Q1: Why is it important to practice safety
in reading E-mails?
There has been a high increase of malicious codes such as virus, worms
and trojans that spread via E-mail attachments, notably due to the lack
of caution and care by individual in handling E-mails. On the other hand,
virus can spread via diskette and file downloads too, however, the impact
has not been as widespread as via E-mail attachment.
Q2: How fast can these virus spread?
The speed of these malicious codes spread depends on the behavior of
the virus itself, notably the worm type viruses spreads automatically via
E-mail attachment, which the code itself initiates. The user will not be
aware that a mail has been sent from his/her PC to his/her friend, vendor or client. This
Worm feature uses the contact list of the recipients, so the distribution can be ex potential.
Q3: What damages can these malicious codes do?
Malicious codes that has features to destroy data, such as Worm.ExploreZip, W32.KLEZ
and CIH will destroy files, hard disk partitions, bios and other possible damages
to the systems and hardware. Malicious codes with trojan features on the
other hand will open a back door on the victims' machines inviting remote
entry to the system. In addition they can create pay-load on the user's or the service provider's
mailer system, and in some cases get your company on a spam blacklist.
(Your e-mail will be rejected by other e-mail systems). You can use the Blacklist Tool
on the main page to check if your IP address is on the main spam databases.
For a list of most of the spam databases Click Here
Q4: How advanced is the threat?
The threat has been increasing since mid 1998, since we see many recent
malicious codes have combined features of virus, worm and trojan, which
increases the threats and challenges to the IT industry especially to the
anti virus vendors in coming up with fixes. Our observation is, the frequency of new
attacks is on the rise. With operating systems and applications evolving quickly,
critical security updates are weekly occurences.
Q5: How do we prevent the spread of these malicious
Practice caution when receiving E-mail attachments. Upon receiving E-mail
with an attachment, regardless of the sender :
DO NOT CLICK THE ATTACHMENT. Do not open
it, do not view it, do not save it to disk.
Verify the E-mail, by contacting the sender.
Do not launch the program automatically - save it to hard disk to enable
the anti virus software to scan the file for any viruses.
Ensure you have your anti virus, virus list updated.
If your computer shows some sign of abnormalities, after you launch
their E-mail attachment, contact the sender, (preferably by phone). Contact ComLogic
if your in the Denver Metropolitan Area. DO NOT SEND THEM A COPY OF THE
ATTACHMENT, describe it to them and then wait for instruction.
Avoid sending messages with attachments that contain executable
code (codes that run things), like Word documents with macros, EXE files
and ZIPPED files. You can use Rich Text Format, or RTF, instead of the
standard .DOC format. RTF will keep your formatting, but will not include
any macros. There is, however, a couple of viruses out there that will
fool Word when you save as RTF, so while you cannot completely trust .RTF
files it is still a good practice. This may avoid the embarrassment of
you sending them a virus if you are already infected.
You can use Anti-virus software products to scan your hard disk at all
times, however, update the software list every few days and don't rely
on it to protect you completely. Remember, they can only detect what they
(the vendor) already know about.
Q6: What if the E-mail is an announcement from my
ISP, which includes an attachment?
ISPs will NOT send documents attached in an E-mail announcement.
They would normally refer to their web page, where you can retrieve information
Q7: What are other recent threats?
Browser Attacks. These are web pages that contain malicious code in tended to sabotage
computers and comprimise privacy. Newer firewalls are being developed to scan a variety
of Internet protocols. Most browser attacks operate under radar of current firewalls;
new firewalls with content filtering and multiple protocol scanners will catch these new
There are also, attempts of stealing Internet account password through
E-mails, which claim to have originated from the ISPs. This is NOT
TRUE; the E-mail headers have been forged, to look as if they were
sent by the ISPs. As a matter of practice, ISPs do not request for customer's
passwords in any circumstances, especially via E-mail. There are e-mails
that appear to be warnings about viruses and provide instructions on which
files to check for and recommend you remove them. Unfortunately, these
are operating system files and once removed render the computer unusable.
Please check with ComLogic before taking action. Unfortunately, greeting
cards are becoming popular vehicles for loading viruses, even when you
know the sender.
Q8: Any advice for organizations?
Every organization that has a network should have policy on Virus prevention.
These policies need to be enforced and monitored. Any development in the
technology should call for the policy to be revisited, so as it is always
applicable and acceptable to the current network environment.