Detecting viruses in e-mail

So what are you supposed to do if your antivirus program catches a virus in an incoming mail message? It depends.

What’s worse than e-mail spam? How about spam with a virus attached? Spam filters watch for spammers’ favorite words — so spammers use a bizarre mishmash language to get past the filters. In fact, that’s one clue to watch for. If the message containing the virus was from 984Jiel3Z@yahoo. com and the subject line was something like hello , Freeca.ble d3sc4ambl3r , or RE: horseman antacid driving cobalt — in other words, if it’s spam — then you do nothing. Above all, don’t open the message; just delete it and move on. Don’t waste your time with such messages. Save your curiosity for other purposes.

If, on the other hand, the virus is in a message sent from someone you know, then think before you reply. True, you at least owe that person the courtesy of letting him or her know that a virus-infected e-mail message came to you from that address. This stuff happens, and perhaps it’s happened to you in the past. But wait a minute.

Some viruses grab all the addresses in an infected computer’s e-mail address book and then send infected messages to every address. It’s possible that your friend did not knowingly send you an infected message. In fact, your friend may not even be the person from whose computer the message was sent. Some viruses use a stolen return address from one computer as the fake return address for infected messages sent from a different infected computer.

Suppose, for example, you have a friend named Rajesh (not her real name). One day you receive an infected e-mail message that appears to have been sent from Rajesh. However, things are often not as they seem. Another person, named shyam (not his real name), did catch a virus from someone, and the virus sent out lots of e-mail messages. You and Rajesh are in shyam e-mail address book, and the virus created a message to send to you from shyam computer, with Rajesh return address.

So in this example, Shyam computer sent you an infected message that appears to have been sent from Rajesh, but in reality Jane had nothing to do with it. So if you send mail to Rajesh to tell him that she may have a virus, she may not know what you’re talking about — but she should probably check anyway.

It is for this reason that you need to be wary of messages in your inbox that appear to have been sent from people you know. You can’t judge a mail message by its subject line.

Viruses are doing tricky things like this in order to spread chaos, confusion, and mistrust. Thems tricksy virus writers! We hates them, we do!