Logo
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
EPL Standings
 
 
Windows XP

Troubleshooting Network Problems : Working with Email Safely and Securely - Protecting Yourself Against Email Viruses & Filtering Out Spam

12/5/2011 3:58:29 PM

Protecting Yourself Against Email Viruses

Until just a few years ago, the primary method that computer viruses used to propagate themselves was the floppy disk. A user with an infected machine would copy some files to a floppy, and the virus would surreptitiously add itself to the disk. When the recipient inserted the disk, the virus copy would come to life and infect yet another computer.

When the Internet became a big deal, viruses adapted and began propagating either via malicious websites or via infected program files downloaded to users’ machines.

Over the past couple of years, however, by far the most productive method for viruses to replicate has been the humble email message. Melissa; I Love You; BadTrans; Sircam; Klez. The list of email viruses and Trojan horses is a long one but they all operate more or less the same way: They arrive as a message attachment, usually from someone you know. When you open the attachment, the virus infects your computer and then, without your knowledge, uses your email client and your address book to ship out messages with more copies of itself attached. The nastier versions will also mess with your computer by deleting data or corrupting files.

You can avoid getting infected by one of these viruses by implementing a few common sense procedures:

  • Never open an attachment that comes from someone you don’t know.

  • Even if you know the sender, if the attachment isn’t something you’re expecting, assume that the sender’s system is infected. Write back and confirm that the sender emailed the message.

  • Some viruses come packaged as scripts that are hidden within messages that use the Rich Text (HTML) format. This means that the virus can run just by viewing the message! If a message looks suspicious, don’t open it, just delete it. (Note that you’ll need to turn off the Outlook Express preview pane before deleting the message. Otherwise, when you highlight the message, it will appear in the preview pane and set off the virus. Select View, Layout, deactivate the Show Preview Pane check box, and click OK.)

  • Install a top-of-the-line antivirus program, particularly one that checks incoming email. Also, be sure to keep your antivirus program’s virus list up to date. As you read this, there are probably dozens, maybe even hundreds, of morally challenged scumnerds designing even nastier viruses. Regular updates will help you keep up.

In addition to these general procedures, Outlook Express also comes with its own set of virus protection features. Here’s how to use them:

1.
In Outlook Express, select Tools, Options.

2.
Display the Security tab.

3.
In the Virus Protection group, you have the following options:

Select the Internet Explorer Security Zone to Use From the perspective of Outlook Express, you use the security zones to determine whether active content inside an HTML-format message is allowed to run:
  • Internet Zone—If you choose this zone, active content is allowed to run.

  • Restricted Sites Zone—If you choose this option, active content is disabled. This is the default setting and it’s the one I recommend.

Warn Me When Other Applications Try to Send Mail as MeAs I mentioned earlier, it’s possible for programs and scripts to send email messages without your knowledge. This is done using Simple MAPI (Messaging Application Programming Interface) calls, which can be used to send messages via your computer’s default mail client, and it’s all hidden from you. When this check box is activated, Outlook Express displays a warning dialog box (see Figure 1) when a program or script attempts to send a message using Simple MAPI. Click Send to allow the message; click Do Not Send to cancel the message.

Figure 1. Outlook Express warns you if a program or script uses Simple MAPI to attempt to send a message.


Sending Messages Via CDO

Activating the Warn Me When Other Applications Try to Send Mail as Me option protects you against scripts that attempt to send surreptitious messages using Simple MAPI calls. However, there’s another way to send messages behind the scenes. It’s called Collaboration Data Objects (CDO), and it’s installed by default in Windows XP. Here’s a sample script that uses CDO to send a message:

   Dim objMessage
Set objMessage = CreateObject("CDO.Message")
With objMessage
.To = "you@there.com"
.From = "me@here.com"
.Subject = "CDO Test"
.TextBody = "Just testing..."
.Send
End With
Set objMessage = Nothing

The Warn Me When Other Applications Try to Send Mail as Me option does not trap this kind of script, so bear in mind that your system is still vulnerable to Trojan horses that send mail via your Windows XP accounts.


Do Not Allow Attachments to Be Saved or Opened That Could Potentially Be a VirusWhen this check box is activated, Outlook Express monitors attachments to look for file types that could contain viruses or destructive code. If it detects such a file, it disables your ability to open or save that file, and it displays a note at the top of the message to let you know about the unsafe attachment, as shown in Figure 2.

Figure 2. If Outlook Express detects an unsafe file attachment, it displays a notice at the top of the message to let you know that you do not have access to the file.

Files Types Disabled by Outlook Express

The file types that Outlook Express disables are defined by Internet Explorer’s built-in unsafe-file list. This list includes file types associated with the following extensions: .ad, .ade, .adp, .bas, .bat, .chm, .cmd, .com, .cpl, .crt, .exe, .hlp, .hta, .inf, .ins, .isp, .js, .jse, .lnk, .mdb, .mde, .msc, .msi, .msp, .mst, .pcd, .pif, .reg, .scr, .sct, .shb, .shs, .url, .vb, .vbe, .vbs, .vsd, .vss, .vst, .vsw, .wsc, .wsf, .wsh.


Tip

What do you do if you want to send a file that’s on the Outlook Express unsafe file list and you want to make sure that the recipient will be able to open it? The easiest workaround is to compress the file into a .zip file, which won’t be blocked by Outlook Express (or Outlook or any other mail client that blocks file types).

4.
Click OK to put the new settings into effect.

Filtering Out Spam

Spam—unsolicited commercial messages—has become a plague upon the earth. Unless you’ve done a masterful job at keeping your address secret, you probably receive at least a few spam emails every day, and it’s more likely that you receive a few dozen. The bad news is most experts agree that it’s only going to get worse. And why not? Spam is one of the few advertising mediums where the costs are substantially borne by the users, not the advertisers.

The best way to avoid spam is to not get on a spammer’s list of addresses in the first place. That’s hard to do these days, but there are some steps you can take:

  • Never use your actual email address in a newsgroup account. The most common method that spammers use to gather addresses is to harvest them from newsgroup posts. One common tactic is to alter (or munge, in the vernacular) your email address by adding text that invalidates the address but is still obvious for other people to figure out:

       user@myisp.remove_this_to_email_me.com

  • When you sign up for something online, use a fake address if possible. If you need or want to receive email from the company and so must use your real address, make sure that you deselect any options that ask if you want to receive promotional offers. Alternatively, enter the address from a free Web-based account (such as a Hotmail account), so that any spam you receive will go there instead of to your main address.

  • Never open suspected spam messages because doing so can sometimes notify the spammer that you’ve opened the message, thus confirming that your address is legit. For the same reason, you should never display a spam message in the Outlook Express preview pane. As described earlier, shut off the preview pane before highlighting any spam messages that you want to delete.

  • Never, I repeat, never, respond to spam, even to an address within the spam that claims to be a removal address. By responding to the spam all you’re doing is proving that your address is legitimate, so you’ll just end up getting more spam.

Tip

If you create web pages, never put your email address on a page because spammers use crawlers that harvest addresses from web pages. If you must put an address on a page, hide it using some simple JavaScript code:

   <script language="JavaScript" type="text/javascript">
<!--
var add1 = "webmaster"
var add2 = "@"
var add3 = "whatever.com"
document.write(add1 + add2 + add3)
//-->
</script>


There are a host of commercial spam-killers on the market, but with a bit of work you should be able to eliminate most spam by using nothing more than the built-in tools available in Outlook Express. I’m talking specifically about using mail rules: conditions that look for messages with specific characteristics—for example, certain words in the subject or body—and actions that do something with the matching messages—such as delete them.

To filter spam, your rules need to look for incoming messages that meet one or more of the following criteria:

  • Specific words in the Subject line— The sneakier spammers hide their messages behind innocuous subject lines such as “Here’s the information you requested.” But most spam comes with fairly obvious Subject lines: “Make $$$Money Now!!!” or “FREE Business Cards.” Instead of creating a rule based on an entire Subject line, you only need to watch for certain keywords. Here are a few that I use (I’ve removed some of the more explicit terms that filter out pornographic spam):

    !!!!!!!, $, %, .name, 18+, about your site, adult, adv, advertise, ameritrade, annual reports, are you in debt, back taxes, bargain, be 18, britney, bulk, buy recommendation, cartridges, cash, casino, clients, collect your money, credit card, credit rating, creditor, debts, descrambler, dieting, diploma, don’t miss, double your money, dvd movies, earning!, e-mail marketing, emarketer, erotic, excite game, f r e e, find out anything, flash alert, free cell, free credit, free pda, free phone, free trial, free vacation, free!, freee, get out of debt, giveaway, got debt, guaranteed!, hair loss, hormone, how to make money, increase your sales, incredible opportunity, interest rates, investment goals, iPod, is this a picture of you, klez, lemme, life insurance, loans, lose up to, lose weight, lose while you sleep, losing sleep, low on funds, marketing services, maximize your income, merchant, millionaire, mlm, mortgage, new car, new photos from my party, online market, online pharmacy, over 18, over 21, printer cartridge, promote your business, reach millions, reduce your debt, refinance, refinancing, s e x, satellite, saw your site, secure your future, seen on tv, sex, singles, snoring, spec sheet, steroids, stock, stock alert, systemworks, thinning hair, this one’s on us, too good to be true, trading alert, trading report, uncover the truth, urgent notice, viagra, web traffic, what are your kids, work at home, work from home, xxx, years younger, you are a winner, you have to see this

  • Specific words in the message body— The message body is where the spammer makes his or her pitch, so there’s rarely any subterfuge here. You can filter on the same terms as you used for the subject line, but there are also a few telltale terms that appear only in spam messages. Here are some that I use:

    ///////////////, 100% satisfied, adult en, adult web, adults only, cards accepted, check or money order, dear friend, extra income, for free!, for free?, satisfaction guaranteed, money back, money-back guarantee, one-time mail, order now!, order today, removal instructions, special promotion

  • Specific names in the From line— Many spammers spoof their From address by using a random address or, more likely, an address plucked from their distribution list. However, some use addresses that have a common theme, such as “sales@” (for example, sales@blah.com). Here are some common From line names to filter:

    @mlm, @public, @savvy, ebargains, free, hello@, link2buy, mail@, profits@, sales@, success, success@

  • Specific names in the To line— The To line of spam messages usually contains either an address from the distribution list or “Undisclosed Recipients.” You can’t filter on the latter, however, because many legitimate mailings also use that “address.” However, there are a few common To line names to watch for:

    anyone@, creditcard@, free@, friend, friend@, nobody@, opportunity@, public@, success@, winners@


Other -----------------
- Troubleshooting Network Problems : Troubleshooting General Network Nuisances
- Troubleshooting Network Problems : Working with Network Diagnostics
- Troubleshooting Network Problems : Repairing a Network Connection
- Visual Basic 2008 : Using FTP in the Service (part 2)
- Visual Basic 2008 : Using FTP in the Service (part 1)
- Windows Presentation Foundation in .NET 4 : Introducing WPF - The Architecture of WPF
- Windows Presentation Foundation in .NET 4 : Introducing WPF - Resolution Independence
- Windows Presentation Foundation in .NET 4 : Introducing WPF - The Evolution of Windows Graphics & A Higher-Level API
- Silverlight and ASP.NET : WCF Services and Silverlight
- Silverlight and ASP.NET : Integrating with HTML & Animations
- Silverlight and ASP.NET : Silverlight and Layout
- Silverlight and ASP.NET : Adding Silverlight Content to a Web Page
- Silverlight and ASP.NET : XAML
- Silverlight and ASP.NET : Creating a Silverlight Application
- Microsoft ASP.NET 4 : Developing a Web Part
- Microsoft ASP.NET 4 : The Web Parts Architecture
- Microsoft ASP.NET 4 : Handlers and Session State & Generic Handlers (ASHX Files)
- Microsoft ASP.NET 4 : HTTP Handlers - Handlers and IHttpHandler
- Microsoft ASP.NET 4 : HTTP Handlers - The Built-in Handlers
- Microsoft ASP.NET 4 : ASP.NET Request Handlers
 
 
Most view of day
- Adobe Fireworks CS5 : Exporting to Flash Catalyst
- Microsoft PowerPoint 2010 : Finalizing Your Slide Show - Reviewing Your Presentation
- Microsoft Exchange Server 2007 : Consolidating a Windows 2000 Domain to a Windows Server 2003 Domain Using ADMT (part 5) - Migrating Computer Accounts
- Using Application Deployment Tools : Deploying Applications Using RDS (part 2) - Packaging RemoteApp Applications
- Sharepoint 2013 : Managing Security - See Who Is a Member of a SharePoint Group
- Microsoft Content Management Server : Implementing Server-Side Validation
- Sharepoint 2013 : Managing Site Security - Edit a SharePoint Group’s Settings
- Sharepoint 2013 : New Installation and Configuration - Managed Accounts
- Microsoft Excel 2010 : Using Formulas - Copying a Formula, Formula Operators
- Microsoft Dynamics GP 2010 : Improving performance by adjusting AutoComplete settings, Cleaning up Accounts Receivable with Paid Transaction Removal
Top 10
- Windows Server 2012 : DHCP,IPv6 and IPAM - Exploring DHCP (part 3) - Creating IPv4 DHCP Scopes
- Windows Server 2012 : DHCP,IPv6 and IPAM - Exploring DHCP (part 2) - Installing DHCP Server and Server Tools
- Windows Server 2012 : DHCP,IPv6 and IPAM - Exploring DHCP (part 1)
- Windows Server 2012 : DHCP,IPv6 and IPAM - Understanding the Components of an Enterprise Network
- Microsoft OneNote 2010 : Using the Research and Translate Tools (part 3) - Translating Text with the Mini Translator
- Microsoft OneNote 2010 : Using the Research and Translate Tools (part 2) - Translating a Word or Phrase with the Research Pane
- Microsoft OneNote 2010 : Using the Research and Translate Tools (part 1) - Setting Options for the Research Task Pane, Searching with the Research Task Pane
- Microsoft OneNote 2010 : Doing Research with Linked Notes (part 2) - Ending a Linked Notes Session, Viewing Linked Notes
- Microsoft OneNote 2010 : Doing Research with Linked Notes (part 1) - Beginning a Linked Notes Session
- Microsoft OneNote 2010 : Doing Research with Side Notes (part 3) - Moving Side Notes to Your Existing Notes
 
 
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
2015 Camaro