I had a virus…

by techtiptom

Originally posted to wibc.com on 05/31/2011

I received a few e-mails from friends and co-workers over the weekend; wondering why I would be sending them risqué messages, links to “adult” sites, etc…  I hadn’t even been on my PC all weekend! I attended my step-daughter’s High School graduation, worked on refurb’ing a mobile home, went to the Greatest Spectacle in Racing…

I had a virus! Somehow, even though I never open unsolicited e-mail attachments, I had contracted a computer virus.  This trojan virus was sending e-mails to everyone in my address book!  Very embarrassing when my boss wanted to know why I was sending offensive messages and links to him….

It is amazing how many people  are infected by running an attachment that has been sent to their mailbox. Imagine the following scenario: the person targeting you knows that you have a friend named Alex and also knows Alex’s email address. The attacker disguises a trojan as interesting content, for example, a Flash-based joke, and emails it to you in your friend’s name. To do so, the attacker uses some relaying mail server to falsify the email’s FROM field and make it look like Alex is the sender. Alex’s email address is alex@example.com so the attacker’s FROM field is changed to alex@example.com. You check your mail, see that Alex has sent you an attachment containing a joke, and run it without even thinking that it might be a malicious because, “hey, Alex wouldn’t do something like that, he’s my friend!”

You must be certain of BOTH the source AND content of each file you download! In other words, you need to be sure that you trust not only the person or file server that gave you the file, but also the contents of the file itself.

  1. NEVER download blindly from people or sites which you aren’t 100% sure about. In other words, as the old saying goes, don’t accept candy from strangers. If you do a lot of file downloading, it’s often just a matter of time before you fall victim to a trojan.
  2. Even if the file comes from a friend, you still must be sure what the file is before opening it, because many trojans will automatically try to spread themselves to friends in an email address book. There is seldom reason for a friend to send you a file that you didn’t ask for. When in doubt, ask them first, and scan the attachment with a fully updated anti-virus program.
  3. Beware of hidden file extensions! Windows by default hides the last extension of a file, so that innocuous-looking “susie.jpg” might really be “susie.jpg.exe” – an executable trojan! To reduce the chances of being tricked, unhide those pesky extensions.
  4. NEVER use features in your programs that automatically get or preview files. Those features may seem convenient, but they let anybody send you anything which is extremely reckless. Disable the preview mode in Outlook and other email programs.
  5. Never blindly type commands that others tell you to type, or go to web addresses mentioned by strangers, or run pre-fabricated programs or scripts (not even popular ones). If you do so, you are potentially trusting a stranger with control over your computer, which can lead to trojan infection or other serious harm.
  6. Don’t be lulled into a false sense of security just because you run anti-virus programs. Those do not protect perfectly against many viruses and trojans, even when fully up to date. Anti-virus programs should not be your front line of security, but instead they serve as a backup in case something sneaks onto your computer.
  7. Finally, don’t download an executable program just to “check it out” – if it’s a trojan, the first time you run it, you’re already infected!