SR Web Resources - Web Site Design and Programming - Return to Homr Page Home Services We Offer How We Do Business Contact Us About SRWR Resources Client Portfolio
 Article:    Avoiding An Email Virus

Resources

Home > Resources > Articles > Avoiding An Email Virus - August 2003          

Site Map
Do Business with our
    Customers!
Useful Links
Internet News
Articles
In Memory
Resources Menu


Date:August 18, 2003

Avoiding An Email Virus
 


"Phishing" is the use of spam, or unwanted junk e-mail, to lure computer users to Web sites that look like those of reputable companies, and to deceive them into divulging personal financial data. Here's a link to a CNET article that tell of a recent scam aimed at Citibank customers. It demonstrates the problem:
            http://news.com.com/2100-1017_3-5065394.html     dated August 18, 2003

How to handle a link on an email
I would make a few suggestions if you receive an email that asks you to click a link and enter private information on the resulting page:

  1. Don't enter private info such as Social Security numbers, usernames and passwords or account info as a result of an email request, ever.
     
  2. Contact the vendor and let them know about the email. Contact them by phone or to an email address you know to be valid, not one from the potentially fake email and Web page.
     
  3. Do not execute a link in an email by clicking it, unless you know the email source well and even then you might confirm that they sent it. Error to the over-cautious! Instead:
     
    1. Highlight the link - click and drag from outside of the address and across it, being careful not to click it
       
    2. Copy it (ctrl/c)
       
    3. Go to your browser and click once to highlight the Web address that is currently in the address window
       
    4. Paste the link (ctrl/v)
       
    5. Hit ENTER
       
    6. If it is fake, one or both of these might occur:
      1) it may come up with a Page-Not-Found message
      2) it may have an odd Web address (e.g. We did this on an email that
          said it was from Microsoft but the domain was go.microsoft.com,
          not microsoft.com - this may take some research on your part
          to know the validity of an address)
       
    7. If it is fake, delete the message without ever clicking the link. If it seems valid, go to the But safer yet... instructions below to further verify the validity of this email and link.
       
  4. Invest in protection for your pc - We use Norton Internet Security by Symantec. If you have a cable modem, it's a good idea to have a firewall feature but, regardless, you need the protection that checks emails for a virus. It's worth the investment! Once you add this protection, you still have to be on guard against new virus' and infected attachments that will still make it to your In Box. You should also subscribe to your chosen protective software's updates of new virus definitions and regularly run the download program that they provide. .

If an attachment is an Image (or at least it APPEARS to be...):
As a side issue, if you have an attachment, don't click it unless you have verified that it is a .jpg or .gif. Verify by doing a right click on the attachment and choose the SAVE AS option - now STOP and look at the name it comes up with, now CANCEL the request because you just want to look at the name at this point. If it is truly a .jpg or .gif, you should be able to safely click and view it.

A file may appear to be an image, when, if you verified it, it in fact is something like myPicture.jpg.exe - not myPicture.jpg. That's a dead give-away that there's a virus here. Delete the email without clicking the attachment.

If an attachment is NOT an Image:
If you have an attachment and you verified the full file name as describe in the image attachment section above, again, don't click it. The exception is if you can confirm with the source that the attachment is validly from them or you can somehow tell that this email is DEFINITELY from that source (e.g. the text cannot be canned because of something the email said).

Even a Word document can be loaded with a virus, so I hear. Save the attachment to your c: drive and scan it with your Norton or other Security software.

How to scan it: After you save it to your c: drive, go to Windows Explorer and right click (to get the contextual menu). If you have security software, normally an option will be listed allowing you to scan the file. Do that. If the option doesn't come up, check with your security software instructions or HELP screens to find out how to scan an individual file for a virus. It's wise to continue to get your security software's updates (e.g. downloadable files that Norton prompts you to get) so you are protected from the newest virus' that they've uncovered.

If it seems valid, go to the But safer yet... instructions below to further verify the validity of this email and attachment.

If you can't find the attachment to be valid and/or clean of virus, delete it.

Returned Mail scam
If your email software allows for Preview mode where you can view the top half of the email without opening it, you can probably see the email address that it is saying errored. If you do not recognize it, delete the message and don't give it another thought. Otherwise, if you don't recognize it but can't be sure if this is one you sent a message to, usually they have an attachment that you shouldn't click without implementing one of the attachment instructions that I gave above. It is probably a virus if you at first do not recognize the erroring email address.

But safer yet...
To be on the safe side, verify directly by phone or by way of a new email to the email address you already know, and ask if they sent it. You should have the security software, though.

If you get a virus
If you get a virus, because the people creating them are pretty clever, go to a resource that can give you more information and even a downloadable fix. Sites that might be able to help you include (but are not limited to):

  • Probably your best resource is to go to the Web site for the company that serves your PC with security software (e.g. Norton Security at www.symantec.com). They most probably will have information about a current virus on the home page. We can't emphasize enough that you should have anti-virus protection (as well as a firewall if you connect using a cable, DSL or T1)
  • The Web site of your PC's operating system manufacturer (e.g. www.Microsoft.com)
  • The Web site of your computer manufacturer (e.g. Compact; Dell; Gateway)

If you can't get onto the internet, due to the havoc the virus is causing or because you are concerned about going online again from the infected PC, go online with another pc that has not been affected. Carry a disk with you so that you can download a patch, as needed. Alternatives include:

  • Another PC in your business or home
  • A pc at your public library (may not allow downloads)
  • Via a business or personal contact that can get online

August 2003 Online Articles With More Details:

'Good' worm, new bug mean double trouble / August 19, 2003, 1:58 PM PT
http://zdnet.com.com/2100-1105_2-5065644.html          
(this is an odd address with .com.com but it is valid - verified by going directly to www.zdnet.com>News

World squirms as Sobig returns / August 19, 2003, 8:47 AM PT
http://zdnet.com.com/2100-1105-5065494.html?tag=nl

Sobig finds new routes to relay spam / June 25, 2003, 1:23 PM PT
http://zdnet.com.com/2100-1105-1020963.html?tag=nl

Additional helpful links:

Microsoft patch and more on protecting your system against virus', including the blaster worm.
Microsoft Severity Level: Critical
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tips/pcprotec.asp
(reboot after applying)

August 2003, Cumulative Patch for Internet Explorer (822925) -
Microsoft sets its Maximum Severity Rating: Critical
http://www.microsoft.com/windows/ie/downloads/critical/822925/default.asp
(reboot after applying)

You must be careful. Unfortunately our instructions and links (Internet News) can not to be construed as all encompassing and/or fool-proof ways to avoid virus'. They are just meant to hopefully help avoid a painful experience with a virus. So remember to follow your gut feelings and error to the over-cautious side.
 
 

Copyright - SR Web Resources - August 19, 2003
You have permission to print the article for your personal use in an effort to avoid a pc virus.
Any other use requires prior written permission from Susan Riding of SR Web Resources (www.srwr.com)

Home | What | How | Contact | Finders Fee | Resources | About | Site Map

       
       

Contact Us!

  
www.SRWebResources.com (srwr.com)     Susan Riding     Last Update: July 16, 2010
Flanders, NJ 07836    Mount Olive Township   Morris County, New Jersey
Classic ASP Developer     Web Site Design / Redesign    Web Graphics
Copyright © 1999-2008  SR Web Resources - All rights reserved