How not to get an email virus

Š2001 Dhugael McLean

There has been a considerable amount of discussion recently about the rash of e-mail viruses that have been flying around the Internet. While everyone agrees that viruses are a "Bad Thing," the solution to this problem seems to have escaped many people. The solve for this one is really very simple: Self Control. This document contains simple instructions on how to stop viruses cold.

   1. Beware ALL e-mail attachments. An attachment is a part of an e-mail that's not the text. It's an added bit at the bottom. Attachments can be anything; a picture, a word processing document, a program, a video file, or anything that's not just text. Depending on your e-mail program the attachment can show up in different ways but it's usually an icon somewhere on the e-mail. 

   1. Don't depend on virus scanners to kill viruses attached to emails. Many of the viruses that get disseminated through email do so before the people who maintain the scanner programs can update the program to detect the virus. It's a pretty good bet that you have not updated your virus definition file in a while either. Virus scanners offer very little protection for these kinds of viruses. 

   1. Look at the attachment name. The first part of the name is unimportant. It's the LAST part after the last dot "." that tells you what kind of file it is. This is called the file's extension. Some people have their computers set to not show extensions for certain files. Windows users should make sure that this option is turned off. The easiest way is to double click on "My Computer" and look in the "View" menu for "Folder Options". If it's not there, look under the "Tools" menu. Once that is opened, look for the "View" tab - in there is a series of checkboxes. Make sure that "Hide File Extensions for Known File Types" is unchecked. Here's a basic rundown on file types and what danger level they pose to your system. Be careful of filenames that have more than one dot in it: GreatPic.jpg.vbs is a VBS file and NOT a jpg (picture) file. It is very dangerous. 

"The Safe Ones" are files that the people who write viruses have not yet found a way to damage your system with. As I write this (January. 2002) these files are safe to click on and open with no chance of damage to your system.

"Caution" are ones that are not generally used to transmit a virus. These SHOULD be safe but care should be taken if you don't know who the person that sent it to you. If in doubt don't open it.

"No way, No How" This is the easy one, folks: Don't open these. Delete the e-mail and empty your "Deleted E-mail" folder. Even if you trust the person that's sent it to you, don't open them. If the Pope sends you an e-mail with one of these, don't open it. Even if the e-mail says that this is the cutest/funniest/sexiest/weirdest/whateverest that ever was, don't open it. If you open it you are exposing your system to extreme danger. THESE are the files that virus writers use to propagate viruses through the Internet. If you ignore this warning and you open the file you only have yourself to blame. Don't blame the nasty virus writer; don't blame the person that sent it to you, don't blame Bill Gates (or Steve Jobs, take your pick) - blame yourself. YOU are the one that opened it and you are the one that made your (and possibly everyone else's) system go bad. If everyone stopped opening these, e-mail viruses would stop cold. The reason that Love Bug and it's variants did all the damage that they have done is that people opened these kind of files. Read this, print it out, check the list and you're well armed against viruses.

By the way, it doesn't matter who sent you this file - treat everything with caution. Some of the more recent viruses have been transmitted without the person that sent it ever knowing. The virus looked at the address list of the infected person and automatically sent itself to everyone on the list. The person who got infected with the virus never even knew it was doing it. Because of this, you cannot trust a file because you know who it came from.

If an extension is NOT on the list - treat it as unsafe. I've tried to be as complete as possible with the common files that get transmitted but I have not covered everything. Be safe and don't open anything that you don't know.


THE SAFE ONES
Extension File Type Notes
.ai
Picture File
(Adobe Illustrator)

.art
Picture File
 
.avi
Video File
(Audio Video Interleave)

.bmp
Picture File
(Windows Bitmap)

.cgm
Picture File

.dxf
Autocad Drawing File
(Generic)

.dwg
Autocad Drawing File

.eps
Picture File
(Encapsulated PostScript)

.eml Email (another email message as an attachment - careful as there may be a virus in the subsequent email)

.gif
Picture File
(Graphics Interchange Format. Pronounced "JIF" - like the peanut butter. Think "Gin")

.jpe
Picture File
(JPEG)

.jpg
Picture File
(sometimes .jpeg)

.mid
MIDI Music File
 
.midi
MIDI Music File

.me
Text File
(Usually the end of a Read.Me file)

.mov
Video File
(Apple Quicktime Movie)

.mp2
Sound File
(MPEG 2 Audio)

.mp3
Sound File
(MPEG 3 Audio)

.mpg
Video File
(sometimes .mpeg)

.pcx
Picture File
(PC Paintbrush)

.pdf
Adobe Acrobat file
 (portable document format file)

.rar
Compressed file
* special case - see below

.rle
Picture File
(Run Length Encoded)

.rm
Sound/Video file
(RealAudio - sometimes .ram)

.rtf
RichText Format
Formatted text document somewhat like a Word document

.sea
Compressed file(s)
* special case - see below

.sit
Compressed file(s)
* special case - see below

.tif
Picture File
(sometimes .tiff)

.ttf
Font File
 
.txt
Plaintext file
 
.uue
Compressed file(s)
* special case - see below
.wav
Sound File
 
.wma Sound file (Windowsmedia Audio)
.wmf
Picture file
 
.wri
Text File
(Windows Write)

.zip
Compressed file(s)
* special case - see below

CAUTION
Extension File Type Notes
.asp
Web Page File
(can sometimes carry harmful information)

.doc
Microsoft Word Document
(not damaging in itself but can carry a macro [script] that can do damage

.htm
Web Page File
(can sometimes carry harmful information)

.html
Web Page File
(can sometimes carry harmful information)

.lnk
Internal link to another file
(Could point to a damaging program)

.url
Web Page Link
(Could point to a damaging web page [very rare])

.wk1
Lotus 1-2-3
(Could carry harmful macro - also .wk3 .wk4)

.wks
Lotus 1-2-3
(Could carry harmful macro)

.xls
Microsoft Excel Spreadsheet
(See .doc)

NO WAY, NO HOW (Really!!!)
Extension File Type Notes
.pif
Program
(Currently popular for the SirCam virus)

.exe
Program File
(One of the most popular)

.com
Program File

.vbs
Visual Basic Script
(Recently very popular)

.bat
Batch File
(Rare)

.bin
Mac Program

.dot
Document Template
(Could set up a macro in Word that does damage)

.reg
Registry File
(Could modify important system settings)

.js
JavaScript
(Script could contain damaging items)

.scr
Screen Saver
(Could be a program in disguise)

.xlm
Excel Macro
(Could contain damaging instructions)

.wmz 
Skin 
(Windows media skin. Has been used for virus distribution)

*Information on ZIP files (and other compressed files). Zips are a brilliant invention. A zip file contains one or more files that have been compressed to save transmission time and space. ZIP files are completely safe to your system. HOWEVER, the files contained within the zip files may not be safe. The rules that go for e-mail attachments can also be said about the files in a zip file. Again, be cautious.

I hope that information helps prevent you opening a file that can be dangerous to your system.

This warning applies to attachments to e-mails only. If you are poking around on your hard drive and you see files that have these extensions, leave them alone. They are meant to be there. Deleting files from your hard drive of the types that are in the "No Way, No How" section may cause your computer to stop working. Again, this is for E-MAIL ATTACHMENTS ONLY...

----------------- NOTE ON SPAMMERS ----------------

It id easy to stop spam from coming to your email box. A few will get through but after you keep adding to your spam filters you will eventually stop 99.999% of them.

Pay special attention to mailing addresses, telephone numbers and web site addresses in the body of the message, copy and paste the words or text rather than just type them. Get then from the message source rather than the message itself. Often most or sometimes all that is in the body of the message is a link to a web site picture or series of pictures that make up the message in the email. It does not show up until you open the message and it connects to the internet and downloads the pictures. 

This is also a way to get a virus from an email. It doesn't come with the virus attached, it downloads it after you open the message.

Never unsubscribe to a spam email message. That only confirms that your email address is valid and ripe to be sold to a spammer. That goes for going to a web site to unsubscribe too.

If you are able to track the actual sender of a spam message and can confirm that it actually came from a certain site; Don't report it to abuse at the same spam site it came from. They are the ones who sent it and would just love to know that your email address is valid.

Internet explorer, Mozilla and Netscape have some pretty good spam filters. If you learn to use them, you will never get spam two times from the same site or advertising the same site no matter who sends it. LEARN IT AND USE IT.