SAFE E-MAIL PRACTICES FAQ (Frequently Asked Questions) 

Q1: Why is it important to practice safety in reading E-mails?
Q2: How fast can these virus spread?
Q3: What damages can these malicious codes do?
Q4: How advanced is the threat?
Q5: How do we prevent the spread of these malicious codes?
Q6: What if the E-mail is an announcement from my ISP, which includes an attachment?
Q7: What are other recent threats? 
Q8: Any advice for organizations?


Q1: Why is it important to practice safety in reading E-mails?

There has been a high increase of malicious codes such as virus, worms and trojans that spread via E-mail attachments, notably due to the lack of caution and care by individual in handling E-mails. On the other hand, virus can spread via diskette and file downloads too, however, the impact has not been as widespread as via E-mail attachment. 

Q2: How fast can these virus spread?

The speed of these malicious codes spread depends on the behavior of the virus itself, notably the worm type viruses spreads automatically via E-mail attachment, which the code itself initiates. The user will not be aware that a mail has been sent from his/her PC to his/her friend, vendor or client. This Worm feature uses the contact list of the recipients, so the distribution can be ex potential. 

Q3: What damages can these malicious codes do?

Malicious codes that has features to destroy data, such as Worm.ExploreZip, W32.KLEZ and CIH will destroy files, hard disk partitions, bios and other possible damages to the systems and hardware. Malicious codes with trojan features on the other hand will open a back door on the victims' machines inviting remote entry to the system. In addition they can create pay-load on the user's or the service provider's mailer system, and in some cases get your company on a spam blacklist. (Your e-mail will be rejected by other e-mail systems). You can use the Blacklist Tool on the main page to check if your IP address is on the main spam databases. For a list of most of the spam databases Click Here 

Q4: How advanced is the threat?

The threat has been increasing since mid 1998, since we see many recent malicious codes have combined features of virus, worm and trojan, which increases the threats and challenges to the IT industry especially to the anti virus vendors in coming up with fixes. Our observation is, the frequency of new attacks is on the rise. With operating systems and applications evolving quickly, critical security updates are weekly occurences. 

Q5: How do we prevent the spread of these malicious codes?

Practice caution when receiving E-mail attachments. Upon receiving E-mail with an attachment, regardless of the sender : 

    DO NOT CLICK THE ATTACHMENT. Do not open it, do not view it, do not save it to disk. 

    Verify the E-mail, by contacting the sender. 

    Do not launch the program automatically - save it to hard disk to enable the anti virus software to scan the file for any viruses.

    Ensure you have your anti virus, virus list updated.

    If your computer shows some sign of abnormalities, after you launch their E-mail attachment, contact the sender, (preferably by phone). Contact ComLogic if your in the Denver Metropolitan Area. DO NOT SEND THEM A COPY OF THE ATTACHMENT, describe it to them and then wait for instruction.

    Avoid sending messages with attachments that contain executable code (codes that run things), like Word documents with macros, EXE files and ZIPPED files. You can use Rich Text Format, or RTF, instead of the standard .DOC format. RTF will keep your formatting, but will not include any macros. There is, however, a couple of viruses out there that will fool Word when you save as RTF, so while you cannot completely trust .RTF files it is still a good practice. This may avoid the embarrassment of you sending them a virus if you are already infected.

    You can use Anti-virus software products to scan your hard disk at all times, however, update the software list every few days and don't rely on it to protect you completely. Remember, they can only detect what they (the vendor) already know about. 

Q6: What if the E-mail is an announcement from my ISP, which includes an attachment?

ISPs will NOT send documents attached in an E-mail announcement. They would normally refer to their web page, where you can retrieve information desired.

Q7: What are other recent threats? 

Browser Attacks. These are web pages that contain malicious code in tended to sabotage computers and comprimise privacy. Newer firewalls are being developed to scan a variety of Internet protocols. Most browser attacks operate under radar of current firewalls; new firewalls with content filtering and multiple protocol scanners will catch these new threats.
There are also, attempts of stealing Internet account password through E-mails, which claim to have originated from the ISPs. This is NOT TRUE; the E-mail headers have been forged, to look as if they were sent by the ISPs. As a matter of practice, ISPs do not request for customer's passwords in any circumstances, especially via E-mail. There are e-mails that appear to be warnings about viruses and provide instructions on which files to check for and recommend you remove them. Unfortunately, these are operating system files and once removed render the computer unusable. Please check with ComLogic before taking action. Unfortunately, greeting cards are becoming popular vehicles for loading viruses, even when you know the sender. 

Q8: Any advice for organizations?

Every organization that has a network should have policy on Virus prevention. These policies need to be enforced and monitored. Any development in the technology should call for the policy to be revisited, so as it is always applicable and acceptable to the current network environment.