New malware appears every day, and it seems like hackers constantly get smarter and craftier.
In the past, asking if your machine could become infected with malware by just reading your email would get laughs from the geeks in the crowd. “Of course not!” they would giggle.
Then came Outlook. Not only could opening an email infect your machine, but for a while, you didn’t even have to be around to have it happen.
And the geeks stopped giggling.
For a while.
Fortunately, today things are different.
Of HTML, DHTML, and JavaScript
HTML is the “language” of the web. It’s the way web pages are encoded and described to your browser so it can display the web pages as the designer intended.
DHTML, for Dynamic HTML, and JavaScript, a programming language, added something HTML didn’t have by itself: the ability to do things. By “things,” I mean actions as simple as turning this portion of this sentence red when you move your mouse over it to interactive games you can play in your browser.
Your browser, and the HTML that was displayed in it, became a platform for computer programs.
Then along came email.
HTML email
Email used to be plain-text only, and much of it still is.
But someone had a bright idea: what if we made email more flexible and gave it all of the richness of HTML formatting? In HTML-formatted email, words can be bold or underlined, we can insert images, and much much more.
Email could be as “pretty” and complex as a magazine page.
Since many email programs simply used the same code as the web browser, email messages could also now do things.
Then along came malware.
Malware in email
Malware in emailIf email could “do things,” like run small programs within the window in which they were being viewed, it didn’t take long for hackers to start writing malware that not only took advantage of that, but also exploited other vulnerabilities those programs could access.
Vulnerabilities that allowed them to infect your machine with more malware…
…simply because you opened your email and looked at it.
Before it got better, it got worse.
Then, along came Outlook.
The Preview Pane’s Role
I say “Outlook,” but in reality, any email program that offered what we now call a “preview pane” was vulnerable. Outlook was simply one of the earliest and most popular.
The scary scenario worked like this:
- You left your email program open on a view of your inbox with the preview pane showing.
- You had the “most recent” email selected; its contents were in the preview pane.
- You left.
- You got new email. Outlook dutifully kept the selection at the most recent, and updated to select the newly arrived message.1 As a result, it also updated the contents of the preview pane with the contents of the new message.
- If the new message contained malware that infiltrated by trying to execute JavaScript, that malware would run and infect your machine.
Your email program “looked” at a message and your machine was infected. You weren’t even there.
Fortunately, that didn’t last long.
Modern email programs and sites don’t do that
Needless to say, that possibility was fixed quickly.
The most dramatic fix is that JavaScript, and almost all other scripting used to allow an email message to “do something”, no longer works. Period. For good or for evil, you can’t put scripting into an email message and expect it to work.
Along the way, the vulnerabilities related to email-based exploits2 have also been getting fixed, regularly and quickly.
Additionally, images aren’t even displayed by default by most email programs anymore (for reasons related to spam, but it also increases your security with respect to malware). Today’s situation is very, very different.
Today, you cannot get infected by just looking
Opening an email is a safe thing to do.
Having your preview pane open is a safe thing to do, even if you’re not around.
Email programs and email services now no longer allow the things that once upon a time made looking at an email risky.
However…
You CAN get infected if…
The one thing missing from the discussion above is: attachments.
The ability to attach an arbitrary file to an email message actually predates HTML-formatted email. It remains a convenient way to transfer a file from one place to another.
Unfortunately, the word “arbitrary” is appropriate. Any file can be attached to an email, including programs that infect your machine with malware.
That’s why one of the admonitions relating to internet safety is to never open an attachment you’re not expecting and that you don’t know for certain is safe.
You can get infected by just looking at the contents of an attachment.
Email safety rules
So, let’s review the rules for safe email:
- Keep your versions of Windows, your browser, and your email program up to date with the latest patches. If a vulnerability is discovered, you want it to be fixed as soon as possible so as to keep things as safe as possible.
- Run appropriate anti-malware software to help keep your system clean.
- Keep your anti-malware software up to date, and most importantly, allow it to keep its databases of malware information as up to date as possible as well.
- Never open an attachment unless you expect it, you’re positive you know what it is, and you trust the sender.
- Never click on a link in an email message unless you’re positive you know where it’s going, and you trust the sender.
Download (right-click, Save-As) (Duration: 7:18 — 3.4MB)
Subscribe: Apple Podcasts | Android | RSS
grimm
Dear Leo,
I have today received two virus-bearing e-mails, whose address is nearly the same as a newsgroup I subscribe to. I have blocked it and found the router information. I seem to have the e-mail address here of the person who started the chain of events. What do I do now?
Leo
In general in these situations I do nothing. Depending on how certain you are about knowing where the virus started, you might contact them and let them know they’re infected, but viruses are so good at mucking up email headers that I no longer trust that information. Best advice: make sure you’re protected, delete the viruses and go on.
Hayder
okay, 1) so how’s clicking on an url inside an email potentially destructive? Could that single “click” have been disguised as a “run” click which ensuingly activates a script or a virus of some sorts?
2) Can WORD/EXCEL/PPT files be infected with viruses?
Leo
1) It’s very easy to make a URL *look* like it’s going to one place, when in fact it’s going somewhere else. Case in point: all the eBay, Paypal and bank “account verification” phishing scams.
2) Absolutely. They all support a very powerful macro/scripting language that can be used. It’s one of the reasons that current version of Office applications include various security measure that typically will disable, or at least ask, before opening a document that contains macros.
Aneta
Leo,
I have a question related to contracting something just by opening an email. Is it true that you should not use the preview functionality because it opens an email and tells spammers you are a valid recipient?
Thanks
Ian
Thought you might find the following a bit amusing even though it is based on fact from my own experience of 25 years in the computer industry.
Regarding Viruses, when you receive a dire warning of a new Virus on the Internet never send it on to friends in your address book, or click anywhere on it. Write down the name of the so called Virus, then go on the Internet and type in the name of the virus and the word scam. This will tell you if it is just a hoax. If so simply delete the offending email. But on the other hand your Internet search reveals that it is a real threat then you can warn your friends, NOT by forwarding the Email but creating your own warning Email to send to them.
Most of the viruses on the Internet are put there by the very people who sell virus programs and Internet security. It is a multi Billion dollar industry and so Virus program companies never want to see it end, only grow larger. Of course there are other idiots who have nothing to do with these companies who put viruses on the Internet just to hurt or be smart.
Also China currently is training thousands of computer hackers to become adapt in corrupting military, government, banks and civilian computers in the West, that is one of the real dangers that might be facing us as we move towards skype or computer communications. Imagine if just in Sydney alone if they shut down the computers that control traffic, airport and banks computers including shopping centres and ATM’s the chaos it would cause.
Another dangerous place to go with your computer is on the Internet to so called “Crack Sites” these are Websites where at no cost you can download a serial or key number to activate Free a program or game for nothing this is a way many people in the past have freeloaded games and programs.
Years ago this was relatively safe however over recent years the people and companies who spend money and time developing programs worth Dollars are finding their profits and ideas stolen.
So to combat this they are submitting serial numbers and small programs called keygens that generate a number or key for their programs that people have downloaded free. However when you open these Number or Keygens it instantly corrupts your computer. So my advice is stay well away from Crack sites.
Another ploy by some overseas companies is they offer you free “Speed Up” or scanning programs for your computer. Several simply run the so called free scan on your computer, As an experiment a group of computer Techs I know ran a couple of these programs on several computers. At the end of the test strangely they all showed exactly the same faults.
At the end of the test came the same message. Free scan complete, Our program can fix the faults found and speed up your computer just send us X amount of dollars.
So after you send them the money and the program is activated (if you are lucky) your computer seems to run a bit faster. What has really happened is the program has placed a slow down robot on your computer. This is stopped for the 12 months of your paid time. Occasionally just to remind you the program will either speak to you or place fancy messages on your screen just to remind you it’s there.
Towards the end of 12 months the slow down robot cuts in and as you get annoyed with your computers slowness you once again pay your subscription to the speed up con-men. Just the same as renewing your subscription to a Virus program company.
A thing that you have to realise Alan the normal Virus scanning program on your computer can scan each file or folder for over 200,000 yes that’s two hundred thousand virus signatures in less than one second (No wonder your computer needs a cooling fan on it’s Brain ‘CPU’).
However to use a computer without a virus program you can do several things, Install ‘LINUX’ system on your computer, no problems with viruses. It runs fine along with your Windows XP program. So LINUX for Internetting and Windows XP for everything else but never connecting to the Internet.
Apple Mac computers I believe are faster, run smoother and never have a problem with Viruses.
The Emails your receive that are passed on Funnies that you get from someone that has also sent these Emails to everyone in their address book unknowing the real possibility nor risk as they do it in good faith not realising the risk to others they care for.
These corrupt Emails are what they refer to in the trade as Used Condom Emails because they are passed on from and to many people they can carry corruptions and spyware not only to your computer but also to other peoples computers. It is a bit like the Aid’s Virus for computers. They are a bit like the old “Chain Letters” in many instances.
Normally if you say to someone ‘you know those funnies you receive and pass on could carry corruptions’ they can get a bit offended, still it is not said to offend just let people be aware of might be unknowingly happening, and that is the real danger in today’s world of electronic technology.
The problem with all the Windows operating systems is just like a protective mother they are to over protective and in this very fact leave your computer open to attack. One feature of the windows operating system is a thing called “Remote Access” this allows anyone, anywhere in the world whilst you are on the Internet to log onto your computer. It is as if they are in your home sitting at your computer.
Normally this system will only work if you give that person or persons electronic permission to access your computer. Best thing is to disable “Remote Access” on your computer, Unfortunately you may need to check it every second day as if a corrupt email or a link from a website may override and activate remote access allowing hackers into your system and stealing personal gear.
Another thing that you never hear mentioned is about Keyboard Viruses, whilst remotely connected to one of these hackers across the world or a corrupt Internet website, everything you type on your keyboard, Names, Phone numbers, Passwords and login words, numbers or letters also Email Address can be recorded on some hackers computer.
So the way to avoid this is when typing in private stuff use the Onscreen Keyboard you will find in Programsaccesoriesaccessabilities never have to type manually your password Etc. just click on the onscreen keyboard.
Cheers
Dan
Wow Ian, I doubt reputable companies use these ploys. Anyway – no matter how you enter text, my understanding is it goes through a keyboard buffer. So if you use a usb keyboard, or onscreen keyboard or automated batch process to enter data, it still puts and pulls the data from the keyboard buffer — that is unless it has changed without me knowing it (which could happen). Those keyboard hacks also pull the data out of the keyboard buffer – so the other data entry routes won’t stop the hackers from reading your keypresses – since they are not actually monitoring the keyboard, but the keyboard buffer built into all computers.
Jabba the Cat
“Most of the viruses on the Internet are put there by the very people who sell virus programs and Internet security.”
A comment based in true ignorance…
05-Dec-2012
bill
A sign of ignorance – the length of the rant accusing everyone of evil.
Gabe
I just confirmed that Outlook 2010’s preview pane no longer shows new emails arriving. I checked the “Inbox” and the “Unread Mail” view. It maintains the selection of the last email you viewed not the one that just arrived. Of course, there may be a way of overriding this but I haven’t looked into it.
Kevin
Wow as someone said!!!..But I always assume the worst…So what to do??….Being very very careful helps a lot and may be the best at the moment.
Patrick C
I loved reading the above. It confirms in a nutshell what I regularly tell family and friends re. (e-mail) viruses but which some of them seem not to accept or willing to apply.
One off the things I keep repeating is along the lines you suggest:”So LINUX for Internetting and Windows XP for everything else but never connecting to the Internet.
Apple Mac computers I believe are faster, run smoother and never have a problem with Viruses.”
I have one remark and one question:
1. About Linux running OK alongside Windows (which is more vulnarable) and keeping both seperated with regard to internet access, I’m inclined to agree. But all too many people are so used to Windows… It is as if they are brainwashed and consider Linux to be an unsurmountable obstacle.
2. However, saying that Macs never have problems with viruses is a very strong statement, so strong that I find it hard to believe… Could you explain why that should be so? Technically I see no way how or why Apple Mac could be totally invulnarable to viruses (or other malware). Each time some one confronts me with that kind of statement, I’m at a loss for a really correct answer. I’ll appreciate your views on this. Kind regards, Patrick.
connie
@Patrick C,
Linux and Macs are probably just as vulnerable to viruses. It’s just that the majority of computers are Windows, so hackers and scammers target their energy to those.
Leo wrote a good article on that: Are Mac’s inherently safer?
Rick Sos
Yup those attachments can be deadly. A month ago I decided to click on an attachment. Half an hour later I noticed my anti virus had been shut down. Not sure if I had restarted it or not during that period. I did a scan and sure as God made little green apples I was infected. With the virus removed I felt better for about ten minutes then that voice that was telling me not to click on the attachment in the first place said check again.
I restarted the computer and scanned and sure enough it was back. I removed it with an Avira rescue disk and did an all files scan with MalwareBytes and all was well after that.
All that time spent scanning was my own fault. I didn’t listen to my inner voice. lol.
I invited the darn thing into my computer. I didn’t listen to my own advice. Hahaha.
Now if I’m not sure I just open them with Linux.
johnbots
As always, a well written, informative article. Thanks
Tom
For all that’s said and written about malware, viruses et al and the billions that must be being spent on fighting it, I personally wonder just what it is that goes on in the sick little minds that create and dispatch this muck out into the ether.
It’s not even as if the could get their kicks out of watching the dismay on people’s faces when they realise that their computer is sick. They can only imagine it. Truly weird people.
Mitch MacKay
Having to copy & paste to send articles is the necessary workaround in lieu of attachments. Recently some reliable contacts’ names and addresses have been hacked and attachments forwarded through those email addresses, which though only spam cause some disruption in email
function. That implies some cautionary scrutiny into even known contacts. Attachments are definitely the devil’s playground.
bill
The other thing is to describe the attachment and how it connects you to the recipient.
Spammers who are sending out millions of copies of the same item to names on their list cannot personalize it.
Mark Jacobs (Team Leo)
@Tom
Almost all virus activity has shifted from the kicks hackers get from creating a virus, to malware that is used for illicit commercial purposes such as stealing credit card and log in information, and spam bots etc.
Jabba the Cat
The other great myth, again based in ignorance, is that the are no viruses or malware that will run on a Linux platform…
bill
Security through obscurity is only great if you are obscure enough. I bet there aren’t any viruses currently out there for the TI-994a computers but there are a lot (numerically rather than percentage) of Unix based computers.
I know Mac users that believed that they couldn’t get viruses and others that knew they could but that there were fewer of them out there.
jerry thomas
Why can’t my ISP filter out malware before it gets to me??…..jt
08-Dec-2012
Vesa Koistinen
This is an old discussion thread, but I want to tell what happened to me a few years ago: I was fool enough to open an e-mail from an unknown source, and it contained just some code (computer language) plus a brief threatening message in plain English. No attachment or link. But just by opening that message I got a worm infection. I got rid of it by restoring a backup. Hopefully such things do not happen nowadays.
Mark Jacobs (Team Leo)
That’s one of the things that’s no longer a problem with modern mail programs.
Vesa
OK, got it. Thanks, Mark !
Noel
Hi-I did read the article, and while I understand that just opening an email will not infect my computer….I opened an email on my phone (I have a basic phone with no internet unless I pay for it (but I think Verizon gives you some ability to open emails/send emails from my phone since I am able to email)—Anyway, the opened email had no content that I could see and since someone has been stalking me (police involved) I am concerned that this person somehow sent me a virus that can track my texts or even listen to my conversations….is this possible or am I being completely paranoid?? Any information on this would be greatly appreciated-thank you.
Peter
Hi,
This is old discussion, but read following:
I received email with attachment fax.zip in my Outlook. I clicked on email to see it. Than I just selected (not double clicked) fax.zip file and Symantec protection alert pop up that it detected Malware infection and deleted fax.zip plus 10 other files (for example: C:\users\Peter\syswow64\wsnpoem\audio.dll)
My Outlook is set to ask me if I want to preview any files in reading pane. I didn’t double click on zip file in email, just selected it. If I do same with any other file, outlook would ask me: Are you sure you want to preview??
So, did just selection of the file initiated file execution?
Thanks
Mark Jacobs (Team Leo)
Outlook has safeguards to not initiate execution. If it is executable, it will warn you and ask if you want to execute it anyway.
Peter
I know, but how come Symantec found another 10 files (for example: C:\users\Peter\syswow64\wsnpoem\audio.dll) already at my pc with attached file. As soon as I selected attached file, Symantec alert popup: Found malware Trojan.zbot. and list of deleted files and restart required.
LadyQ
It seems you did not answer the question. If he did not double-click on the link, how could there already be 10 files on the computer? Or – why did Symantec delete files that were NOT part of the e-mail? Thanks. This site has been helpful to me.
Mark Jacobs (Team Leo)
If an email contains malware, an AV program will find it, but modern email programs won’t execute the malware.
ylsi
Hi,
sorta related on Vesa Koistinen’s comment, what if a person sending email via infected device (PC with virus or smartphone with virus for example –let say, the viruses are computer virus and smartphone virus), not inserting any attachments at all, does the email bring the virus?
Leo
Viruses are usually attachments, but they;re often also transmitted by links in the email that people click on.
Ylsi
Thanks for your reply, Leo..
Here the case:
I open/read a plain email (only text, no attachments at all, no links written) which is sent by infected PC/smartphone. As you said, “You cannot get infected by just looking”,
I assume I won’t get infected by that email and the email doesn’t bring/spread any viruses from the infected PC, right?
Mark Jacobs (Team Leo)
As the article says, you should be OK in this case.
Leo
You won’t get infected by looking. “won’t bring” is too vague a term. When the email is downloaded to your PC there may, indeed, be viruses in the attachments it carries. As long as you don’t cause those attachments to be opened, then you won’t get infected.
Ylsi
@Mark Jacobs and Leo:
Thanks for your answers..
Ok, as long as I don’t open any (suspicious) attachments/don’t click any (suspicious) links. I’ll be fine.
Tom
Recently I have been seeing emails with .zip attachments that activate a trojan from the .zip header just by previewing it, without even unzipping the malicious file. This is worrying.
Mitar
Hey everybody.
Today I received an email in my Gmail account from a strange sender I didn’t know. I opened it and it contains a picture. As you know it is by default not shown in gmail. I press the “display the image” option and in the picture there was a suggestion to open a link which I didn’t click. But I’m so worried that even by displaying that image I might be infected by the virus. I opened it first in my Android phone but even in my mobile phone I didn’t press the display image button. I then opened it on my laptop and as I told you I press the display the image button. Do you think now I’m in danger of being affected by any virus. unfortunately I have no antivirus not on my mobile phone nor on my laptop.
regards
Mark Jacobs (Team Leo)
Displaying an image in an email won’t invite a malware infection. It does, however, notify the spammers who sent it that your email is a live address and may open you up to more spam.
Leo
Simply displaying a picture would not infect you. At worst you may just get more spam.
Goatlips
*Anymore
e.g. Do you have any more apples? No, we don’t sell apples anymore.
Any more = amount; Anymore = time.
Mark Jacobs (Team Leo)
Thanks, fixed.
Helmut Merkel
Hi Leo. I read your article already a few weeks ago, and all what you said made sense to me – as is the case for all the other articles you published by now, and I have read many of them.
But in a German newsletter, which I subscribed to and which came from the highly regarded (I’ll translate into English, the official name is in German) “German Federal Bureau for Security in IT” I read something on 28 April 2016 that really made me nervous. After that I posted my concerns on http://superuser.com/questions/1071213/can-you-get-a-virus-simply-by-opening-an-email (not sure if I’m allowed to post this URL here!), so if you like you can read the details there, it doesn’t make sense to just copy & paste all my statements from there to here – in case I’m supposed to do that, let me know.
So my question: Do you still stick to your statement “You cannot get infected by just looking”, even in 2016?
P. R. Affenpinscher
I would like to alert folks that some spam emailers are able to defeat your mail settings to not show images from unknown senders. Recently Verizon switched residents of my state from Yahoo to AOL Mail and images are being shown in spam emails despite being set not to. I have switched off the preview pane in AOL mail and will see if this works but wanted others forced by Verizon into AOL to be aware.
bob
What about looking at source code- or message source? Is that a safe way to check out an email before decidign whether to open or not?
Mark Jacobs (Team Leo)
Viewing the source code would be safe, but if you read the article carefully, you would have seen that modern email programs offer adequate protection, so there’s no need to do that..
Leo
Looking at message source should be safe.
Mark Jacobs (Team Leo)
“Never open an attachment unless you expect it, you’re positive you know what it is, and you trust the sender.
Never click on a link in an email message unless you’re positive you know where it’s going, and you trust the sender.”
Those 2 points can’t be stressed enough. An spammer can sent an email with a malware attachment or link and make it look like it came from a trusted contact. So I’d say trusting the sender is not enough. Just don’t open any attachment unless you were expecting it, even if it comes from a “friend”.
Ray Smith
“Another layer of protection is to set Windows File Explorer to turn off hide extensions for known file types. ” – Or a company. Fake invoices are a pretty popular popular ways of spreading malware and some of the emails can be very convincing.
Mark Jacobs (Team Leo)
Another layer of protection is to set Windows File Explorer to turn off hide extensions for known file types. It’s a stupid default which allows hackers to disguise executable files as .jpg or .pdf etc.
Gmail is great for this, as it refuses to send or receive emails with executable files, even hidden within .zip or .rar files. If you ever need to send an executable file in Gmail, change the extension and tell the recipient to change it back to .exe. That way they’ll also know that you’re are sending them the file and you can let them know what it is. A better method, however, would be to send it via Dropbox or OneDrive etc.
Mark Jacobs (Team Leo)
Technically you are correct, but the average user or even tired experienced user might not pay attention to that.
Louis Govaert
Dear Leo,
When I read all these comments I´m really astonished viewing that in the USA there are that much problems with viruses and malware.
I´m living in Portugal (Europe) and I´m paying for Avast Premium and for having Malware Bites. I´m using also the protected browser from Avast
and never have any problem with viruses or malware. The only thing that Malware bites is blocking are PUP´s….for the rest my computer is clean.
From a map about risk zones in Europe it appears that Portugal seems to be in a low risk zone. Could that be the reason all is running that smoothly?
Connie (Team Leo)
Low risk zone sounds like a reasonable explanation. I think it could be like the Mac vs. PC issue. Macs have been less targeted for viruses because they are a smaller market share, and so more work and less lucrative than PC’s to attack. I’m sure the US “Market” is much more lucrative, and thus we get more attacks.
Ron Kaplan
Why not add paypal as a method for folks to support your site?
I started to do so today, but did not want to enter any credit card info.
Just a suggestion…
Leo
Paypal is absolutely one of the checkout options at my store: https://store.askleo.com
H Davis
I noticed the ad for the CyberPower Intelligent LCD Series UPS in the latest newsletter that lead me here. While I’m sure it’s a fine product it suffers from what I consider a near fatal deficiency; that is nearly all of its outlets are spaced close together. Unfortunately this is a universal affliction of these types of devices.
I have found that a permanent supply of 1foot extension cords with a pass through plug on one end (like on Christmas tree light strings) are really useful in overcoming this problem. I have 5 wall wart type supplies connected to my UPS and it isn’t possible without these helpful little cords. You can either connect your wart to the end of the cord and still have the receptacle at the back of the plug available or in many cases you can plug the wart into the pass through plug if you have a conventional plug in the receptacles on each side of it.
You can see what I’m talking about at: https://www.cyberguys.com/product-details/?productid=113741&rH=1214. I have no connection with these folks and Amazon has similar products from Ziotek.
Now, of course, you have to decide if I’m a kook and have created a malicious Cyberguys link to lure you in to some malware trap. If you’re leery Google “power strip liberator” or Ziotek cords. Your choice.
johnpro2
For dubious email links and attachments I sandbox the web browser(Chrome) using free version of Sandboxie or my email reader. (Outlook)
I have not run a real time malware program since Microsoft stopped supporting Defender et al.
I run Malwarebytes , Adwcleaner and Hijackthis every few months just in case. Nothing found for the last few years.
Mark Jacobs (Team Leo)
None of those programs you mentioned are real antivirus programs. If you don’t run a real-time antimalware program, you might consider running a periodic antivirus scan with one of the popular free AVs such as Antivir, Avira or AVG,
johnpro2
I realise this Mark 🙂
The point of the exercise is to demonstrate, to myself at least, that malware normally requires some input from the computer operator.
Mark Jacobs (Team Leo)
I hope you keep good up to date backups. Since the turn of the millennium, I’ve only got hit with malware twice. Not bad, but when hit it still would have been very serious. Both times, I simply restored from my backup. Even so an AV program is a good idea. The most effective malware sits on your computer quietly doing its damage like stealing passwords or sending spam etc. I
rob
hi mark i opened an email and attachment on the computer at the local library,and then quickly deleted it, i suspect it could have had spyware in it. could it be possibly it has planted spyware on my home computer even though i opened and deleted it at the library?thanks rob
Mark Jacobs (Team Leo)
Unless you accessed that email on your computer, it wouldn’t have infected your computer. In order to get infected you have to run that malware program on your computer.
Robert Reid
https://www.digitaltrends.com/computing/powerpoint-malware-runs-with-only-a-mouse-hover/
Leo
Keep your software up to date. Vulnerabilities like this are quickly fixed.
Gareth
Hi Leo, I too opened an unknown email with no links or attachments via the yahoo mail app but am know a lot less worried thanks to your thread. I’m not the most computer savvy however with things like this so I have a few questions that I would appreciate you or your team could help me with.
1 the message simply asked how I was and am i right in assuming that it was sent to verify if my email address was live so the source could send more emails in future?
2 I clicked reply to see the email address it was sent from but didn’t actually send a reply. Was that OK to do?
3 Does it matter how many times you open an email like that? and am guessing no?
And finally…
3 regarding AV programmes is avg free sufficient for protection or is Avg pro or similar programmes that you have mentioned in this thread essential?
Mark Jacobs (Team Leo)
1. That’s a reasonable assumption.
2. Unless you click send, it only creates the email and sends nothing to the spammers.
3. Leo recommends the built in Windows Defender (or Microsoft Security Essentials for older versions of Windows), although he also has good words for AVG, Avast and Avira.
The free versions find malware just as well as the paid versions. The paid versions have more features. You’d have to decide whether you find that you want those features. Personally I’m happy with Defender and the built in Windows firewall. I have Malwarebytes and a Avira installed, but not in real time scanning mode.
Leo
1. Probably, but it’s sometimes hard to know why spammers send some of the mails that they do.
2. Probably OK yes.
3. Nope.
4. My anti-malware recommendations are here: https://askleo.com/what_security_software_do_you_recommend/
Brian Davis
A small number of my email subscriptions have advertising feeds that are not controlled by the email sender, just like you see on many websites. Can you get malvertising problems from those? Due to that concern I allow Thunderbird to block the remote content in those messages.
Mark Jacobs (Team Leo)
You wouldn’t get any malware from the remote site unless you clicked on that link and went to that website. Blocking remote content would further protect against even seeing that web content in your email. Most email programs and webmail sites automatically block downloading remote content. It’s a good idea to keep that block in place and on a case by case basis allow remote content from sites you trust.
H. Tucker
Leo wrote: “Viruses are usually attachments, but they;re often also transmitted by links in the email that people click on”.
Can you elaborate on what happens when a link is clicked? Does just going to the site transmit viruses or malware or is further action (e.g. download) required?
Mark Jacobs (Team Leo)
There are sites which can exploit vulnerabilities when you visit them.
Leo
Both. Sometimes simply visiting the site is enough, depending on many things. More often, though, it’s a download that they somehow trick you into actually running. (For example a fake Adobe Flash update.)