Virus prevention tips help stop a spreading
menace
by Alan Zisman (c)
2002
First published in Business in
Vancouver
, Issue #657 May 28- June 3, 2002, High Tech Office
column
How would you respond if a stranger phoned you, and promised that you
could
make a lot of money if you would just tell him or her your bank branch
and
account number? How about if a stranger tried to get your attention in
a
parking lot promising that he had naked photos of a Russian tennis star
to
show you?
Most of us would ignore these sleazy propositions if they were made
verbally.
But when the same proposals are made in an e-mail message, many of us
ignore
our street smarts. This week, I got an e-mail message labelled
"private"
from Zainab Abacha, claiming that I can help her Nigerian family
preserve
US$22.5 million that they have in cash in neighbouring Benin. For my
help,
I can earn a 10-per-cent reward.
If I respond to this message, Abacha promises to "instruct our family
attorney
in London to contact and give you further instructions." (I may have
disqualified
myself by ignoring her request to keep her offer "highly
confidential.")
Nigerian e-mail scams such as this one account for 15 per cent of all
complaints
of Internet fraud made to the U.S.-based National White Collar Crime
Center;
two unidentified complainants lost more than US$70,000 each. Recently,
the
Washington Post discussed a Canadian businessman duped out of $750,000.
During the same week, I averaged three to four messages a day with
attachments
infected with the Klez virus. They bear a variety of subject lines and
contents
and the attachments have a variety of file names. Some ask for help
with
a computer problem (just like legitimate messages I often get), others
want
me to look at a program they just wrote. Several are cheeky enough to
warn
me of virus infections, and suggest I run the attachment to clean my
system!
One came to me from an old friend.
Despite the barrage, my system has not been infected. I keep Symantec's
Norton
AntiVirus software running, letting it check my e-mail and attachments
as
they are received. I've set it to update its virus information on a
daily
basis. It has warned me about each of the Klez-bearing attachments.
Even so, don't expect a piece of software to replace your healthy
paranoia.
Last year, I got a dozen identical messages and attachments that NAV
didn't
flag as dangerous. It turned out that I was receiving infected messages
before
Symantec updated its virus information files. Because I didn't open the
attachments,
I wasn't infected. What you can do:
- Get an antivirus program that checks incoming
e-mail. Install
it, and keep its information files up to date.
- Outlook and Outlook Express users are the most
targeted. Consider
using a different e-mail program. (I use the free Eudora Pro.)
- If you must use one of the Outlooks, download all
of Microsoft's
security patches. Add your own address to your Outlook address book, so
if
it starts sending out messages on its own, at least you'll know about
it.
- Stay paranoid. If your mother had known about the
Internet,
she would have warned you to never open attachments from strangers.
Your
mother would have been right
- Be suspicious of attachments from people you know.
If it's
not something you were expecting, contact them and verify that they
meant
to send it before you open it.
- Anything that sounds too good to be true probably
is. Most
of us work by this principle in the real world. It's equally true in
the
electronic world
- If you get infected, know that Symantec and other
antivirus
makers provide free tools for removing infections.
- Finally, consider moving away from Windows. There
are virtually
no viruses being written for Mac and Linux computers.
Some clever viruses have started sending out messages with return
addresses
stolen from the infected address books. As a result, some people have
received
infected attachments that claimed to be from me. It's not true. Really.