Email virus...

Carefree Frank · 16 Jan 2005, 07:59 AM

I know that sooner or later I will end up opening some dodgy email, its bound to happen. What I`d like to know is, is it possible to check an email for a virus? I know you can scan attachments, I`ve learnt that much, but is it possible that the minute you open the mail that the virus starts? I`d be grateful for any detail you can give me.

Adrian Bell · 16 Jan 2005, 06:56 PM

It is possible with unpatched versions of Outlook Express. if you have the latest patces I don't think it is possible as long as your security settings are high enough for OE and don't allow JavaScript in mail messages for Thunderbird. Other clients have different settings. You could always view all messages in plain text to be extra sure, if your client allows this.

With webmail it is more likely as you (or I) tend to have lower security settings for IE (if you use this). This depends on how secure your browser is. It's probably better to view these in plain text first if you can.

You've got to trust the sender to some extent and don't open it if you don't know who it's from.

Carefree Frank · 17 Jan 2005, 02:51 AM

So its not just attachments that you have to mistrust?

badkarma · 17 Jan 2005, 04:02 AM

That is correct. An email in HTML format should also be suspect. That's why some people advocate turning off HTML display when viewing email.

rob_au · 17 Jan 2005, 05:49 AM

Quote:

Originally posted by badkarma
That is correct. An email in HTML format should also be suspect. That's why some people advocate turning off HTML display when viewing email.

I would note that it is not the HTML itself which is suspicious, but rather the fact that many mail clients which render HTML messages additionally allow insecure scripted actions such as the ActiveX components to be incorporated into the viewed message. It is this action which can lead to system compromise.

Carefree Frank · 17 Jan 2005, 07:28 AM

Its all very tricky. Is there nothing you can trust on the net? Are all emails really so dangerous?

Killer · 17 Jan 2005, 08:12 AM

When you get attachments from unknown people, or maybe even friends but the content of the mail is strange. Such as here is your password or something you requested but you never request anything then those are the virus emails. Also always run an updated antivirus and it will scna through when mails are being downloaded.

badkarma · 17 Jan 2005, 08:31 AM

Quote:

Originally posted by Carefree Frank
Its all very tricky. Is there nothing you can trust on the net? Are all emails really so dangerous?

I would think not. It's a matter of exercising some judgement on your part. As an extreme example, I make it a habit to never open any attachments that require an application (PowerPoint, Word, etc) unless I sent it myself or know who sent it and what is to be expected. But that's only me and others may not be as paranoid to that extent.

xbot · 17 Jan 2005, 08:41 AM

Actually, you can receive viruses without opening an attachment.

If you can, disable activex controls and HTML in your mail client.

Webmail is a tricky one though.

Just remember to have an antivirus.

Carefree Frank · 17 Jan 2005, 08:43 PM

I`ve been lucky with emails so far, though I have to admit to being tempted to open some curious mail, but thought better of it. Now I`ve found its almost as dangerous just surfing. Several times now I`ve gone to a site after doing a search, and the minute I`ve opened the page, I hear that darn horse whinny. Its a minefield out there...lol

DrStrabismus · 18 Jan 2005, 01:44 AM

Quote:

Originally posted by xbot
Webmail is a tricky one though

Responsible webmail providers will remove most potentially dangerous content as they generate the page. If you use a provider that has it's own antivirus, and avoid IE based browsers, I think it's fairly safe.

Adrian Bell · 18 Jan 2005, 03:14 AM

I use SpywareBlaster, it prevents known dangerous ActiveX controls from running and adds known problem sites to the Restricted Site Zone in IE. OE should always be set to Restriced Sites Zone anyway, mine is. It also has protection for Mozilla. the reason for using it is that if you just block all ActiveX controls you tend to lose things Flash as well.

JshLnsctt · 19 Jan 2005, 06:58 AM

If you have something like Nortons it will scan every e-mail in outlook express as far as I know

DrStrabismus · 19 Jan 2005, 07:32 AM

Most virus scanners only scan pop email though.

16 Jan 2005, 07:59 AM	#1
Carefree Frank Senior Member Join Date: Oct 2003 Location: Borehamwood, Herts Posts: 142	Email virus... I know that sooner or later I will end up opening some dodgy email, its bound to happen. What I`d like to know is, is it possible to check an email for a virus? I know you can scan attachments, I`ve learnt that much, but is it possible that the minute you open the mail that the virus starts? I`d be grateful for any detail you can give me.

16 Jan 2005, 06:56 PM	#2
Adrian Bell Cornerstone of the Community Join Date: Apr 2001 Location: Darlington, UK Posts: 938	It is possible with unpatched versions of Outlook Express. if you have the latest patces I don't think it is possible as long as your security settings are high enough for OE and don't allow JavaScript in mail messages for Thunderbird. Other clients have different settings. You could always view all messages in plain text to be extra sure, if your client allows this. With webmail it is more likely as you (or I) tend to have lower security settings for IE (if you use this). This depends on how secure your browser is. It's probably better to view these in plain text first if you can. You've got to trust the sender to some extent and don't open it if you don't know who it's from. Last edited by Adrian Bell : 16 Jan 2005 at 07:04 PM.

17 Jan 2005, 02:51 AM	#3
Carefree Frank Senior Member Join Date: Oct 2003 Location: Borehamwood, Herts Posts: 142	So its not just attachments that you have to mistrust?

17 Jan 2005, 04:02 AM	#4
badkarma Cornerstone of the Community Join Date: Sep 2004 Location: Illinois Posts: 626	That is correct. An email in HTML format should also be suspect. That's why some people advocate turning off HTML display when viewing email.

17 Jan 2005, 07:28 AM	#6
Carefree Frank Senior Member Join Date: Oct 2003 Location: Borehamwood, Herts Posts: 142	Its all very tricky. Is there nothing you can trust on the net? Are all emails really so dangerous?

17 Jan 2005, 08:12 AM	#7
Killer Intergalactic Postmaster Join Date: Nov 2000 Location: Singapore Posts: 6,762 Representative of: Killer.kkk.sg	When you get attachments from unknown people, or maybe even friends but the content of the mail is strange. Such as here is your password or something you requested but you never request anything then those are the virus emails. Also always run an updated antivirus and it will scna through when mails are being downloaded.

17 Jan 2005, 08:41 AM	#9
xbot Cornerstone of the Community Join Date: Aug 2004 Location: Michigan Posts: 922 Representative of: xxos.us	Actually, you can receive viruses without opening an attachment. If you can, disable activex controls and HTML in your mail client. Webmail is a tricky one though. Just remember to have an antivirus.

17 Jan 2005, 08:43 PM	#10
Carefree Frank Senior Member Join Date: Oct 2003 Location: Borehamwood, Herts Posts: 142	I`ve been lucky with emails so far, though I have to admit to being tempted to open some curious mail, but thought better of it. Now I`ve found its almost as dangerous just surfing. Several times now I`ve gone to a site after doing a search, and the minute I`ve opened the page, I hear that darn horse whinny. Its a minefield out there...lol

18 Jan 2005, 03:14 AM	#12
Adrian Bell Cornerstone of the Community Join Date: Apr 2001 Location: Darlington, UK Posts: 938	I use SpywareBlaster, it prevents known dangerous ActiveX controls from running and adds known problem sites to the Restricted Site Zone in IE. OE should always be set to Restriced Sites Zone anyway, mine is. It also has protection for Mozilla. the reason for using it is that if you just block all ActiveX controls you tend to lose things Flash as well.

19 Jan 2005, 06:58 AM	#13
JshLnsctt Junior Member Join Date: Dec 2004 Posts: 17	If you have something like Nortons it will scan every e-mail in outlook express as far as I know

19 Jan 2005, 07:32 AM	#14
DrStrabismus The "e" in e-mail Join Date: May 2002 Posts: 2,804	Most virus scanners only scan pop email though.