We’ve come a long way in terms of recognizing and preventing email viruses, but along with that the people creating them are getting more clever at disguising them. They can be a real problem, taking down your computer or in some cases even an entire network of them. An office that I worked at about 7 years ago had an infection that spread throughout the entire network, and it started with just one compromised machine. It took weeks and a lot of headache to finally clear it, definitely a situation that you want to avoid if possible. The best offense is a good defense, start with an anti-virus program like Mcafee.
Set Yourself Up with a Good Email Provider
Step one in terms of protecting yourself against potential threats is to pick a good service provider with good filters in place, so that known malicious emails never even reach your inbox. Now free services like Gmail and Hotmail do a decent job of this, but for professional email you probably want something like firstname.lastname@example.org. Your web hosting provider might already provide this service, but definitely do your homework and see what their reputation around email is. If they don’t, or you’d prefer to use a more reputable service, you can always purchase branded email from another company, take a look at VPSdeals.org for ssl coupons that can be applied towards email services. Again, make sure you do some research first and verify that the company has a good track record when it comes to blocking malicious emails.
Virus Example: The “Here You Have” Virus
The “Here you have” virus is a good example of a fast moving virus that infiltrated several big name organizations. In her September 9, 2010, ABC News article, “‘Here You Have’ Virus E-Mail Spreads Online”, Ki Mae Heussner writes that Comcast and Wells Fargo, whose email servers were brought to their knees, are among the companies that report being affected by the worm. Users were urged to click on the infected email using common social engineering ploys that promised that the attachment contained an important document or pornographic material.
The behavior of the “Here you have” virus is similar to that of other virulent attacks. Once executed, the virus attempts to shut down, disable, or circumvent security software. H Security reports that it also installs a backdoor and attempts to exploit application and operating system weaknesses to harvest passwords and steal information. The virus sends infected emails to everyone in the victim’s email contact list.
Preventing Email Viruses
End user training and effective spam and virus filtering may be the most effective ways to prevent these types of infections. Anti-virus and anti-malware software can help detect, block, and remove the infection. Automated patch management will lower the number of application and operating system vulnerabilities that the virus can exploit. Active monitoring and logging of server events and network traffic will alert organizations to the presence of destructive programs even when other methods have been circumvented.
With just a little awareness, you will be able to avoid the worst of the email viruses. A good security program and regular scans of your computer should take care of the rest.