Protect yourself from email viruses

There have been several email viruses propagating around the Internet recently. I think the following tips are good safety practices to avoid becoming infected.

A virus can affect you system in many negative ways, including: information disclosure; add/modify/delete files; affect system stability; install a backdoor; attack other systems; and send spam to other users.

What can you do to protect yourself?

Use a personal firewall

A firewall won't prevent you from getting infected with a virus, but if you do become infected, a firewall may prevent it from spreading.

If you use Windows XP, you have firewall software installed already. To learn how to enable it, click the Start button, go to "Help&Support" and search for "enable Internet Connection Firewall".

Firewall software also comes bundled in Norton and McAfee protection suites, or you can download a free firewall, ZoneAlarm and Sygate Personal Firewall are two. One cool thing about these products is that they will tell you when a program on your computer tries to access the Internet. If it's a program you know about (like your web browser) then it's OK, but if you don't know what that program is, you may have a virus.

Run and maintain an anti-virus product

Reputable vendors include:   Grisoft, McAfee, and Symantec. Grisoft supplies the free AVG anti-virus package, so cost doesn't have to be a barrier.

Also, you must maintain your anti-virus software. Keep up to date with the product's virus database. These products make it pretty easy to refresh their databases: you can take a couple of minutes every day to get a new virus database when you connect to the internet. Anti-virus software is useless if it cannot detect viruses entering your system.

Some companies provide free scanners that you run in your web browser over the Internet. Here are three:   Trend Micro's Housecall, McAfee FreeScan, Symantec Security Check.

If you're already infected, you can get a virus cleaner from McAfee called Stinger. Simply download and run the program. It will detect, identify and remove about 40 current viruses.

Another very good discussion of using antivirus software can be found here: The ModemHelp.Net Ultimate Virus/Trojan/Worm Removal Guide. They talk about how to use the Avast program on several versions of Windows.

Don't run programs of unknown origin

This is particularly true of email attachments. Be very careful before you open an email attachment, even if it is sent from someone you know.

Keep your Windows system up to date

Regularly visit windowsupdate.microsoft.com to ensure your Windows operating system and applications are up to date with the latest security fixes and patches.

Beef up the security of Outlook Express

Recent versions of Outlook Express are more secure, but if you use a version older than 6.0, you can make it more secure.

Or, you can try an alternate web browser or email program. Microsoft Outlook Express and Internet Explorer, because they are the most popular programs for using the Internet, are the most commonly targetted by virus writers. Other mail clients include Eudora and Mozilla. Alternate web browser include Opera and Mozilla.

Use the NCF SpamFilter

While not specifically a virus blocking system, it does flag message that contain executable programs, and if you're set up to delete "red" mail, you'll never get them in your inbox. Read about the NCF SpamFilter here.

Beware of spyware

Programs you download and install on your computer can contain components that spy on your behaviour, including capturing what you type (i.e. your password) and can connect across the internet to malicious people. There are products called Ad-aware and Spybot Search & Destroy that can scan your system to find and remove these sneaky programs. Microsoft has also released their own antiSpyware product, that is currently in Beta development.

Beware of modem hijacking

"Imagine opening your next phone bill, only to find a long distance charge totaling $400 or even more. You have no idea where these charges have come from and what's worse, your telephone company insists that you made the calls and you must pay. You are likely the victim of modem hijacking." For more information, read this article on Modem Hijacking, and also the CRTC's advisory on the issue, "Unexpected Long-distance Charges for Internet Use". The Spybot Search & Destroy program should clear the problem from your computer if you are affected.

Further information

Read the CERT Advisory: Email-borne Viruses.

Symantec's Security Response page is an excellent source of information on viruses new and old. Also, they provide removal tools to rid yourself of viruses if you do become infected.

Monitor magazine published an article in their March 2005 issue about Internet security. The main focus of the article is to compare commercial security suite software.


Valid HTML 4.01 Transitional Last modified: 2006-12-04
By: Glenn Jackman (es087)