[EAS]Virus Prevention 101

pjk pjk at design.eng.yale.edu
Wed Jul 25 01:07:44 EDT 2001

Subject:   Virus Prevention 101

Dear Colleagues -

Below follows a sensible, some would say insufficiently aggressive,
approach to coping with the threat of viruses. I do use and update
the Norton Antivirus (NAV) software available to members of the
Yale community, though I have never had a virus infection or a NAV
warning of one being thwarted. And I do get email with suspicious
attachments almost daily.

As the article points out, prudence is always required, because NAV
can't protect you from viruses when they first appear and it
doesn't know about them yet. See also the recommendations of Martin
Ewing (Director, Yale Engineering IT) at

And _never_ use a mail program setting that automatically opens


(from TOURBUS - 24 JUL 01)


Sooner or later you WILL receive an email that contains a computer
virus.  But if you understand a few simple concepts about email and
viruses, there is really nothing to worry about.  I've been using
email for twenty years, and I receive hundreds of messages daily. Even
though I get viruses in my inbox every day, I've NEVER been affected
by one.

If you take a few minutes to read and apply the following concepts to
your own email handling, you can have the same protection and peace of
mind without buying any expensive anti-virus software.


You CANNOT get a virus just by opening or reading your email.  This is
true even if your cousin has a friend who swears it happened to his
neighbor.  Many widespread virus hoaxes have circulated the Net for
years, claiming that if you open an email with a certain Subject line,
then untold horrors will beset your computer.  It's just not true.

A virus cannot leap out of your inbox and infect your computer without
some help from you!  Here are some facts you should know:

  + Some emails have attached files, in addition to the message body
  + Email attachments can be good (photos, music) or bad (a virus)
  + It is safe to open and read the message body of ANY email, even
    if that email has an attached virus.

In order for a computer virus to affect you, it requires some explicit
action on your part.  Let me explain with an analogy: Imagine someone
has mailed you a loaded gun.  You can't get hurt just by looking at
your mailbox.  You can't get hurt just by taking the package out of
the mailbox.  You CAN get shot if you take the gun out of the package,
aim it at your head, and pull the trigger.


So what is the "explicit action" required to activate a virus that
arrives in an email attachment?  It's as simple as clicking on the
attachment.  Depending on your email program, this will either save
the file to your hard disk or activate the virus immediately.  It
really is that simple... don't click on an attachment and you will
never get a computer virus.

So how can you tell the difference between good attachments and those
that contain a virus?  In some cases, you can't.  Anti-virus software
may help, but if the virus is a recent one, your anti-virus package
may not be able to detect it.  Here are some practical tips to help
you decide whether or not to open an attachment:

- If you get an email with an attachment from someone you don't know,
delete it.  You don't take candy from strangers, and you should behave
the same with email attachments.

- If you get an email with an attachment from a friend, don't assume
it's harmless!  Many viruses spread by automatically sending
themselves to the addresses found in the victim's address book, and
they often include something in the message body that looks like a
personal message from your friend.

- Unless you are very computer savvy, and you can tell for sure from
the name of the attached file that it's not a virus, then CALL or
EMAIL your friend and ask if they meant to send you an attachment.

- If they say no, then obviously you should delete the message and let
them know THEY are probably infected with a virus.

- If they say yes, AND they can explain what it is (photos of the
family picnic, etc.) then it should be safe to open the attachment.

SEMI-TECHNICAL NOTE: Take care when checking the filename of an
attachment as a guide to whether you should open it. The standard
behavior of Windows is to hide the file extension (the last three
characters) when filenames are displayed.  Some virus writers take
advantage of this and create files with names such as HAPPY.JPG.SCR,
which will display as HAPPY.JPG.  It appears to be a harmless JPG
(photo) file, but is really a nasty virus.  To force Windows to
display the entire filename, open Windows Explorer, click on View /
Folder Options / View, then UNcheck the "Hide file extensions for
known file types" option.


If you remember nothing else about computer viruses, try to keep these
three facts in mind:

 - You can't get a virus just by reading your email.
 - A virus cannot attack without your help.
 - Never open an attachment unless you're sure it was sent on purpose,
   and the sender can explain what it is.


Am I saying that anti-virus software is useless?  For most people,
yes. If you follow the guidelines in this issue, and you handle only
attachments that contain photos or sound/music files, anti-virus
software is a waste of money and can make your computer slower and
less reliable.

If you deal with word processor files, spreadsheets, or download from
sites that don't guarantee virus-free software, then using an
anti-virus program may be a good idea.  But be aware that it can only
protect you from the viruses it KNOWS about.  I've heard from LOTS of
people who faithfully kept their anti-virus software updated, but they
still got the ILOVEYOU virus (or one of the many variants) because of
careless email handling.

You should also update your email and web browser software at least
every six months.  Older versions may have security flaws that allow
unauthorized access to your system.  Here are some links that may help
you to find new versions, upgrades or security patches:

   <A href="http://home.netscape.com/smartupdate">
   NETSCAPE SMART UPDATE - http://home.netscape.com/smartupdate </A>

   <A href="http://windowsupdate.microsoft.com">
   WINDOWS UPDATE - http://windowsupdate.microsoft.com </A>

   <A href="http://www.eudora.com">
   EUDORA EMAIL SOFTWARE - http://www.eudora.com </A>


Learn about computer virus myths, hoaxes, and urban legends at
Rob Rosenberger's excellent Vmyths.com site.

   <A href="http://www.Vmyths.com">
   http://www.Vmyths.com  </A>

Try Central Command's Free Online Virus Scanner.

   <A href="http://www.centralcommand.com/scan.html">
   http://www.centralcommand.com/scan.html </A>

Symantec AV Center offers information on the lastest virus threats,
removal tools, and a Virus Encyclopedia.

   <A href="http://www.symantec.com/avcenter">
   http://www.symantec.com/avcenter </A>

I understand that some people will disagree with my advice about the
best way to protect yourself from computer viruses.  But I believe
that education is the key, rather than software that gives a false
sense of security.  Stay safe out there, and I'll see you next time!
--Bob Rankin

=====================[ Tourbus Rider Information ===================
   The Internet Tourbus - U.S. Library of Congress ISSN #1094-2238
     Copyright 1995-2001, Rankin & Crispen - All rights reserved

        -+- LONG DISTANCE CALLS For Just 5 CENTS a Minute -+-

      Subscribe, Signoff, Archives, Free Stuff and More at the
              Tourbus Website - http://www.TOURBUS.com

More information about the EAS-INFO mailing list