benhenry
10-28-2003, 03:12 AM
Scenario: Your aunt receives an email with an attachment seemingly from your other aunt. Your aunt is not worried. She has a big name brand virus scanner sitting in her system tray protecting her. She opens the email and the attachment.
She now has a virus along with many of the family members in her address book.
Why? Because the sending address field of the email was "spoofed". The email was actually being sent from an infected computer. And the virus targeted the scanning engine before it did anything else. So her virus scanner is helpless to prevent the virus from damaging her computer and passing itself along.
Many people have a "main" real-time virus scanner and a secondary "freebie" virus scanner that they keep in reserve. If you do have a secondary virus scanner... here is a slightly awkward but helpful method to get a "second opinion" about an email with an attachment before opening it.
1) Copy the email with an attachment to a convenient folder. Scan it with your secondary virus software. (Most anti-virus software installs with a right-click menu option. Right-click the email and select "Scan with AVG" or a similar option.)
2) If the email passes this scan then open the message and look for the attachment. It is usually listed in a box underneath the subject of the email, or as a link at the bottom of the email. Do not open the attachment yet.Right-click the attachment and choose "Save to disk..." or a similar option.
3) Right-click and scan the attachment file. If it passes this scan, then it might be safe to open. (Aw, heck... life is always full of adventurous choices.)
4) Save or discard the original email based on the results of the scan of the copy.
Note: After having been burned with a virus (the above described scenario actually occurred with my aunts) my aunt was nervous about copying a suspicious email and/or suspicious attachment to a folder for a secondary scan.
A file does not "know" it is being copied... the copying process will not trigger operation of code from within the file like viewing, opening, or executing the attachment would.
Well... If you have followed my little story from beginning to end, I hope you had a few grins or chuckles; and maybe picked up an interesting byte here or there. I can only hope that you enjoyed reading it. I know that I enjoyed writing it.
She now has a virus along with many of the family members in her address book.
Why? Because the sending address field of the email was "spoofed". The email was actually being sent from an infected computer. And the virus targeted the scanning engine before it did anything else. So her virus scanner is helpless to prevent the virus from damaging her computer and passing itself along.
Many people have a "main" real-time virus scanner and a secondary "freebie" virus scanner that they keep in reserve. If you do have a secondary virus scanner... here is a slightly awkward but helpful method to get a "second opinion" about an email with an attachment before opening it.
1) Copy the email with an attachment to a convenient folder. Scan it with your secondary virus software. (Most anti-virus software installs with a right-click menu option. Right-click the email and select "Scan with AVG" or a similar option.)
2) If the email passes this scan then open the message and look for the attachment. It is usually listed in a box underneath the subject of the email, or as a link at the bottom of the email. Do not open the attachment yet.Right-click the attachment and choose "Save to disk..." or a similar option.
3) Right-click and scan the attachment file. If it passes this scan, then it might be safe to open. (Aw, heck... life is always full of adventurous choices.)
4) Save or discard the original email based on the results of the scan of the copy.
Note: After having been burned with a virus (the above described scenario actually occurred with my aunts) my aunt was nervous about copying a suspicious email and/or suspicious attachment to a folder for a secondary scan.
A file does not "know" it is being copied... the copying process will not trigger operation of code from within the file like viewing, opening, or executing the attachment would.
Well... If you have followed my little story from beginning to end, I hope you had a few grins or chuckles; and maybe picked up an interesting byte here or there. I can only hope that you enjoyed reading it. I know that I enjoyed writing it.