail viruses is not your anti-virus software or firewall, but rather your own better judgment. Delete any e-mails that look suspicious, not just the ones with attachments. This includes messages from unfamiliar senders, messages with odd subject lines, messages with embedded links, and all mail attachments.

The next level of protection is antivirus technology that can detect viruses before they can do damage. There are several products that recognize and respond to both suspect code and suspicious activity. The most popular are Symantec Norton AntiVirus and McAfee VirusScan.

Of course, antivirus software works only when it is kept up-to-date – no small task, since new viruses spring up by the dozens every day. Ensuring that every PC in a company has current antivirus protection is a time-consuming process, but enterprise-level antivirus products can ease the burden because the software is centrally-managed.

Some personal firewalls, such as Zone Labs ZoneAlarm, monitor Internet traffic for dangerous attachments. Symantec Security Check is an online security assessment product that checks individual desktops for the presence of active antivirus utilities.

Ample Antidotes
There are some other solutions that some people have put into practice to help protect themselves. Some are a little more creative – and effective – than others.

One solution that I hear of every now and then might have been effective against older viruses but should probably not be considered an effective solution to protecting your address book. The method asks you to create a contact in your e-mail address book with the name !0000 with no e-mail address in the details. This contact is the first contact in your address book and if a virus attempts to send a message to everyone in your contact list, your PC will generate an error message and stop processing the request. Since this relies on all programs to operate in a similar fashion (i.e., stopping the process because of the error), this method should be considered unreliable.

The next method suggests not using the integrated address book at all. In this case, if you are infected you will not send out any messages to your contacts. The address book is such a useful tool with a lot of features that giving it up cold turkey might be difficult for a lot of us. This would certainly be effective, but it would only affect the spread of viruses significantly if the majority of users adopted this practice. Often, the only clue we have that our systems are infected are the reports from our contacts that odd e-mails were received from our account. Also, while this would eliminate the majority of address book attacks, some viruses will peruse recently-opened messages to find new and interesting people to send messages to.

E-mail viruses can be controlled and your address book protected. Up-to-date virus software, firewall programs and vigilance are the best solutions.

Previous previous

next Next

Publications : Bar Bulletin: March 2006

Back to top