Malaware from Email attachments

One of the most common ways viruses make their way into computers is through spam. Attachments are embedded in these junk email messages and sent by the millions to every email address in existence, for unsuspecting recipients to click, open, and execute. But how can people be that dumb, you may ask? Well, consider the filename of a typical Trojan horse:

kittens playing with yarn.jpg .scr

Since Windows has its filename extensions hidden by default, this is how the file looks to most Vista users:

kittens playing with yarn.jpg

In other words, most people wouldn’t recognize that this is an .scr (screensaver) file and not a photo of kittens. (The long space in the filename ensures that it won’t be easy to spot, even if extensions are visible.)

And since many spam filters and antivirus programs block .exe files, but not .scr files—which just happen to be renamed .exe files—this innocuous-looking file is more than likely to spawn a nasty virus on someone’s computer with nothing more than an innocent double-click.

So, how do you protect yourself from these? First, don’t open email attachments you weren’t expecting, and manually scan everything else with an up-to-date virus scanner (discussed later in this section). Next, employ a good, passive spam filter, and ask your ISP to filter out viruses on the server side.

Posted in Labels: |