E-mail
Viruses
Introduction
There are many hoax warnings that go round the Internet, clogging up mail
servers and other networks, because some people like to make dumb jokes.
Innocent people then forward these "warnings" in good faith, causing others to
do the same. The information given here is designed to dispel some of the fears
created by these messages. Please read the disclaimer.
1.
Don't go to a Certain Page/Site
These warnings tend to have the following message:
"Beware! if someone named
asks you to check out his page. DO NOT! IT is at
http://www.something.com/somewhere/" (or similar).
I don't really know why people write this kind of thing but. it's complete
rubbish. Web pages (as in normal HTML code), cannot hurt your computer in any
way. However, web pages can contain components such as JAVA applets and ActiveX
controls. Both of these technologies are quite capable of destroying your hard
disk, but fortunately, not without you authorizing them to. Any of these
controls will have to be what is known as signed by the author, i.e. the author
will have to have paid a company such as Verisign to check up on his identity.
That way you can know that the author is who he says he is. Browsers such as
Internet Explorer (if they are on their default security setting), will not
even run unsigned controls. You can set the security options to ask you whether
you want to run the controls. My advice is that unless you know what you're
doing, don't bother, as you won't need to. The golden rule is not to run any
unsigned content. The other golden rule is to never allow a control to access
any of the privileged properties of your computer. Privileged properties are
things like reading and writing files on your hard disk, running executable
files on your computer, and so on. A control must be signed to even ask for
these privileges. When asked, unless you really trust the company whose control
it is, don't grant the privilege. This applies to both JAVA applets and ActiveX
controls. Another technology that can potentially cause problems is JavaScript.
This is by no means as powerful as JAVA or ActiveX, but is more widely used for
things like simple animations in web pages. Without privileges, it cannot
damages your computer in any way: the worst it can do is make hundreds of
windows appear, which will eventually crash your computer. Simply restart
(reboot), and you'll be fine. These are annoying things, known as JavaScript
bombs. They can also be placed in e-mails, but only advanced e-mail programmes
can read them anyway (e.g. Outlook Express, Netscape Messenger), and you can
easily turn off JavaScript from executing in e-mails from the security options
within the programme. Even if you don't, the worst that can happen is that you
have to restart. To get rid of such an e-mail, just delete it. It will not
damage your computer.
In conclusion then, a web page cannot hurt your computer without it having
signed controls, and only then if you authorize it to have privileged access
(so don't!).
2.
E-mails with Certain Subject Lines
These tend to have the following format:
" If you get an e-mail titled: "Win a Holiday" DO NOT open it. Delete it
immediately. Microsoft just announced yesterday. It is a malicious virus that
WILL ERASE YOUR HARD DRIVE. At this time there is no remedy. Forward this to
everyone IMMEDIATELY!!"
(The favourite ones are "Win a Holiday" and "Penpals", but there are others).
One thing to be noted right away is that Microsoft never issues warnings like
this. The only thing that they might issue a warning about would be if someone
was sending out an e-mail that claimed to be from Microsoft, which is extremely
rare. Secondly, anything saying that it will "Erase your hard drive" tends to
be fake. Why? Because that's the standard thing that goes into all hoaxes.
Likewise, "it will attach itself to all the chips in your computer which will
malfunction.", and "your computer will burn up" are also fakes. Oh, and they
always say that there's "no remedy", it makes it much more fun. The main point
is that e-mails (as in messages), cannot hurt your computer if you open them.
It is absolutely impossible for a text message to infect your computer, as it
cannot contain anything except text. HTML messages, i.e. those which have
different fonts and colours in them, have the same risks as web pages (see
above). Therefore, the only possible way that your computer can become
seriously infected is by you opening an attached file that comes with an
e-mail. The golden rule is simply never to open any attached files that come
with any e-mail. Simple. Whatever the message says the file is, don't open it
unless you know exactly what it's meant to be, and you trust the person who
sent it to you. If you're unsure, don't open it, and reply to the sender,
asking what it is. Note that this is a wise idea, as many viruses manage to
attach themselves to all of the sender's outgoing messages (if their computer
is infected), and therefore you might get a normal message with a file
attached, which the sender didn't actually attach. Be especially cautious about
opening attached files that come with blank messages (although these may have a
subject line), from someone you trust. This is likely to be the a virus on
their computer propagating (spreading) itself. If you do want to open an
attached file, it's a good idea to save it on your hard disk (don't open it!),
and then scan it with an up to date virus checker. In conclusion, you can open
any message you want without fear or permanent damage to your computer, but
don't touch attached files.
3.
Files Attached to E-mails
Many effective hoax e-mails involve these. The message tells you not to open
any attached file with a certain name, as it will do something nasty to your
computer. The problem with this is that in theory it's quite true, and you
should be very careful with attached files. However, you can figure out quite
easily if a virus warning is true, by the way it is written. Normally hoaxes
are written so that they sound absolutely dire: it sounds much better and makes
people scared enough to forward them.
" After it is activated,, the PC cannot boot up at all. It goes very slow. It
destroys your hard disk. The filename is CELLSAVER.EXE"
The above is one I received about a screensaver. All hoaxes will say "it
destroys your hard disk". In theory it is of course possible, but if we're
talking about a real warning then one would expect a somewhat more technically
specific approach. Also, just read the text carefully: "The PC cannot boot up
at all." Fair enough, so that means that the machine is unusable. However, then
we find that "It goes very slow". Does this mean that we can now boot up?! Do a
bit of logical analysis on the messages that you get and you can discard many
of them because they don't make sense.
Download this
document:
Word 97 Document (28KB).
General
Advice on Viruses
Macro
Viruses
E-mail
Viruses (& Hoaxes)
Notes
& Disclaimer
Links
|
Macro
Viruses
A brief synopsis
of what they are, and what they are capable of. Visual Basic macros are
currently some of the most powerful and widespread viruses.
If you use
Microsoft Word 95 or later, this is a must read.
E-mail
Viruses
Many "virus
warnings" get forwarded around the net... However: which ones are true,
and which are just hoaxes?
Find out what
viruses can actually spread to your computer from e-mails.
General
Advice
There are many
things you can do to avoid having the problems of a virus on your computer
system.
Here is some
general advice on virus prevention, mostly to do with the Internet.
Notes
& Disclaimer
Here are a few
notes on the documents that are on this site, and those that are downloadable.
Also, please read
the disclaimer here: it involves limitation of liability on my part on your
usage of the information provided here.
Links
Some general
links to different virus checker software companies, other information on
viruses, and sites which provide up to date information on viruses which are
new.
|
|