Harmful Email From Your Mother
If you are a frequent user of email, you have undoubtedly learned that
email is one of the most common means of transmission for computer viruses.
You have likely been told to be wary of email from people you do not know.
However, did you know that email that appears to come from a friend can be
just as harmful? Today on Common Sense Computing, we are talking about how
attackers can send you mail that appears to come from your mother.
First, it is important to recognize that faking the source of an email is
relatively trivial. The network protocol used to transfer email does
nothing to verify the sender’s address. Reputable email servers can do some
voluntarily check the information provided, but email servers run by
spammers or people spreading computer viruses have no interest in
performing such checks. In fact, they deliberately insert information that
obscures the real source of the email to avoid prosecution.
Therefore, the surprising thing is not that an email containing a
computer virus arrives from a forged email address, but that it appears to
come from someone known to you. The real question is how did an attacker
know that your mother's email address would be a good address to use when
sending mail to your email address.
The answer is typically that a computer virus has infected your mother's
computer. Modern computer viruses, among other things, often look for files
containing the victim's address book. Files like these are not hard to find
as they stored in predictable locations by common email programs. Once the
computer virus has located email addresses from the victim’s address book,
they send this information back to the attacker along with the victim's
address. The attacker then forges the victim's address when sending
infected emails to everyone in their address book. It is also important to
recognize that if an attacker gains control of your mother's computer, then
they are able to do anything that she could legitimately do herself. If she
could send one email, they can send hundreds or thousands of emails as her.
So be suspicious even of emails from friends and loved ones. Looking for
strange subject lines or uncharacteristic messages is a good strategy.
However, attackers have done a lot of damage with emails sporting innocent
looking subjects like "I love you" or "hello". Your
best defense is to use a good anti-virus program and configure it to scan
all attachments for known viruses. Regularly updating your virus signatures
is crucial or the anti-virus software won't recognize the newest attacks.
For Common Sense Computing, this is Jeanna Matthews.
Copyright (c) 2005 - Jeanna
Matthews
|