Problem of the week | ||
|
Originally posted 17 February 2001 Early in 2001, IDC Research,
a major IT research organisation, reported
that 37% of business e-mail users would open an attachment called "I Love
You". Some of us doubted that people would be so silly and were immediately
proved wrong with the "Anna
Kournikova virus". Nearly two years later, people are still being caught
by these tricks. These viruses have to fool the victim into opening the virus file. For instance,
the Kournikova virus promised pictures of the tennis player contained in an
attachment called annakournikova.jpg.vbs. In MS Windows the three letters
after the full stop are important. These three letters, known as an extension,
is how Windows knows which program to use for that file. An MS Word document will have a .doc, a web page will have a .htm and graphic
file may have a .jpg. Windows normally hides the last three letters and this
is what the virus writers use to fool users. With the Kournikova virus, the
attachment appeared to be a graphic JPEG file when it is actually a .vbs, a
Visual Basic Script. You can tell Windows to show you the file extension and that will give you
a warning the file isn't what it seems to be. The other give away is the file's
icon, the icon is also decided by the extension. Below we show the icons you
should be wary of. Warning: As of early 2003, viruses are appearing with triple extensions.
A bug in Outlook Express means that the icon for the third extension will be
shown while the second extension will be executed. You should not open any attachment
with multiple extensions.
Visual Basic Scripts. I Love You and Anna are two viruses that use vbs scripts.
Generally, these should never be opened.
Executable Files are programs that will run when you click on them. Executable
files are used to transmit legitimate programs so you should not assume an exe
attachment is a virus, but it should be scanned for viruses before opening.
These can have extensions .exe, .bat or .com. Screensaver
Files have a .scr extension and should never be opened. There is
no reason for somebody to be sending you one of these files. The Cari,
or Mylife, virus is a particularly nasty example of this. This type of attachment
has become a recent favourite of virus writers.
PIF file are links to executable files. The Sircam
and MTX
virus use this method. PIF file attachments are very rare in legitimate
e-mails, it is safe to assume that any PIF is a virus. An e-mail that claims to have a graphic file attached that appears with one
of the above icons is almost certainly a virus. But in general you should cautious
of opening attachments: Before opening the attachment ask yourself why is this
person sending me an attachment? Do you know this person? Does the attachment
seems out of character, say receiving "sexy pics for you" from your
grandmother or "I love you" from your boss? If there is any doubt
don't open it. All of this advice assumes one thing: That you have an up-to-date virus scanner
installed on your computer. Once you install it keep it up to date. All anti-virus
programs have updating functions that make sure they keep with the new viruses
that are being written. If you don't keep your virus scanner up to date you
have wasted your money. Attachments are an important part of using e-mail but we all need to be careful
of what we open. Think about the attachment, what it is and who sent it before
opening it. Take care with any file you receive or download from the Net. Updated 10 February 2003What are the attachments in my Inbox?
PC Rescue Pty Ltd
Suite 236, 4 Young Street Neutral Bay NSW 2089
ABN 082 635 765
ŠTechnology Publishing Australia, 2011