Can I determine which of my contacts gave me a virus?

In this excerpt from
Answercast #78, I look at a few ways to determine where a virus came
from.

]]>
<![CDATA[

Which contact gave a virus

Unfortunately, it really depends on exactly how you got the virus. The answer ranges from yes to no; from easy to impossible.

If you got it via email, and you are paying attention and understand more or less when you got the virus, then you can probably determine who sent you the email – and whether or not that virus came from that specific email.

If you can – great. You now know who sent it.

Unknown sender

Many viruses come via spam. Spam, as we know by now, usually masquerades who it’s coming from. So it may look like it’s coming from a friend, but it may not actually have come from them! So before you go blaming a specific contact for a virus, make absolutely certain that the mail did indeed come from them.

Other ways you can get malware, viruses in general, on your machine are less traceable – usually because it is not so much your friend or a contact giving you a virus, as it is you going out and getting a virus.

Downloading from websites

By that I mean: downloading things from websites that you shouldn’t be downloading from; or installing things that are of a suspicious nature that you shouldn’t install.

Those kinds of things can all absolutely cause malware to be installed on your machine and may have nothing to do with any of your contacts.

Instant messaging

The other one that comes to mind, of course, is instant messaging.

That falls into the same category as email. If you saw an attachment, a file, that was shared with an instant messaging contact, then you know who gave you that file. If that file subsequently turned out to infect your machine, you can trace it back to that contact.

Make sure that they were in control of their account at the time you got that file. Certainly, it’s possible that their account had been hacked and that the person you think is your contact is really a hacker masquerading as them – using their account to send out malware.

Check your firewall

Finally, I have to throw out also that it’s important to make sure your firewall is up and running, and running properly, simply because that’s yet another way that malware can arrive.

If you are connected to the internet unprotected, in other words there is no firewall, there is no router, then it is possible that certain types of network-based malware can infect your machine without your having done anything – and without a contact having done anything.

That’s one of the reasons that one of the very first things I always recommend when people set up a computer is to make sure that they’re behind either a NAT router, which acts as a firewall, or that they enable the Windows firewall to begin with.

So the short answer is not so short; it really depends on exactly how you got the malware. Knowing how you got it should tell you where it came from in certain cases. If it doesn’t then honestly, there’s probably no real way to know.

(Transcript lightly edited for readability.)