It seems like each and every day I get an e-mail or two about the latest and most deadly virus to date. Since there are thousands of viruses out there, it would be impossible to watch out for all of them. So, I'm going to give you some general virus guidelines that you can use to help keep yourself from getting infected. It's like that old saying, "Type code for a man and get his program running for a day. Teach him C++ and get his programs working for life".
Ok, maybe that's not the *exact* way that one goes, but you get the idea.
What is a virus anyway?
A virus is an unwanted program that, in almost all cases, the user accidentally installs onto his or her computer. Some are relatively harmless and cause little, if any, damage. Some are much more hazardous and can render the information on your computer's hard drive useless. Most just like to try to share your information, crash your computer, and spread themselves around.
So why do people make viruses?
Well, some (maybe most) do it just to see if they *can* do it. Some are genuinely looking to cause havoc. Others, and these are the ones to watch, are trying to get personal information from you. Many of the viruses out there are used to send their creator information from your computer via e-mail. Sure, there are more than just those 3 reasons, but I believe those to be the primary ones.
A day in the life of a virus
Since most of the viruses that give people trouble tend to be in the form of e-mail viruses, I'm going to give you the low down on how most of these puppies work with our computer buddy, "Jim".
Let's say Jim goes to work and checks his e-mail like he always does. He notices an e-mail from someone he knows with an attachment. The e-mail says something generic like "Hey, check out this attachment, it's really cool".
In all likelihood, there will be no signature (although there could be).
So, old Jim clicks the little paperclip icon and runs the attachment. It probably ends in ".exe" or ".zip".
Maybe he gets a cute little display on his screen (the Happy99 virus gave the user a fireworks display). Jim thinks "Hmm, that was cool" and gets back to work, completely unaware that he has been infected.
Now the virus goes to work. The first thing it will probably do is get into his address book and send itself to everyone in it. When these people get the e-mail virus, it looks like their friend Jim has just sent them a cool little file to check out. Old Jim doesn't have a clue that this has even transpired but now all his friends are opening up this little file and infecting their own computers (and sending it out to everyone in their address books). Do you see how these things can infect millions of computers in a hurry?
Another route the virus can take is to send a second e-mail with itself attached to anyone you are sending a message to. For instance, say you send Jim a message. Jim checks his e-mail and sees your message plus another message from the virus that you didn't even know you sent.
A quick way to check and see if you are infected with this type of "piggy back" virus is to send yourself an e-mail. If you get a second e-mail with an attachment, you're infected (note - this only works for viruses that spread themselves as described above).
Another way these e-mail themselves is by choosing an address from your address book as the "from" person (The Klez virus does this). So, it looks like one of Jim's friends is sending out viruses form their computer, but it's really coming from his machine.
Jim's friend then gets lots of e-mail from people telling him that he's sending out viruses! Of course, he's not, but Jim is. (In addition, Jim may get an earful from this (now former) friend once he figures out what happened!)
OK, I now what you may be thinking. Maybe you have 500 people in your address book and it seems like you would notice that there was an excessive amount of e-mail going out when you send / receive.
Well, you may with some viruses, but the smarter ones have an "SMTP" engine built in. Simply put, they can send e-mail from your computer without using your e-mail software or server. This is done is the background and may seem like nothing more than a sluggish internet connection.
Sneaky, aren't they? That's how most e-mail viruses work.
OK, now you know what these little buggers are and how they work. Now, how do you avoid them? Well, read on for tips on avoiding all sorts of different types. We'll start with E-mail viruses since they're the most common.
What Kind of Attachments Can Contain Viruses?
Basically, anything that is executable (able to run). You're generally safe with picture files, text files, and the like. However, it still pays to scan first.
Here is a (very) short list of the most common to watch out for:
exe
zip
scr
vbs
bat
com
pif
asp
doc
xls
Those are the most common. Please, please, I beg you, don't misinterpret this to mean that if you get one of these files it's automatically a virus. A ".zip" file may be nothing more than a set of compressed files your friend sent you to look at. A "doc" or "xls" file may simply be an MS Office file. It's just that these type of files could also be viruses.
A couple other virus tricks you need to be aware of. First, MS Office files can contain what are called "Macro Viruses". Without getting into too much detail, these files can run a "macro" (a macro is a mini-program run from within another program) that can be as destructive as any "regular" virus. So, my advice on MS Office attachments is not to open them unless you are expecting them. If they just show up, verify with the sender first.
The other trick you need to look out for is an extra extension added to an attached file. For example, you may have something like "mypicture.jpg.vbs". In fact, if you don't have your computer set to view file extensions, it may just look like "mypicture.jpg" and omit that last "vbs" part.
This may appear to be a jpg picture file, but it's actually a Visual Basic Script file. If executed, it will happily infect your computer with a virus.
So, be careful out there.
Avoiding E-mail Viruses
Most e-mail viruses only exist to replicate themselves, kind of like a digital bacteria. Others may do damage to your computer's files or even make your hard drive inaccessible.
What can you do?
Don't open attachments if you're not expecting them - EVER. If you get an attachment, e-mail whoever it was that sent it to you to confirm it's not a virus. Checking it with your anti-virus software isn't a bad idea either. Next to good anti-virus software, this is the #1 way to keep your computer virus free.
If you don't have any anti-virus software, get some. And keep it up to date. We recommend Norton Anti-Virus.
If you have anti-virus software that's up to date, don't rely on it to stop every virus. New viruses (10-15) are created each and every day. No one had a defense when the ILOVEYOU virus first hit, but folks who didn't run the attachment got away unscathed. (Although Norton AV seems to have updates available within hours of a new virus discovery)
Finally, there is a slim chance that you may run across a virus that can infect your computer without it being run.
These viruses take advantage of a security holes in some e-mail clients, namely Outlook / Outlook Express (they can also infect you if it's on a web page viewed with MS Internet Explorer). These holes have been sealed through a patch you can get from Microsoft.
The lesson? Keep both Internet Explorer and Outlook / Outlook Express up to date. Updates are free, so there's no good reason not to keep your software current.
Remember, 99.99% of the viruses out there must be run by YOU in order to infect your computer. If you get a virus e-mailed to you, you're generally safe reading the body of the e-mail message, JUST DON'T RUN THE ATTACHMENT!! A virus can't infect your computer until you give it your consent (well, unless someone hacks into your machine and runs it, but that's another newsletter).
If you do get a file that you suspect contains a virus, just delete it.
Don't open attachments if you're not expecting them - EVER. If you get an attachment, e-mail whoever it was that sent it to you to confirm it's not a virus. Checking it with your anti-virus software isn't a bad idea either. We recommend Norton Anti-Virus.
some other ways to pick up a virus.
Although e-mail viruses are by far the most common, you can still get infected in any number of other ways. In this last section of our virus guide, we'll look at keeping you safe from as many virus sources as possible.
What is the difference between a Virus, Trojan, and Worm?
Basically, they all fall under the generally category of "viruses". However, there are a few distinctions.
Virus - Technically, a virus infects another file (attaches or inserts itself into it). They usually infect program files or MS Office documents. From there, it can replicate, do damage, etc. Unlike a worm, these do not function as a stand alone (except possibly to infect a given file).
Worm - This is almost identical to a "true virus", except that it lives on its own and generally doesn't infect other files (although it can replace them). Usually, these copy themselves using e-mail, networks, disks, etc. Again, these are very close to a true virus, and can do the same kind of damage.
Trojan Horse - This type of program doesn't copy itself but does do damage to your computer. These types of programs rely on people to pass them around and to run them. They do not e-mail themselves. The idea is to make the program look like it's something harmless, like a screen saver or joke, so it gets sent around.
That's the crash course on virus types. Bottom line, you don't want any of the little nastys on your computer!
Other virus sources
Although e-mail viruses are by far the most common, you can still get infected in any number of other ways. In this last section of our virus guide, we'll look at keeping you safe from as many virus sources as possible.
Unknown download sites - Be careful when downloading software from the net, especially from a virtual shareware library. A virtual shareware library is a site that has software listings on it, but they don't keep the software on their server. Just hover your mouse pointer over the download link and look at the bottom of your browser. If the URL shown is not the same as the site's it's a virtual shareware library. Most shareware sites are.
This isn't to say that you're going to get a virus by downloading software from them. In fact, I've never had a problem (and I download tons of software).
What I normally do is try to go to the software's web page. If it seems to be a trustworthy company, I download. Then I double-check the file with my anti-virus software.
Floppy Disks - Passing around floppy disks use to be the number one way of getting a virus, but it isn't as common as it used to be. In general, just be careful about running programs on floppy disks, especially those from questionable sources.
Another thing to be careful of is floppy boot sector viruses. If you have an infected floppy with this type of virus on it, you'll be infected if you forget to take it out of your drive when you re-boot your computer. To avoid problems, just don't leave floppy disks in your drive.
Of course, it doesn't hurt to scan your floppy with your AV software either.
Macro Viruses - I had mentioned this briefly earlier. Be careful with MS office documents that come from questionable sources. They can contain what's called a macro virus. These can delete files, alter program menus, and more.
Unfortunately, these are relatively easy to write, so they are among the most widespread variety of viruses. Be extremely careful when opening unknown MS office files, especially Word documents. Probably a good idea to save these files to disk then check them with your anti-virus software before opening them.
Well, that's about it. I know we could easily fill a book discussing viruses, but I'm just tryign to pass along the basics.
Just remember, keep your anti-virus software up to date and don't run / open any files you don't trust 110%.
No comments:
Post a Comment