ISSUE 594: Zisman- March 13 2001
The high-tech office
ALAN ZISMAN
Caution and
preparation are keys to surviving viruses
How many of you received copies of the e-mail
message bearing the infected Anna Kournikova attachment? I
received 13 of them, 11 on the day the news of the virus first hit, two
straggling in a couple of days later.
But receiving infected e-mail attachments is generally
not a big deal. The real question is how many of you double-clicked on
the attachment, to see what someone you knew sent you with the heading
"Here you have, ;o)" and text simply stating "Hi: Check This!"
If you double-clicked, you discovered that the
attachment, appearing to be a JPEG photo of the Russian teenaged tennis
star, didn't open up at all. But if, like many users, a Windows version
of Microsoft's Outlook or Outlook Express is your e-mail
program, behind the scenes, the virus took over your e-mail address
book, busily mailing copies of itself to everyone listed there.
The virus, also known as the Onthefly worm, was not
particularly destructive. It didn't format your hard drive or destroy
files. But it spread itself effectively and rapidly, clogging e-mail
servers and causing many organizations to completely shut down their
e-mail systems while they attempted to clean up the mess.
Onthefly/Anna Kournikova has been tracked to a Dutch
"script kiddie," who created it using an Argentine do-it-yourself virus
creation kit he had downloaded on the Net.
In many ways, this latest attack was a repeat of last
year's I Love You virus. Far too many people still haven't learned to
avoid unexpected e-mail attachments.
Lesson No. 1: Don't open e-mail attachments, even ones
that are purportedly from people you know, if they're not expected.
Your mommy warned you about taking candy from strangers, but with
viruses hijacking the e-mail software of people you know, there's as
much danger from friends and colleagues. I'm sending this article to BIV's
editor as an e-mail attachment, but he expects to get documents from me
so I assume he will open it. But if he gets something apparently from
me claiming to be a picture or a program, with a brief generic message,
I hope he will have the good sense to check back with me before opening
it.
Lesson No. 2: Get a reputable virus scanner, one that
automatically checks e-mail attachments. Update its virus definitions
regularly. If possible, get software that updates itself automatically,
so you don't need to remember to do it. Even if you have to pay an
annual subscription fee, it's well worth it.
Lesson No. 3: Despite Lesson No. 2, don't believe
everything your anti-virus software tells you. When I first received a
bunch of messages with the Anna Kournikova attachment, I was
suspicious. But my virus scanner claimed the attachment wasn't
infected. So I downloaded the latest virus definitions and scanned it
again. It still passed. I remained suspicious and didn't open the
attachment, so my system wasn't infected. Later that evening, my
software's virus definitions were updated to recognize the new and
virulent infection.
Lesson No. 4: Learn a little bit about your computer,
enough to fiddle with the default settings. Windows systems, out of the
box, for example, don't display file extensions. Microsoft, apparently,
thinks this makes it more friendly. As a result, the virus attachment,
named "Anna Kournikova.jpg.vbs" appeared to be a JPEG graphic, instead
of a potentially dangerous Visual Basic Script file. (In Windows My
Computer or Explorer, look for the Options -- or Folder Options -- menu
item. Go to its View tab and remove the checkmark from the box labelled
"Hide File Extensions....")
If, despite everything, you do get infected, inform
the people you've infected. I e-mailed everyone who sent me an infected
message. Only one bothered to send out messages to the people affected.
I'd like to be able to stop writing columns about
viruses. But some of the people whose computers sent me infected
messages were people who I know have read my previous warnings. Please
take a hint!
|