I have read various articles that state that viruses can be downloaded just
by opening an email, without having to click on an attachment. I’m wondering if
spyware is the same. Does it require me to physically click on an attachment
for the spyware program to run or can the spyware be activated simply by
opening an email to view it? And can the spyware be launched a second time on a
different computer if I click on it again?
This whole “can I get a virus just by reading email” question has been
around a very long time. These days it’s not really much of a risk at all, but
once upon a time there was a very real danger.
And, of course, you can still face that risk with a misconfigured email
Part of the question being asked here also is would spyware be any
In a word: no.
In all honesty, the line between viruses and spyware has become so blurred that it’s almost impossible to draw a distinction between the two. Spyware often propagates in the form of viruses, and viruses often install spyware. Which is which, and what’s what is pretty academic and, in my opinion, just not that important to the average user.
With the exception, of course, that you do need both anti-virus and anti-spyware protection, as the tools use different techniques to target what they protect you from. And yes, it’s doubly confusing since many anti-virus programs will trap some spyware, and conversely many anti-spyware tools will eliminate some viruses.
The real takeaway to remember to keep yourself safe is simply: don’t worry about the differences, and make sure you have protection from both.
Now, back to email.
You could get infected just by looking, and you didn’t even have to be there to look!
Needless to say, that was (relatively) quickly addressed by most of the email programs with a few not-so-subtle changes:
Images were not displayed by default.
Vulnerabilities were patched.
Spam filters also started to take on the role of simple virus checkers, and would junk email with suspicious content.
And of course anti-malware software began checking email as it arrived.
I’m sure you’re at least familiar with the image blocking step since it’s something you see frequently today. In almost all popular email programs images will not be displayed in an email unless that email is from someone you’ve indicated you trust.
Unless you explicitly turn them off, there are now enough safeguards in place with modern email programs and web based email services that the chances of getting infected by simply viewing an email are extremely remote. Most malware authors have moved on to techniques that are apparently much more successful.
Like tricking you into clicking a link, or opening an attachment.
When that happens, and it’s a malicious link or attachment – all bets are off.