E-mail-distributed viruses are very common these days. Rarely a week goes by when a warning about a new e-mail-born virus is not in the technical press. I probably receive three or four e-mails every week that I suspect of carrying a virus. Fortunately, there are ways to protect you and your users from e-mail-based viruses.
First and foremost, you must have an active antivirus software product deployed on your e-mail servers and every server and client. In addition to having the software deployed, you must also keep it current with the latest virus definitions. Most reputable virus-scanning tools can detect viruses arriving via e-mail and block them before a user even gets a chance to get infected. However, if a new virus arrives that is not listed in the virus definitions, a virus scanner will do you little good.
The second element in protecting yourself is a policy against opening any e-mail attachments from people users don't know. To take this a bit further, users should also avoid opening e-mail attachments from people they know when they were not expecting to receive a file by e-mail from them. Some companies have taken the extreme measure to strip off all attachments on in-coming e-mail before the message even arrives at a user's desktop. While this method will prevent most e-mail-delivered virus infections, it also severely limits the usefulness and productivity of e-mail in general. You may consider establishing a company policy to use an FTP site to transfer files instead of attaching them to an e-mail message. That way any attachments that make it into your inbox are automatically seen as threats.
The third element in protecting yourself from viruses delivered by e-mail is to learn how to recognize funny e-mails. A funny e-mail is any e-mail that meets one or more of the following criteria:
- The message is from someone you don't know.
- It includes bad grammar in the subject or body of the message.
- It is humorous, friendly, campy in nature, but it is from a professional contact.
- You receive multiple copies of the same e-mail from the same or different people.
- The subject and/or body is blank, but there is an attachment.
- The message is very short but stresses or encourages you to view the attachment.
- The message indicates it has sent a file you requested, but you don't remember making the request.
- The message claims the attached file is about earning money, pornography, a greeting card, a music file, a screen saver, etc.
If you suspect that you've received a funny e-mail, delete it immediately. If you know the person who sent the message, contact them and inquire if they intended to send you an e-mail with an attachment. If so, find another way to obtain the file. If not, you probably just saved your network from a serious virus infection.
This was first published in February 2002