The following tip is one of six steps to help you protect Windows systems from bi-modal attacks. Click to return to the main page.
Malware is commonly spread through an infected e-mail file attachment. A user is duped into executing the file attachment, infecting his system and unleashing the threat on the internal network.
To minimize such social engineering threats, you can filter or restrict e-mail file attachments. Some e-mail clients, including the current versions of Microsoft's Outlook and Outlook Express, are preconfigured to deny known executable file types. At the very least, readily executable file types such as EXE, COM, PIF, BAT and others should be blocked at the mail gateways so they never get to the client machine. Many companies have created policies to only allow ZIP file attachments. This is slightly more secure, but viruses can still spread through these file attachments.
Click for the next tip in this series: Restrict outbound SMTP traffic
This was first published in June 2005