Email-borne viruses and
Horses, sent as attachments, are increasingly common.
is available to help counter these threats, but user education
is still vital, as most virus protection is reactive and
will not catch all newer viruses and cannot protect against certain
infection methods. Users are advised to observe the following
Who is the email from?
- Email From fields may contain false information! Due to
insecurities in the internet email protocol, most of the information
in an email message can be faked by the sender. The fields which are
harder to change are typically not displayed by most email clients,
and their interpretation can be confusing to many users.
- Be wary of emails which purport to come from the Lab Staff
(or other account managers) and warn of dire consequences
which can be avoided by opening the enclosed attachment.
- The CS Lab staff will never send
initial account requests or information as attachments.
What is the attachment?
- Be wary of any email with attachments! (This is one reason
why attachments should be avoided when the information can easily be
included in the body of the email).
- Pay attention to the
filename extension of attached files. A popular method of
infection involves sending files which appear to be image
files (such as GIFs or JPEGs) or word processor
documents, but are in fact executable files.
- In Windows, this is particularly effective, since by default,
extension are hidden from the user. For an attachment named
evil_file.JPG.EXE it would be displayed in the email client
as evil_file.JPG, appearing to be a JPG image
- A common method used to bypass antivirus checkers, is to
include the virus in a ZIP archive, which the user must
- Be particularly wary of attached executable files.
- When in doubt, do not open the attachment. Seek professional
No single method will provide complete protection from viruses and
Trojan Horses, but the above methods, coupled with an updated virus
scanning programming will go a long way to preventing problems. If you
have any questions or encounter an attachment you are unsure of, please
contact the Lab Staff.