Email Viruses & Trojan Horses

Email Viruses & Trojan Horses

Email-borne viruses and Trojan Horses, sent as attachments, are increasingly common. Virus software is available to help counter these threats, but user education is still vital, as most virus protection is reactive and will not catch all newer viruses and cannot protect against certain infection methods. Users are advised to observe the following guidelines.

Who is the email from?

  • Email From fields may contain false information! Due to insecurities in the internet email protocol, most of the information in an email message can be faked by the sender. The fields which are harder to change are typically not displayed by most email clients, and their interpretation can be confusing to many users.
  • Be wary of emails which purport to come from the Lab Staff (or other account managers) and warn of dire consequences which can be avoided by opening the enclosed attachment.
  • The CS Lab staff will never send initial account requests or information as attachments.

What is the attachment?

  • Be wary of any email with attachments! (This is one reason why attachments should be avoided when the information can easily be included in the body of the email).
  • Pay attention to the filename extension of attached files. A popular method of infection involves sending files which appear to be image files (such as GIFs or JPEGs) or word processor documents, but are in fact executable files.
    • In Windows, this is particularly effective, since by default, extension are hidden from the user. For an attachment named evil_file.JPG.EXE it would be displayed in the email client as evil_file.JPG, appearing to be a JPG image file.
  • A common method used to bypass antivirus checkers, is to include the virus in a ZIP archive, which the user must first unpack.
  • Be particularly wary of attached executable files.
  • When in doubt, do not open the attachment. Seek professional help first.

No single method will provide complete protection from viruses and Trojan Horses, but the above methods, coupled with an updated virus scanning programming will go a long way to preventing problems. If you have any questions or encounter an attachment you are unsure of, please contact the Lab Staff.