Rich Pasco's virus pages

by Rich Pasco

Here are some essays I've written in response to questions that my non-technical friends have asked me about e-mail and computer viruses. I am pleased to share them with you now. Please click on each of these links to read the full text of the essays. If you're in a hurry, you may just want to read the synopsis below right now, but please come back to click on these links:

  1. E-mail viruses: The message is the virus!
  2. About executable files
  3. Who's really responsible for viruses?
  4. How dare you embarrass me to my friends?
  5. Caller-ID Spoofing
  6. Spam from your friends: spoofed and hacked e-mail
  7. Every trick in the book: how hackers take over your computer
  8. Facebook Scams, Hoaxes, and Malware
  9. Ransomware and Backups

Synopsis:

A virus is defined as "that which tricks its host into making more copies of itself." There are two kinds of viruses in circulation today:

The kind that gets the most publicity is the poison e-mail which, when opened, does serious damage to the victim computer, and/or hijacks it for the purpose of spreading spam and/or copies of itself. This kind of virus is spread via an executable file that may ride as an attachment to a seemingly innocuous e-mail message, and when opened, commands the victim's computer to do its work.

However, a more common virus is the e-mail virus. This kind does not contain any executable attachment; it doesn't need it! It works by tricking the recipient's mind into believing that it is important to forward copies to his friends and relatives, usually by a dire-sounding warning or a heart-wrenching plea.

Things can get really confusing when an e-mail virus plays on the victim's fear of executable viruses. It may contain plausible-sounding advice like, "If you receive an e-mail [meeting some description] don't open it!" but then it continues, "Forward copies of this message to everyone you know!" This is a dead give-away that the warning message itself is an e-mail virus. Please do not forward it. Instead, please ask the person who sent it to you to read this web page. Send them a copy of this URL: http://www.richpasco.org/virus/ (and feel free to link to it).

Another confusing e-mail virus warns that you have probably been infected by a "virus" and contains instructions to remove an executable file from your system and to forward the warning to your correspondents. In fact, the file to which it refers is actually a useful component of Windows which should not be removed, and the e-mail is a cruel hoax which should not be forwarded. In variations of this hoax, different Windows files have been targeted. (Read about sulfnbk.exe from Symantec and McAfee. Read about jdbgmgr.exe from Symantec and McAfee.

To protect yourself from viruses, practice safe computing. Follow all these steps; don't depend on just one:

  • Keep your software up-to-date. If you're running MS Windows, run Windows Update (on your Start menu) at least weekly.
  • Don't open e-mail attachments unless you're sure what's in them. (A cover note, apparently from a friend, saying just "take a look" is almost a dead giveaway it's a virus!)
  • Don't follow instructions in unsolicited or anonymous e-mail messages, even if forwarded by a friend. Instead, consult sources you can trust.
  • Keep a good virus scanner running with definitions updated daily.
  • Connect through a router/firewall, not directly, if you have an always-on connection like DSL or Cable. This won't filter e-mail but it will block some direct port attacks.

References

Rich Pasco's home page

Copyright © 2001-2007 Richard C. Pasco. All rights reserved.