You used to be able to protect yourself from an email virus if you only opened attachments sent from someone you knew. Those days are long gone. Viruses today almost always include a program that searches for email addresses stored on the infected computer, such as in the Outlook address book, Instant Messenger buddy list, and even email addresses referenced in files on the hard drive. Once the virus has built itself an email address list, it sends itself to those addresses without the unsuspecting victim even knowing it is happening. So, today it is more likely that you will receive an email virus from someone you know, rather than someone you don’t know.
One thing that determines how quickly a virus will spread is the “hook”, which is something about the email that makes the recipient want to read it and then open the associated attachment.
A good example of a virus with an effective hook, as proven by how rapidly it spread, is the Love Letter worm from a few years ago. The subject of the email was “I Love You,” and the message referred the reader to an attachment that was supposedly a love letter, but was actually a virus. Another example of an effective hook was the Anna Kournikova virus, which was designed to make the recipient think it was a picture of the popular tennis star. Not surprisingly, it was mostly men that fell for this one.
Because these emails have an intriguing subject, and they come from someone we know, we are more likely to let our guard down and open the attached file.
Look for these extensions on file attachments: .exe, .vbs, .bat, .pif, .scr, and .com. Any file with one of these extensions is an executable file, meaning that when you open the file, a script or program will execute. Unless you can verify that an attachment was purposefully sent by someone you know, delete the message. Do not open it. Even with a trustworthy source, scan the file for viruses before opening it.
Virus writers realized that Internet users were getting wise to the file extensions commonly used for viruses, so they started hiding the extensions. For example, the Anna Kournikova virus mentioned earlier was actually a file named “AnnaKournikova.jpg.vbs”. If you look quickly, you might miss the .vbs and think that the file was a .jpg, which is a harmless picture file.
Keep up with new virus tricks
Some viruses are written in the old DOS Command language, which has a file extension of .com. For example, the “My Party” virus was attached to an email that invited you to go to a Web page that promised “absolutely amazing” photos of a party. People fell for this one because they thought they were simply clicking on a Web link to go to a friend’s Web site. In actuality, they were launching a virus by opening an executable file with the name www.myparty.yahoo.com. The virus writer named the file so that it looked like a Web site address in order to trick more readers. We will probably see more viruses that use this tactic in the future.
The best and last line of defense is to have up-to-date virus protection software. These programs are designed to identify viruses before you execute them. There are many products available, but whichever you choose, make sure that you get regular updates. Most programs allow you to automatically download updated virus definitions, which you should do at least once a week and whenever you hear about a new virus.
Back up often
It is a good idea to back up your data regularly so you can restore valuable files in case of a virus attack.