news that works for you


ISSUE 594: Zisman- March 13 2001

The high-tech office


Caution and preparation are keys to surviving viruses

How many of you received copies of the e-mail message bearing the infected Anna Kournikova attachment? I received 13 of them, 11 on the day the news of the virus first hit, two straggling in a couple of days later.

But receiving infected e-mail attachments is generally not a big deal. The real question is how many of you double-clicked on the attachment, to see what someone you knew sent you with the heading "Here you have, ;o)" and text simply stating "Hi: Check This!"

If you double-clicked, you discovered that the attachment, appearing to be a JPEG photo of the Russian teenaged tennis star, didn't open up at all. But if, like many users, a Windows version of Microsoft's Outlook or Outlook Express is your e-mail program, behind the scenes, the virus took over your e-mail address book, busily mailing copies of itself to everyone listed there.

The virus, also known as the Onthefly worm, was not particularly destructive. It didn't format your hard drive or destroy files. But it spread itself effectively and rapidly, clogging e-mail servers and causing many organizations to completely shut down their e-mail systems while they attempted to clean up the mess.

Onthefly/Anna Kournikova has been tracked to a Dutch "script kiddie," who created it using an Argentine do-it-yourself virus creation kit he had downloaded on the Net.

In many ways, this latest attack was a repeat of last year's I Love You virus. Far too many people still haven't learned to avoid unexpected e-mail attachments.

Lesson No. 1: Don't open e-mail attachments, even ones that are purportedly from people you know, if they're not expected. Your mommy warned you about taking candy from strangers, but with viruses hijacking the e-mail software of people you know, there's as much danger from friends and colleagues. I'm sending this article to BIV's editor as an e-mail attachment, but he expects to get documents from me so I assume he will open it. But if he gets something apparently from me claiming to be a picture or a program, with a brief generic message, I hope he will have the good sense to check back with me before opening it.

Lesson No. 2: Get a reputable virus scanner, one that automatically checks e-mail attachments. Update its virus definitions regularly. If possible, get software that updates itself automatically, so you don't need to remember to do it. Even if you have to pay an annual subscription fee, it's well worth it.

Lesson No. 3: Despite Lesson No. 2, don't believe everything your anti-virus software tells you. When I first received a bunch of messages with the Anna Kournikova attachment, I was suspicious. But my virus scanner claimed the attachment wasn't infected. So I downloaded the latest virus definitions and scanned it again. It still passed. I remained suspicious and didn't open the attachment, so my system wasn't infected. Later that evening, my software's virus definitions were updated to recognize the new and virulent infection.

Lesson No. 4: Learn a little bit about your computer, enough to fiddle with the default settings. Windows systems, out of the box, for example, don't display file extensions. Microsoft, apparently, thinks this makes it more friendly. As a result, the virus attachment, named "Anna Kournikova.jpg.vbs" appeared to be a JPEG graphic, instead of a potentially dangerous Visual Basic Script file. (In Windows My Computer or Explorer, look for the Options -- or Folder Options -- menu item. Go to its View tab and remove the checkmark from the box labelled "Hide File Extensions....")

If, despite everything, you do get infected, inform the people you've infected. I e-mailed everyone who sent me an infected message. Only one bothered to send out messages to the people affected.

I'd like to be able to stop writing columns about viruses. But some of the people whose computers sent me infected messages were people who I know have read my previous warnings. Please take a hint!


Search WWW Search

Alan Zisman is a Vancouver educator, writer, and computer specialist. He can be reached at E-mail Alan