COMPUTASSIST

Get the Flash Player to see this player.
Flash Image Rotator Module by Joomlashack.
Image 1 Title
Image 2 Title
Image 3 Title
Image 4 Title
Image 5 Title

Home arrow Articles arrow The E-mail Virus You Didn't Send
The E-mail Virus You Didn't Send
A friend just called and asked why you sent him a virus in your email message.

You're not alone. Thousands upon thousands of messages are being sent using forged sender addresses. Who's sending all these falsified e-mails? Don't ask who, but what.


The latest crop of computer virus authors are getting craftier about concealing their sources. For a long time, virus writers have been using your e-mail address book to collect target addresses. But more recently they have begun to use those same addresses in the From: header of the messages they send, making the message appear to have come from an entirely different computer than the one actually sending it.

This works because there are no checks performed on From: addresses when messages are injected into the mail system. If you have ever set up an e-mail client program on a computer, you are probably familiar with the prompt that asks you to enter your own e-mail address. What you may not know is that this bit of info is totally arbitrary. You can enter anything here, and it will show as your address in the From: header of messages that you send from that machine. As an example (please don't do this), I could enter my e-mail address as "santaclaus@north.pole", and every message you received from me would say 

From: santaclaus@north.pole

Worse, I could enter your address in my e-mail program as my own, and then every message I sent would appear to have come from you! This technique is known as "spoofing" the sender address.

This is what the virus writers are doing. They construct an e-mail using two addresses from the infected computer's address book, one for the To: address and another for the From: address. Then this message gets sent and the "fun" begins.

To compound the problem, many anti-virus program vendors have written their software to respond when it discovers the incoming virus payload, by sending another message to the apparent sender listed in the From: header (not the real sender at all.) The program sends an automated message notifying, and sometimes accusing, them of having mailed a virus. The net effect of this lame-brained approach is to double the number of junk messages being pushed through network pipelines - for every message created by a virus-infected computer, another message gets sent by the anti-virus software. To the wrong person!

Steps to take

First, make sure your computer really isn't infected. To run Windows, one must pay the "Microsoft tax", part of which is keeping a virus scanning program installed, running, upgraded and updated, at all times. (Most other operating systems are not nearly as susceptible to viruses, by virtue of their design.) Keep subscriptions current, and download the most recent virus data from the software publisher on a regular basis.

Second, please choose a virus scanning package that doesn't mail infection notices to (apparent) senders! At least make sure that this behavior can be turned off in the software's configuration. For help choosing or using an anti-virus program, or ridding your computer of an infection, contact ComputAssist.
 
< Prev
Joomla Templates by JoomlaShack Joomla Templates by Compass Design