Attachments are the mode of transmission for email viruses. Curious users naively double-click on an email attachment and then suddenly, they're infected. That's all it takes (usually).

Be careful of any attachments you receive-- even if it looks like it's from somebody you know. Some email viruses attach themselves to all outgoing messages from an infected computer. So, somebody might be sending you a valid email in terms of the text, but they may also be sending you a virus as an attachment. Others send out their own emails, but forge the "From" fields to appear as if they are coming from people you know. As a result, you should never open an attachment unless you know it is safe and valid.

Some email programs, such as Microsoft Outlook, can be configured to display email in a "preview pane" or "reading pane." This usually splits your email program's window into two sections and one section displays a list of your emails in a particular folder and the other section displays a preview of the email or allows you to read the email within that sub-window. While convenient, this feature usually ends up opening the email (marking it read) and trying to intelligently handle any attachments-- loading picture files or running executables (programs that are usually named *.exe). Therefore, using this feature is effectively the same as opening or running the attachment and if the attachment is a virus, it will infect your computer (unless you have up-to-date anti-virus software that is able to block the virus). In Outlook, you can disable this feature by doing to the "View" menu and turning off the "Preview Pane" or "Reading Pane" option. In Eudora, go to the "Special" menu, select "Settings," and under "Mailbox Display," uncheck the "Show message previews by default" option.

Return to top

Many email viruses now forge the "From" field of an email (as well as try to use subject lines that seem to make sense). So, when you get a virus email, it may look like it's from your friend down the hall, but it's really from an infected computer somewhere. One of the most successful cases of this is the Beagle.j virus that looks like an email from your email systems administrator and even comes complete with text that looks like a somewhat legitimate message about your email account. As a result, you should, again, be careful of opening any attachments, even if it looks like it's from somebody you know.

If you want to know where the email is really coming from, you can view the headers of the email and see the route it has taken from the sender to you. (This is usually how ResComp tracks down the infected computer when we want to notify the sender.) If the original sending computer and the "from" don't seem to match up, be suspicious.

Return to top

Many email viruses try to use "natural language" to make their emails look legitimate. You'll also see this with spam. They try to use subject lines like "hello" or "your account" to get you to open the email. The "smarter" viruses even include pretty believable text in the body of the messages, such as Beagle.j. Because of these efforts to increase the likelihood that you will believe the message is a legitimate one, you should, again, be careful of attachments.

Spammers also use these kinds of techniques to get you to give them private information or send money, so even if a message doesn't have an attachment, you should still be suspicious.

Return to top

In addition to following the rules mentioned above, the best way to protect yourself from viruses, email or otherwise, is to run and keep up-to-date anti-virus software on your computer. Symantec Anti-virus (for PCs) and Norton AntiVirus (for Macs) are available free for Stanford users and can be downloaded at Essential Stanford Software. Anti-virus software offers real-time protection, so even if you accidentally do open a virus, it will recognize it as such and block it. For more information on anti-virus software, click here.

Return to top