Skip Maine state header navigation

State Search:

Agencies | Online Services | Help

Page Tools Page Tools Email page Map addresses En español En français English

A Publication Featuring The Information Services Technology of Maine State Government

Getting Attached to Viruses

By Bob Witham

Unless you have been living in a cave for the past five years, you are likely aware that computer viruses can be transmitted as an e-mail attachment. Please note that I said e-mail attachment, not e-mail message. There are no viruses that can be transmitted in a simple e-mail message. In order for a virus to be activated, some program must be run.

For example, Microsoft Word has an internal programming language called Macro. The purpose of this language is to allow you to program several steps, such as create a new document, set the margins, and insert a header, to be executed by a single keystroke. Macros can even be set to execute as soon as you open a document. Some clever virus writers took note of macro, and found you could delete files, send mail messages, and rename files with macro, and a whole new generation of viruses was born.

In the "old days" of computing (five or six years ago), the only executables around were compiled programs (EXE) or batch files (BAT and COM). It was pretty easy to know what to avoid opening. Now, it seems that almost anything is "executable." With the marriage of Windows and Internet Explorer, more and more file extensions are being used to automatically perform certain functions. The Loveletter virus and its clones take advantage of a technique known as "Windows Scripting" to spread itself. This scripting permits certain file types to be executed by Windows as soon as the file is double-clicked by a user.

There are viruses that can be scripted into HTML Web pages too. Simply displaying the HTML code in a preview pane, can (at least theoretically), invoke a virus. This seems to go against my contention that viruses are only contained in attachments because all the mail recipient sees is just a mail message, apparently without an attachment. In the case of HTML however, the actual attachment is hidden, and is displayed in the preview pane. It is automatically run without the mail recipient needing to do anything. To the best of my knowledge however, there is only one virus that ever took advantage of this technique, and it never spread in the wild.

What can you do to protect yourself from these viruses?

1. Get an anti virus product. At BIS, we use McAfee anti virus on all desktop computers, and servers, and Antigen anti virus on our Exchange (mail) servers. Other agencies who do not use exchange rely on either McAfee or Norton anti virus for desktop and server coverage.
2. Keep your anti virus software up to date. New viruses are written every day. Unless you keep your anti virus software updated at least weekly, you will soon be out of date, and subject to the newest viruses. Trust me, while we see old viruses from time to time, the majority of the viruses we find are less than a month old.
3. Do not open suspicious attachments. Really now, do you think your boss would send you and e-mail with the subject line of "I love you?" It is surprising how many people actually opened the Loveletter virus attachment because their boss or a coworker sent them a message with that subject line. We are often too trusting of our email, and assume that the sender actually composed the message and attachment. Do yourself a favor, and assume that a virus sent the message from your friend’s e-mail. Especially if the attachment is accompanied by an email that simply says "You gotta see this", or some equally neutral message. If the email message does not completely describe the contents of the attachment, DO NOT OPEN IT. Send a message back to the sender asking for clarification as to what the attachment is, and why you should open it.
4. Do not send virus like messages. This doesn’t really protect you from viruses, but if each person takes the time to accurately describe the attachment contents, it helps show others the way. Perhaps the next message they send you, they will reciprocate. Perhaps we can teach people to use e-mail in a better way. Most people seem to use email as a post-it note. We dash of short meaningless messages, and our recipients put up with it. Virus writers capitalize on this and make the email messages that accompany their messages equally vague and meaningless. One virus sends the message "Here is the material you asked for", another "You gotta see this", and so forth. Nebulous meaningless messages. Of course, we have conditioned ourselves to ignore the message and simply open the attachment. Many people never read the message, and simply click the attachment to see what will happen.
5. Read the message. This kind of carries on from the previous item. Don’t just click the attachment. Take the time to read the email message first. If the message sounds bogus, or if it just doesn’t sound like other messages from the sender, don’t open the attachment. Write back to the sender asking if he/she actually sent this.
6. Be suspicious of every message you receive. Don’t assume the message came from a friend. Assume that it came from a virus. Make the sender prove to you, either through the message or by responding to you that he or she really sent this. If, after all these precautions, your friend still sends you a virus infected message, cross that person off your Christmas card list.

[ Up ] [ Bridge Construction Documentation...From Field Book to Laptop ] [ Challenge for January ] [ Dear PC Genie: ] [ Getting attached to viruses ] [ MeDOT and FHWA Develop E-Business Relationship ] [ School Profiles ] [ Transitions for January ] [ Walter Lowell ] [ Year 2000 in Review ]