Maybe I'm in a small minority, but I'm still confused how so many people are duped every so often by an e-mail virus. Let's take this step by step:
A guy walks into his workspace at 7:30 a.m., preparing for another exciting day of whatever. He opens his inbox to find 50 e-mails -- 45 promising him to lose weight, financial freedom or cheap Viagra four from actual friends, probably chain letters and one other with a subject header of "Open repeatedly, this is not a virus," which of course is from firstname.lastname@example.org.
So Mr. Innocent opens the e-mail, thinking "Did I turn off the Crock Pot?" and the e-mail shows an attachment called "Shutdown.lbj." The e-mail continues, "Open this file, and watch Lyndon B. Johnson do cartwheels!" How could anyone possibly resist the temptation? He opens the file, which then forwards itself to everyone in Chicago, as his computer coughs and falls 45 stories out the window.
The Standard, an Internet news source, reported May 31 that opening e-mail attachments without checking the source or content is the No. 1 security mistake (http://www.thestandard.com/article/display/0,1151,15608,00.html?nl=dnt). It also stated that the estimated damage from the ILOVEYOU virus was $6.7 billion -- proving, once again, that love is expensive. Of course, compared to most of the girls I've gone out with, that's a bargain!
A virus does not usually start from someone opening an e-mail message. You have to actually activate the virus, which is done by opening an attachment. It's like thinking you can get food poisoning from a can of Spam just by buying it. You would have to open the can and eat it although, it is possible to psychologically scare yourself into believing you are, indeed, a can of Spam. In that case, no one can help you. And don't get that confused with spam e-mail.
Why do people open attachments from people they do not even know? In a wire story after the devastating love virus, one person said they received the message from Dow Jones and thought it was safe. So how often do your stocks say they love you anyway?
A key is checking the extension on whatever the attachment is. Don't fall for unrecognizable suffixes. Basically, if you don't know what .vbs stands for, then don't open the file. Unfortunately, it would be even worse to send it back to the original address and ask for a full refund. Here are a few tips to follow when faced with a potential problem attachment: http://thegleaner.com/daily/2000-07-09/bc2000-07-09.html.
In Windows, it is practically possible to activate a virus just by brushing your teeth, I mean, just by opening an infected e-mail, as with the BubbleBoy virus within Microsoft Outlook (http://www.zdnet.com/zdhelp/stories/main/0,5594,2390955,00.html). If you use this program to open e-mail, and you use an IBM-compatible computer, and you were born in June, BEWARE! I'm sure there's a setting you can change to prevent this. Ask your stockbroker just to make sure.
Opening attachments is just one Internet security threat, according to the SANS Institute, a cooperative research and education organization of system administrators, security professionals, network professionals and circus animals. Most of the problems (the full list can be found at http://www.sans.org/topten.htm) are not things people have to face every day, such as what type of ice cream you should use to build a castle. But some of the tips are helpful, even for the non-systems guy. When I figure out exactly how they are helpful, I'll let you know.
Seriously though, the advice is simple -- people should be more careful with their passwords, remembering them and not making them so obvious, like your name or your underwear size. Make sure directories are easily found by those who need to find them and hidden from the common pirate. And, never try to use the calculator to access e-mail.
Well, that last one didn't make the list, but I thought No. 5 was halfway interesting: "Sendmail buffer overflow weaknesses, pipe attacks and MIMEbo, that allow immediate root compromise." What this means is sometimes your e-mail gets lost the same way the IRS fails to send you a tax refund. And I thought all along those people were just getting tired of me stalking them! I'll have to dig out their addresses.
Generally, it's best to be careful with how accessible your e-mail is, and how willing you are to do something more ridiculous than go fishing with a worm taped to a fork. Don't just open random attachments ever again or I will send you 500 chain letters right after you read this, and you'll have 700 ways for you to finally GAIN FINANCIAL FREEDOM.