Tech Tips

Understanding the Life of an eMail Virus

EMail borne viruses are clogging up the Internet, slowing down eMail delivery, and devouring untold amounts of human productivity, and this is just the tip of the iceberg, not taking into consideration dangerous “worms” that can destroy hardware and software and compromise security and privacy. That’s another story.

The following article was authored by Saul Klein, President of InternetCrusade, the organization responsible for creating the REALTOR e-PRO^® Certification course. e-PRO is the only NAR approved Internet Certification Program. The vision for the future of e-PRO Certification is to create a well-trained, core group of real estate professionals who are thriving in the online-based real estate industry. The program will teach the REALTOR® about Internet business principles required to remain in the center of the real estate transaction. For more information on the course or to register for an upcoming E-PRO Video Event in your area, contact your association today.

Understanding the Life of an eMail Virus

What is going on with all these viruses?

Today's eMail viruses have the ability to "spoof" the "From" and "Subject" fields of an eMail message which prevents you from knowing who really sent you the virus.

Familiar names are now a dangerous decoy, luring you into a false sense of security and tempting you to open virus infected eMail. Because the “From Field” is “Spoofed,” You may be falsely accused of spreading a virus and also receive numerous eMails you did not request.

What takes place:

An eMail with a virus attached is sent:

To someone who does not have Anti-Virus Software on their computer.
To someone who has Anti Virus Software on their computer but who has not updated by downloading the latest virus definitions and installing them.
To someone prior to the Anti Virus Software companies creating the "cure" for a recently released virus.

The virused eMail is open (or viewed through the preview pane) and "infects" the recipient's computer. The virus then:

Creates an eMail message (not detectable in the outbox) on the newly infected computer.
Pulls an eMail address at random out of the eMail address book of the newly infected computer and puts it in the "From Field" of the newly created eMail message ("Spoofs" the "From Field").
Puts some text in the subject field.
Attaches a copy of the virus to the newly created eMail message.
Sends the eMail with the virus attached to many of the addresses in the address book of the newly infected computer.

Results:

The virus is received by those to whom it is sent and the above cycle begins again as stated above.

Those who receive the virus may think that the virus was sent by the "Spoofed" eMail address in the "From Field." Remember, the person in the from field DID NOT SEND THE VIRUS.

Some of the virus protection software on the computers to which the new virused eMail message was sent detects the virus and is set (a setting in the Anti Virus Software) to send a response to the eMail address in the "From Field" when it detects (and fixes, deletes, or quarantines) a virus.

When this happens, the eMail that states "a virus has been sent by you" is being sent to someone WHO DID NOT SEND THE VIRUS (misdirected because of the "Spoofed From Field"). This is one reason why you may be receiving eMail messages that say you have sent a virus, and you know you did not. You did not send a virus but your eMail address was the eMail address that appeared in the "From Field" of an eMail message with a virus attached.

You may also receive eMail from auto responders when you did not send an eMail to generate the response. The reason this is happening is because someone who has your eMail address in their eMail address book has been infected by a virus and your name was selected at random and placed in the “From” field of the eMail launched from their infected computer. The eMail sent from their computer triggered the response which is being sent not to the person who sent the eMail, but to the person in the “From” field.

If your eMail address is in the eMail address books of others, there is a good chance that someday your eMail address will appear in the "From" field of an infected eMail sent from someone else’s computer and some of the recipients who do not understand the nature of today's eMail viruses will think you sent them a virus. You can also count on receiving lots of eMail you didn’t ask for, many generated by servers detecting viruses and auto responders.

There is nothing you can do to prevent the above, but you can protect yourself.

What can you do?

Keep your virus protection software updated with the latest virus definitions. Put the software in "automatic" so when new virus definitions are available, the software company’s servers will detect the next time you are online and update your computer automatically, notifying you of the update after the update is complete.

Run a complete virus scan if you ever suspect that you have a virus and on a regular basis as well.

Don’t open attachments unless you are expecting them and then you may want to check with the sender before you open the attachment just to make sure they sent it to you.

Realize that using the preview pane option may make you more susceptible to actually being infected by one of the many viruses you will inevitably receive (and have already been receiving). This is just a caution as the preview pane is a very convenient way to sort through large volumes of eMail and should you opt to use it, just understand the potential for infection and the need to keep your anti virus software up to date. You might also consider creating a folder for attachments in your eMail software and a rule which filters any eMail with an attachment into the attachment folder. Use the preview pain in your Inbox folder and turn off the preview pane in your attachment folder. Your ability to have the preview pane availability set differently in different folders is a function of the version of the eMail software you are using.

Turn off the feature in your anti virus software that automatically sends out an eMail to the eMail address in the from folder of a virused eMail…that feature is sending the notification to the wrong purpose. For all practical purposes, you will not be able to tell from whom the virused eMail originated.

Consider an eMail product such as InternetCrusade’s eMailPlus which helps eliminate viruses at the server before they reach your computer (for more information on eMailPlus go to http://InternetCrusade.com).

Inform your clients of the information provided in this article so they don't someday think you sent them a virus. If your eMail address is in the eMail address books of others, there is a good chance that someday your eMail address will appear in the "From" field of an infected eMail and some of the recipients who do not understand the nature of today's eMail viruses will think you sent them a virus.

Computer viruses are a fact of life, but there is much you can do to minimize their risk to you and your productivity.

e-PRO is the only Technology Certification Program endorsed by the National Association of REALTORS®…created and delivered by InternetCrusade (http://InternetCrusade.com)

Date Posted: 9/29/2006
Number of Views: 600

Return


Home News Latest News President's Message Notes From The CEO Ethics Corner Miss Marketing Tech Tips Local Government Report Building Project Blog CVAR E-News Commercial E-News E-News Classifieds Events Calendar of Events Commercial Events Caravans Education Continuing Education Online Ed Computer Lab iMRMLS Training Lunch & Learn Seminars GRI Directory Find a Member Board of Directors Committee Chairs CVAR Staff Forms/Info MLS MRMLS Forms Rules & Policies Reciprocal Forms Central Valley MLS® CLAW Forms Desert Area MLS® SANDICOR SoCalMLS South Bay Southland Regional (crisnet) Membership Scholarship C.A.R.2009 Director Application Legal Legal Articles Legal Links CAR Legal Q&A Community Cities We Serve Legislative Contacts San Bernardino Los Angeles Services Pay Bills Online Shop the Online Store Online Voting Resourceful Links Benefits REALTOR® Benefits Contact
Tech Tips
Understanding the Life of an eMail Virus EMail borne viruses are clogging up the Internet, slowing down eMail delivery, and devouring untold amounts of human productivity, and this is just the tip of the iceberg, not taking into consideration dangerous “worms” that can destroy hardware and software and compromise security and privacy. That’s another story. The following article was authored by Saul Klein, President of InternetCrusade, the organization responsible for creating the REALTOR e-PRO^® Certification course. e-PRO is the only NAR approved Internet Certification Program. The vision for the future of e-PRO Certification is to create a well-trained, core group of real estate professionals who are thriving in the online-based real estate industry. The program will teach the REALTOR® about Internet business principles required to remain in the center of the real estate transaction. For more information on the course or to register for an upcoming E-PRO Video Event in your area, contact your association today. Understanding the Life of an eMail Virus What is going on with all these viruses? EMail borne viruses are clogging up the Internet, slowing down eMail delivery, and devouring untold amounts of human productivity, and this is just the tip of the iceberg, not taking into consideration dangerous “worms” that can destroy hardware and software and compromise security and privacy. That’s another story. Today's eMail viruses have the ability to "spoof" the "From" and "Subject" fields of an eMail message which prevents you from knowing who really sent you the virus. Familiar names are now a dangerous decoy, luring you into a false sense of security and tempting you to open virus infected eMail. Because the “From Field” is “Spoofed,” You may be falsely accused of spreading a virus and also receive numerous eMails you did not request. What takes place: An eMail with a virus attached is sent: To someone who does not have Anti-Virus Software on their computer. To someone who has Anti Virus Software on their computer but who has not updated by downloading the latest virus definitions and installing them. To someone prior to the Anti Virus Software companies creating the "cure" for a recently released virus. The virused eMail is open (or viewed through the preview pane) and "infects" the recipient's computer. The virus then: Creates an eMail message (not detectable in the outbox) on the newly infected computer. Pulls an eMail address at random out of the eMail address book of the newly infected computer and puts it in the "From Field" of the newly created eMail message ("Spoofs" the "From Field"). Puts some text in the subject field. Attaches a copy of the virus to the newly created eMail message. Sends the eMail with the virus attached to many of the addresses in the address book of the newly infected computer. Results: The virus is received by those to whom it is sent and the above cycle begins again as stated above. Those who receive the virus may think that the virus was sent by the "Spoofed" eMail address in the "From Field." Remember, the person in the from field DID NOT SEND THE VIRUS. Some of the virus protection software on the computers to which the new virused eMail message was sent detects the virus and is set (a setting in the Anti Virus Software) to send a response to the eMail address in the "From Field" when it detects (and fixes, deletes, or quarantines) a virus. When this happens, the eMail that states "a virus has been sent by you" is being sent to someone WHO DID NOT SEND THE VIRUS (misdirected because of the "Spoofed From Field"). This is one reason why you may be receiving eMail messages that say you have sent a virus, and you know you did not. You did not send a virus but your eMail address was the eMail address that appeared in the "From Field" of an eMail message with a virus attached. You may also receive eMail from auto responders when you did not send an eMail to generate the response. The reason this is happening is because someone who has your eMail address in their eMail address book has been infected by a virus and your name was selected at random and placed in the “From” field of the eMail launched from their infected computer. The eMail sent from their computer triggered the response which is being sent not to the person who sent the eMail, but to the person in the “From” field. If your eMail address is in the eMail address books of others, there is a good chance that someday your eMail address will appear in the "From" field of an infected eMail sent from someone else’s computer and some of the recipients who do not understand the nature of today's eMail viruses will think you sent them a virus. You can also count on receiving lots of eMail you didn’t ask for, many generated by servers detecting viruses and auto responders. There is nothing you can do to prevent the above, but you can protect yourself. What can you do? Keep your virus protection software updated with the latest virus definitions. Put the software in "automatic" so when new virus definitions are available, the software company’s servers will detect the next time you are online and update your computer automatically, notifying you of the update after the update is complete. Run a complete virus scan if you ever suspect that you have a virus and on a regular basis as well. Don’t open attachments unless you are expecting them and then you may want to check with the sender before you open the attachment just to make sure they sent it to you. Realize that using the preview pane option may make you more susceptible to actually being infected by one of the many viruses you will inevitably receive (and have already been receiving). This is just a caution as the preview pane is a very convenient way to sort through large volumes of eMail and should you opt to use it, just understand the potential for infection and the need to keep your anti virus software up to date. You might also consider creating a folder for attachments in your eMail software and a rule which filters any eMail with an attachment into the attachment folder. Use the preview pain in your Inbox folder and turn off the preview pane in your attachment folder. Your ability to have the preview pane availability set differently in different folders is a function of the version of the eMail software you are using. Turn off the feature in your anti virus software that automatically sends out an eMail to the eMail address in the from folder of a virused eMail…that feature is sending the notification to the wrong purpose. For all practical purposes, you will not be able to tell from whom the virused eMail originated. Consider an eMail product such as InternetCrusade’s eMailPlus which helps eliminate viruses at the server before they reach your computer (for more information on eMailPlus go to http://InternetCrusade.com). Inform your clients of the information provided in this article so they don't someday think you sent them a virus. If your eMail address is in the eMail address books of others, there is a good chance that someday your eMail address will appear in the "From" field of an infected eMail and some of the recipients who do not understand the nature of today's eMail viruses will think you sent them a virus. Computer viruses are a fact of life, but there is much you can do to minimize their risk to you and your productivity. e-PRO is the only Technology Certification Program endorsed by the National Association of REALTORS®…created and delivered by InternetCrusade (http://InternetCrusade.com) Date Posted: 9/29/2006 Number of Views: 600 Return
Login
Copyright 2006 Citrus Valley Association of REALTORS®