Rich Pasco's virus pages

by Rich Pasco
Here are four essays I've written in response to questions that my non-technical friends have asked me about e-mail and computer viruses. I am pleased to share them with you now. Please click on each of these links to read the full text of the essays. If you're in a hurry, you may just want to read the synopsis below right now, but please come back to click on these links:
  1. E-mail viruses: The message is the virus!
  2. About executable files
  3. Who's really responsible for viruses?
  4. How dare you embarrass me to my friends?

And here's one more I wrote, about a different kind of information security:

  1. Voicemail Security against Caller-ID Spoofing

Synopsis:

A virus is defined as "that which tricks its host into making more copies of itself." There are two kinds of viruses in circulation today:

The kind that gets the most publicity is the poison e-mail which, when opened, does serious damage to the victim computer, and/or hijacks it for the purpose of spreading spam and/or copies of itself. This kind of virus is spread via an executable file that may ride as an attachment to a seemingly innocuous e-mail message, and when opened, commands the victim's computer to do its work.

However, a more common virus is the e-mail virus. This kind does not contain any executable attachment; it doesn't need it! It works by tricking the recipient's mind into believing that it is important to forward copies to his friends and relatives, usually by a dire-sounding warning or a heart-wrenching plea.

Things can get really confusing when an e-mail virus plays on the victim's fear of executable viruses. It may contain plausible-sounding advice like, "If you receive an e-mail [meeting some description] don't open it!" but then it continues, "Forward copies of this message to everyone you know!" This is a dead give-away that the warning message itself is an e-mail virus. Please do not forward it. Instead, please ask the person who sent it to you to read this web page. Send them a copy of this URL: http://www.richpasco.org/virus/ (and feel free to link to it).

Another confusing e-mail virus warns that you have probably been infected by a "virus" and contains instructions to remove an executable file from your system and to forward the warning to your correspondents. In fact, the file to which it refers is actually a useful component of Windows which should not be removed, and the e-mail is a cruel hoax which should not be forwarded. In variations of this hoax, different Windows files have been targeted. (Read about sulfnbk.exe from Microsoft, About.com, Vmyths, Symantec, F-Secure, McAfee, and About.com's David Emery and Mary Landesman. Read about jdbgmgr.exe from Microsoft, Vmyths, Symantec, F-Secure, McAfee, and About.com's David Emery and Mary Landesman.)

To protect yourself from viruses, practice safe computing. Follow all these steps; don't depend on just one:

  • Keep your software up-to-date. If you're running MS Windows, run Windows Update (on your Start menu) at least weekly.
  • Don't open e-mail attachments unless you're sure what's in them. (A cover note, apparently from a friend, saying just "take a look" is almost a dead giveaway it's a virus!)
  • Don't follow instructions in unsolicited or anonymous e-mail messages, even if forwarded by a friend. Instead, consult sources you can trust.
  • Keep a good virus scanner running with definitions updated daily.
  • Connect through a router/firewall, not directly, if you have an always-on connection like DSL or Cable. This won't filter e-mail but it will block some direct port attacks.

References

Rich Pasco's home page

Copyright © 2001-2007 Richard C. Pasco. All rights reserved.