Avoiding email threats
Checking your e-mail has become a dangerous business. The number and types of e-mail borne threats that can cause harm to your computer or your privacy are growing.
Sometimes the actual danger imposed by these threats can be over
hyped, but you still need to know what could constitute a dangerous e-mail message and how to respond to the threat.
Q: Can I get a virus just by reading an e-mail message?
A: When all e-mail was sent as plain text, it was impossible to contract a computer virus just by reading e-mail. That’s because something — a programme, worm, or other active
threat — actually has to run on your computer in order to infect it. When e-mail
is sent in HTML format — the same format used to create Web pages, on which all sorts of programmes can run automatically — the possibility that you could receive a virus upon reading an e-mail message does exist.
There are, however, three ways to safeguard against this.
The first is to keep your e-mail programme up-to-date, downloading and applying the latest security patches and fixes. The second is to use a current-generation virus scanner with built-in e-mail scanning, and keep the virus signatures current. Most anti-virus programmes offer automatic scanning of both incoming and outgoing e-mail messages.
The third way involves setting up your e-mail programme to allow messages to be read only in plain text format. Most e-mail programmes provide this option.
In Microsoft’s Outlook programme, for instance, you would open the Tools menu, and select Options. Then, from the Options dialog box, click E-mail Options, and select the check box labelled “Read all standard mail in plain text.” When you do this, any mail that arrives in HTML format is converted into plain text, and any harmful code that might have run automatically is effectively neutralised.
Remember, the golden rule of reading e-mail is this: if it looks suspicious, don’t open anything attached to it or click any links in it.
Q: Colleagues of mine were talking about e-mail bombs at work. What is an e-mail bomb?
A: An e-mail ‘bomb’ refers to an immense number of e-mail messages sent to an account in an effort to bring the account down. When an e-mail server is flooded with e-mail messages, it is unable to devote cycles to other e-mail users and effectively becomes useless. An account that receives an e-mail bomb will also experience an interruption in the transfer and processing of legitimate mail, as well.
E-mail bombs are particularly problematic because even if an e-mail server is brought down in an attempt to stave off the problem, the e-mail server will resume where it left off when it is restarted, continuing to deliver the messages that constitute the bomb.
Hackers can send e-mail bombs using tools that are not too difficult to obtain. Another type of ‘bombing’ occurs when a user signs someone up to multiple newsletter services and other automatic e-mail generation services that can bring a person’s inbox to its knees.
The good news is that most individual users rarely have trouble with e-mail bombs. The bad news is that the only way to recover from an e-mail bomb is probably to contact your Internet service provider to obtain help. It may be necessary for you to disable or change your e-mail address, at least temporarily.
Q: Over the past month, I have received more spam than ever before. Can you help?
A: Senders of spam and potentially harmful e-mail use a number of tactics to secure your e-mail address. If you have posted your e-mail address anywhere on the Internet, it can be ‘harvested’ by programmes designed to scour the Internet and retrieve freely available e-mail addresses.
To prevent this from happening, never post your e-mail address anywhere on the Internet — including message boards and personal web sites — in an unaltered form. If you must post your address somewhere online, write it in a form that is understandable by humans but not by a machine, such as ‘yourname - at - hotmail.com.’ Also, take advantage of the multiple e-mail accounts provided by most Internet service providers today, and set yourself up at least two accounts: one that you hand out only to friends and colleagues, and another that you give to anyone else — including online stores. When you give out your e-mail address to anyone online, you simply never know whether that address may ultimately end up in the hands of mass marketers or spammers.