Tips & Tricks to Prevent Virus Invasion Before Opening Email

<((B((º>.·´¯`·.¸¸.·><((B((º>.·´¯`·.¸¸.·><((D((º>


Standard Tips / Advice we all should heed [at bottom of page]

1. Create "Bogus" Email entry in address book:
This may or may not be a hoax but it won't hurt to use it.
To avoid spreading e-mail born computer viruses, create a new contact in your email address book with the name: !0000 with no email address in the details.
To do this in Outlook Express, go to Start / Programs/ Accessories/ Address Book. Once the Address Book is open, click the New pull-down toolbar item, and then click New Contact.... In the field that says First, type in !0000 and then click OK. And of course, an easier way is to have Outlook Express open, click on your Address Book, click on New, then click on New Contact and enter the above.
This contact will then show up as your first contact in the Address Book. If a virus attempts to do a "send all" on your contact list, you see an error message that says:
The Message could not be sent. One or more recipients do not have an e-mail address. Please check your Address Book and make sure all the recipients have a valid e-mail address.
If you click on OK, the offending infected message will not have been sent to anyone. The infected message will then be stored in either your "Drafts" or "Outbox" folder. You may completely delete (in other words, not just send it to Outlook's "Deleted Items" folder) the offending message from that location by highlighting the message, hold down the Shift key and press Delete, and then confirm. This way the virus is not spread and you have been alerted so that you can apply whatever remedy the situation calls for.
You can do the same for Netscape by creating a new card and for the first name type !0000 with NO ADDITIONAL information and hit OK. The new address will go to the top of your list.
There is a problem with this, however:
Unfortunately, most of the modern day viruses prefer to randomly select individual addresses or supplement the addresses with those found cached on the system. In fact, most of the new viruses bypass the mail client altogether and use their own SMTP engine to send their viral email. In other words, the tip will only be effective in limited cases. What the tip can do effectively is lead to a false sense of security, and that can sometimes be worse than doing nothing at
all.
But, in some cases it would work, if the worm didn't choose the address book entries randomly.
Top
2. Preventing Email from "seeing" Scripting viruses:
If an attachment has a VBS or other scripting extension, you can prevent your Email Program from even "seeing" the attachment in the first place.
Go into Explorer / Tools / Folder Options / File By Type. Find references to Microsoft's Visual Basic Script [VBS] and delete the file extensions. Warning: If you don't know what you are doing or how to recognize the extensions, don't perform this procedure. Ask around, a friend could help or email me and I can work you through it. Additional info stating that the program executables MUST be deleted also.

3. Can You Get a Virus From Just Viewing the Email?
A stand alone non-networked computer user cannot contract a virus by simply opening an e-mail message. In that scenario there are only two e-mail related ways in which to get a virus. One is through downloading and executing an infected file attachment. The other way is through clicking on a link to a web site with malicious Java or ActiveX coding. These last two as I understand it are common avenues for so called Trojan Horse viruses which are used to extract information from your hard drive such as your ISP password(s) and other personal data. Some of the latest AV programs offer protection against malicious Java and ActiveX coding by refusing access to suspicious sites when this protection is enabled. Additional info about Outlook Patches to close this "leak" can be found below.
Top

 

4. Turning Off Preview in IE 5.0+and Netscape 4.78+: This will prevent Emails from being viewed and thus can be deleted without opening by just deleting the Message Header.
In IE [OutLook Express]:
Select "View" in Menu Bar in OutLook Express.
Select Layout from the "Pull down" Menu
Uncheck box labeled "Show Preview Pane." Click OK and now all you have is Message headers but no "Preview" window.
In Netscape Messenger Service:
Very easy here:
In the main window, you will notice a divider line between the Message Headers and the Message Body Section. Just click the tool button on the divider and Voila! tis ALL GONE, BY BY!
Top
5. Software program that prevents SPAM from coming in and ability to delete email w/attachments directly off the Server before you even download them. You can see who the email is from, the subject, and the attachment. Best way to stop viruses from EVEN entering your email program. The program, "MailWasher" is free. Such a deal! <<< Check it out!
I got it and [8_15_2002] after configuring it, I used it to "view" my mail from the server before downloading it into my mail client and there was an email w/a virus attachment. I selected the email for deletion and than selected "Process Mail" and voila! it was gone! To test the program, I opened my email client [Netscape Messenger] and after selecting "Get Mail," that particular message was NOT there! This little FREE program works! You can bounce email back to the original sender and it DOES stop viruses from entering your mail program.
Top
6. A software program that is used in conjunction with downloads, is GetRight. It recognizes the "ticks" in the browser when you click the download and opens a dialog box for the download. You can configure it to open your AV software and IMMEDIATELY scan the download for viruses. Costs $25 but you can download a trial copy. It's worth it!!
7. Write Protect [prevent addition/changing/deletion] your BIOS [basic input/output system]. This tip is again, more for techies but have your computer guru friend do this for you. If a virus is written to your BIOS, it could be disastrous. With today's motherboards, the write protect can be done within the software not involving any hardware changes like years before [opening the case and changing "jumpers"].
When your computer boots up, hit the <delete> key or designated key [depending on your BIOS version] and you will enter a DOS like environment. Every BIOS is different so, check your motherboard manual.
8. Make a "Virus Free" bootable floppy or CD to boot from if your computer can't boot because of virus infestation. Use the virus free floppy/CD to boot from and investigate your system. Always keep your AV software's virus definitions and scan engines up to date and. Keeping your AV current, after rebooting, you may be able to clean your system. Sometimes, you have to boot to a "C Prompt" and clean files from that because if the file is in use, like Windows Explorer which is ALWAYS in use, it can't be cleaned in the Windows environment. But from a DOS "C Prompt," after typing a particular string of commands, it can be cleaned. I know from experience. Several years ago, I had to call McAfee and a technician gave me the string of commands to type to clean it. Today, you can usually get the string of commands and instructions from the AV site itself to avoid phone calls. McAfee actually has a "Live Techician" that you can connect with on the Net and ask questions though typing in a dialog box. You can even have your "session" emailed to you for future reference.
9. Call your ISP [Internet Service Provider] to see if they scan your email right at the server for viruses before it downloads to your email program. A friend, actually gets emails from her ISP stating that the following email(s) contained a virus [defined], who it came from and that it was deleted at the source [the server]. She NEVER receives the actual virus infested email, just an email from the ISP stating the source and contents. She has received as many as 10-12 of these emails in a week indicating the "attempt" of the sender to send a virus(ed) email.
Top

10. [These tips came from Peter Ferrie with Symantec - Norton AV: they may be redundant but included additional info]

Here are the standard procedures for reducing your risk of infection:

1) Turn off and remove unneeded services. By default, many operating
systems install auxiliary services that are not critical, such as
an FTP server, telnet, and a Web server. These services are avenues
of attack. If they are removed, threats have fewer avenues of attack.

2) Always keep your patch levels up-to-date, especially on computers
that host public services and are accessible through the firewall,
such as HTTP, FTP, mail, and DNS services.
The Microsoft Update site (http://windowsupdate.microsoft.com) is
the place to start for getting the patches. The best download is
the Critical Update Notification. This tool will alert you to the
existence of new patches, as they become available.

3) Enforce a password policy. Complex passwords make it difficult to
crack password files on compromised computers. This helps to prevent
or limit damage when a computer is compromised.

4) Configure your email server to block or remove email that contains
file attachments that are commonly used to spread viruses.
This is the list of attachment suffixes that are considered by
Microsoft to be potentially malicious (are blocked by Outlook XP):
.ade, .adp, .asx, .bas, .bat, .chm, .cmd, .com, .cpl, .crt, .exe,
.hlp, .hta, .inf, .ins, .isp, .js, .jse, .lnk, .mdb, .mde, .msc,
.msi, .msp, .mst, .pcd, .pif, .prf, .reg, .scf, .scr, .sct, .shb,
.shs, .url, .vb, .vbe, .vbs, .wsc, .wsf, .wsh

5) Train employees not to open attachments unless they are expecting them.
Also, do not execute software that is downloaded from the Internet
unless it has been scanned for viruses. Simply visiting a compromised
Web site can cause infection if certain browser vulnerabilities are not
patched.

6) Remove unneeded shares. If you don't want people to access your
files, then disable the File and Printer Sharing from the Control Panel.

Some points about your existing tips:

- Can you get a virus from just viewing the mail? YES. If you have not
installed the Outlook security patches from Microsoft, then simply by
previewing or opening the mail, an attachment can execute without any
interaction. No click required.

- Preventing viruses from "seeing" scripting:
JS (aka Microsoft JScript or ECMAScript) is another scripting type.
However, removing the registry associations is no guarantee that the
script will not run. The way to stop scripts from running is to remove
or rename the scripting host. To do that, rename or delete WSCRIPT.EXE
and CSCRIPT.EXE.

11. Today's web sites contain active content and often it is necessary to download a special [script] viewer or plugin to view this content. In Internet Explorer especially, the plugin / viewer can be automatically downloaded! You can set your "Internet Options" in your Control Panel to warn you when a plugin / viewer is needed to download to view the web site content. Many of these plugins can contain destructive ActiveX or JavaScript controls that WILL take control of your computer with hurricane force! Listed here are some SAFE plugins to download:

  • Macromedia Flash / Shockwave [upgrades too] [much of Bowzer Bird Design is created with Flash MX and you will need this plugin to view it]
  • Real Audio [upgrades too]
  • Windows Media Player [upgrades too]

Let your tuition warn you when you enter a site that requires you to download a viewer / plugin. DON'T DO IT!!

12. Microsoft Security Notification Service
This service provides summary information from every Microsoft security bulletin. Security bulletins are technical documents discussing newly discovered security vulnerabilities, and provide information on what products are affected, the risk the vulnerabilities pose, and how to eliminate them. Click the link to subscribe. You will have to register first with Microsoft Net and then on the Newsletters page, choose the Microsoft Security Notification Service.

In OutLook, Window's programs and Windows OS's, there are many vulnerabilities a hacker/cracker can find and enter you system withevil intentions. Here, you will find what "patches" "fixes" or "SP's" to download and install to close the "loopholes."

The Security Notification can be directly emailed to you or you can choose from the left side bar which ones you want info for and than download them individually.

Anti-Virus Tips [Virus Detection and Prevention Tips]

1. Do not open any files attached to an email from an unknown, suspicious or untrustworthy source.

2. Do not open any files attached to an email unless you know what it is, even if it appears to come from a dear friend or someone you know. Some viruses can replicate themselves and spread through email. Better be safe than sorry and confirm that they really sent it.

3. Do not open any files attached to an email if the subject line is questionable or unexpected. If the need to do so is there always save the file to your hard drive before doing so.

4. Delete chain emails and junk email. Do not forward or reply to any to them. These types of email are considered spam, which is unsolicited, intrusive mail that clogs up the network.

5. Do not download any files from strangers.

6. Exercise caution when downloading files from the Internet. Ensure that the source is a legitimate and reputable one. Verify that an anti-virus program checks the files on the download site. If you're uncertain, don't download the file at all or download the file to a floppy and test it with your own anti-virus software.

7. Update your anti-virus software regularly. Over 500 viruses are discovered each month, so you'll want to be protected. These updates should be at the least the products virus signature files. You may also need to update the product's scanning engine as well.

8. Back up your files on a regular basis. If a virus destroys your files, at least you can replace them with your back-up copy. You should store your backup copy in a separate location from your work files, one that is preferably not on your computer.

9. When in doubt, always err on the side of caution and do not open, download, or execute any files or email attachments. Not executing is the more important of these caveats. Check with your product vendors for updates which include those for your operating system web browser, and email . One example is the security site section of Microsoft located at http://www.microsoft.com/security.
Top

The above Top 9 Virus Detection & Prevention Tips are Courtesy of AVERT'S web site. Please visit them for more info.