What’s that attached to my e-mail?

FI-Log-On-With-Larry-SchneiderDear Larry,

I always see a message when I open an attachment to one of my e-mails asking if I think it is safe. And I just started wondering, how would I even know if an attachment were safe or not?—P.P.


Dear P.P.,

That’s a very good question. It’s one that I’ve addressed in the past, but it bears repeating.

When I ask my clients if they’re careful about opening e-mail attachments, they often respond by saying, “Yes. I only open attachments from people I know.” But I’m afraid that that’s the wrong answer. If you think that attachments from people you know are safe, then you’re precisely the person who should be reading this column.

The crazy people in this world who create computer viruses figured out long ago that one of the best ways to circulate viruses and malware was to capitalize on the trust people have in their friends. So they programmed their viruses to search an infected computer for an address book and then e-mail the virus to all the people listed.

To encourage the recipient to open the attachment, they include in the body of the message something like “thought you might be interested in the attached file.” So when one of the recipients carelessly opens the infected attachment sent by a friend, the process repeats and the virus propagates itself, often around the world, in no time at all.

Here’s another way viruses circulate. The programmer of the Klez virus tricked people into infecting their computers by sending out e-mails warning of the Klez virus. It described in gory detail what the virus could do to a computer and attached to the e-mail was a program that supposedly guaranteed to inoculate the computer against this virus along with a plea to forward the e-mail to friends in order that they might protect their PCs in turn.

Gullible people by the millions opened this attachment in hopes of safeguarding their machine, only to discover that the attachment itself was the virus. Even people with up-to-date anti-virus software weren’t immune.

So if you can’t identify a potential virus-infected e-mail attachment by identifying who sent it to you, what can you do? Easy. For the most part, a file can only be infected if its extension — the last three characters of the filename following the last period — is of a certain type.

Therefore, you can easily reduce the chances of an attachment infecting your machine by simply not opening it if its extension is one of the following: .EXE, .COM, .VBS, .WSH, .PIF, .SCR, .LNK, .BAT, .DLL, .SHS.

Remember you can’t just go by the sender of the message in evaluating whether an attachment is safe or not. Never open an e-mail attachment that ends in one of these extensions, regardless of who sent the e-mail and regardless of what the e-mail message says or claims.

Here are some examples of virus-infected files. Note that they all end in one of the extensions listed above: readme.com, this websiteisgreat.htm.vbs, nice-picture.jpg.bat, click-this.exe, greatjoke.scr. Also, be cautious of files that end in the extension .ZIP. These zip files contain compressed versions of other files. While a zip file itself can’t contain a virus, a file compressed within the zip file can. So be sure to check the names of the files contained within an attached zip file to be certain they don’t end in one of these dangerous extensions.

This is Larry Schneider, logging off.


Larry Schneider is the owner of Accent on Computers, a Greenwich-based consulting firm — now in its 15th year of business — catering to individuals, businesses and professional offices. PC and Mac services include computer setup, training, troubleshooting, virus resolution, networking, Internet, database, and programming. Call 203-625-7575, visit Accentoncomputers.com or send email to [email protected]

By participating in the comments section of this site you are agreeing to our Privacy Policy and User Agreement

© Hersam Acorn. All rights reserved. The Greenwich Post, 10 Corbin Drive, Floor 3, Darien, CT 06820

Designed by WPSHOWER

Powered by WordPress