Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Are you sure email accounts don't get infected with viruses?

Question:

In the article, “My
mail account has a virus. How do I get rid of it?
” you wrote “email
accounts do not get infected with viruses.”

But in this link [a link to a PC magazine article], it says, “An email virus
arrives in someone’s inbox as an executable attachment or link. If it manages
to launch without getting caught by the anti-virus it quickly goes to work by
replicating itself. The virus’ activity can generate a flood of
undeliverable mails and warnings back to the victim’s email account, a flood
that would reveal the virus’ presence.”

Am I reading the above correctly? It seems to claim that an email account
gets infected. Also if an email account shows email in the Sent folder that the
victim didn’t send, does that mean virus spoof or what? Thanks for your time
and your consideration.

In this excerpt from
Answercast #28
, I look at the way email accounts deliver viruses to
machines and the fact that the email account itself isn’t infected, although it
may look like it is!

]]>

Email account with virus?

I stand by my statement, “Email accounts do not get infected.”

Email accounts live on email servers and they are simply repositories (databases, if you will) for files. Some of those files might be viruses, but because they are in the database of an email server doesn’t mean they’ve actually infected the server.

Email accounts as delivery mechanisms

What the PC Magazine quote you’ve given me describes is the fact that:

  • The email contained a virus

  • That it was downloaded to your PC

  • And it was run

It was run on your PC and it’s your PC that then gets infected.

So, it’s not the email account at all. The email account is simply a delivery mechanism, if you will. It’s a way for transporting a virus from one place to another. The place the virus infects is it’s final destination: your computer.

Hacked accounts

Now, if you find a bunch of emails in your sent folder that you didn’t send, that could imply that your machine is infected.

  • More often than not, what it really implies is that your email account has been hacked.

That doesn’t require your PC’s participation at all.

Your PC might have an infection… and of course, it’s well worth scanning and making sure that it does not. But most of these cases where email shows up in sent folders – in online email accounts – all that really means is that someone, somehow hacked or otherwise acquired your password.

They have logged into your email account (from somewhere else on the internet) and used your email account (usually via its web interface) to start sending out spam. They didn’t bother to delete what they sent from your mail folder; therefore, you’ll find it there later.

Someone is using your account

This can sometimes happen on PCs. But right now, today in 2012, it’s more common (much more common) that the kind of email compromise that we’re seeing is email accounts that are getting hacked into.

This means nothing more than that someone you didn’t authorize has the password to your email account. In which case, I will immediately point you to the: Email Hacked? 7 Things You Need to do NOW! article, which describes the steps you need to take to secure your email account immediately.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.