Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Can I Get a Virus By Looking at an Email?

It used to be scary easy.

Opening a Virus?

It used to be that simply viewing a malformed email could allow a virus to spread. Thankfully, that's no longer the case with modern mail programs.

In the past, asking if your machine could catch a virus just by reading email got laughs from the geeks. “Of course not!” they chuckled.

Then came Outlook.

Not only could opening an email infect your machine, but for a while, you didn’t even have to be around to have it happen!

The geeks stopped chuckling.

Fortunately, today things are different.

Become a Patron of Ask Leo! and go ad-free!

TL;DR:

It used to be that email programs would automatically run programs embedded in email messages when displayed, and occasionally those could be malicious. This is no longer the case, and you will not get a virus from looking at an email. It remains important to be skeptical with links and attachments, and to keep all software as up to date as possible.

Of HTML, DHTML, and JavaScript

HTML is the “language” of the web. It’s the way webpages are written and described so your browser can display them as the designer intended.

DHTML, for Dynamic HTML, and JavaScript, a programming language, added something HTML didn’t have by itself: the ability to do things. By “things,” I mean actions like turning this text red when you move your mouse over it to games you can play in your browser.

Your browser, and the HTML displayed in it, became a platform for computer programs.

Then came email.

HTML email

Email used to be plain-text only, and some of it still is.

But email began to be encoded using the same language as webpages: HTML. In HTML email, words can be bold or underlined, we can insert images, and more. Now email could be as “pretty” and complex as a magazine page.

Since many email programs simply used the web browser to display HTML, email messages could also now do things.

Then came malware.

Malware in email

Since email could “do things” like run small programs within their display window, it didn’t take long for hackers to write malware not only taking advantage of that, but exploiting vulnerabilities those programs could reach. Those vulnerabilities allowed them to infect your machine with more malware.

All because you opened your email and looked at it.

Before it got better, it got worse.

Then came Outlook.

The Preview Pane

I say “Outlook,” but any email program offering what we now call a “preview pane” was vulnerable. Outlook was one of the earliest and most popular.

It worked like this:

  • You left your email program open with the preview pane showing.
  • You had your most recent email message displayed in the preview pane.
  • You walked away.
  • You got a new message. Outlook, keeping the selection at “most recent”, selected the newly arrived message1 and updated the preview pane with its contents.
  • If the new message contained DHTML/JavaScript malware, it was possible it would run and infect your machine.

Your email program “looked” at a message and your machine was infected. You weren’t even there.

Fortunately, this didn’t last long.

Modern email programs and sites don’t do that

That possibility was quickly fixed.

The most dramatic fix is that JavaScript — and most other coding that used to allow an email message to “do something” — no longer works. Email is no longer treated like a webpage. Even when displayed in a web interface like Gmail, the message is scrubbed of any scripting that could cause problems before it is displayed.

Along the way, vulnerabilities related to email-based exploits2 have also been getting fixed, regularly and quickly.

Additionally, images aren’t even displayed by default by most email programs. This is done for reasons related to spam, but it also increases your malware-related security.

Today, things are very different.

No, you cannot get infected by just looking

Opening an email is a safe thing to do.

Having your preview pane open is a safe thing to do, even if you’re not around.

Email programs and email services no longer allow the things that once upon a time made looking at an email risky.

However…

You can still get infected if…

The one thing missing from the discussion above is attachments.

The ability to attach an arbitrary file to an email message predates HTML-formatted email. It’s a convenient way to transfer a file from one place to another.

Unfortunately, the word “arbitrary” is appropriate. Any file can be attached to an email, including programs that would infect your machine with malware.

That’s why one of the admonitions you hear over and over is to never open an attachment you’re not expecting and that you don’t know for certain is safe.

You can get infected by just looking at the contents of an attachment.

Email safety rules

  • Keep Windows, your browser, your applications, and your email program up to date. If a vulnerability is discovered, you want it to be fixed as soon as possible to be as safe as possible.
  • Run anti-malware software.
  • Never open an attachment unless you expect it, you’re positive you know what it is, and you trust the sender.
  • Never click on a link in an email message unless you’re positive you know where it’s going and you trust the sender.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

Podcast audio

Play

Footnotes & References

1: This behavior has also changed. I believe Outlook no longer changes which message is selected.

2: One example: at one point, there were exploits in the software used to display images such that malware could be in maliciously-crafted image files. Not only have those exploits been resolved, but most email programs no longer display images from untrusted senders by default.

87 comments on “Can I Get a Virus By Looking at an Email?”

  1. Dear Leo,
    I have today received two virus-bearing e-mails, whose address is nearly the same as a newsgroup I subscribe to. I have blocked it and found the router information. I seem to have the e-mail address here of the person who started the chain of events. What do I do now?

    Reply
  2. In general in these situations I do nothing. Depending on how certain you are about knowing where the virus started, you might contact them and let them know they’re infected, but viruses are so good at mucking up email headers that I no longer trust that information. Best advice: make sure you’re protected, delete the viruses and go on.

    Reply
  3. okay, 1) so how’s clicking on an url inside an email potentially destructive? Could that single “click” have been disguised as a “run” click which ensuingly activates a script or a virus of some sorts?

    2) Can WORD/EXCEL/PPT files be infected with viruses?

    Reply
  4. 1) It’s very easy to make a URL *look* like it’s going to one place, when in fact it’s going somewhere else. Case in point: all the eBay, Paypal and bank “account verification” phishing scams.

    2) Absolutely. They all support a very powerful macro/scripting language that can be used. It’s one of the reasons that current version of Office applications include various security measure that typically will disable, or at least ask, before opening a document that contains macros.

    Reply
  5. Leo,
    I have a question related to contracting something just by opening an email. Is it true that you should not use the preview functionality because it opens an email and tells spammers you are a valid recipient?
    Thanks

    Reply
  6. Thought you might find the following a bit amusing even though it is based on fact from my own experience of 25 years in the computer industry.

    Regarding Viruses, when you receive a dire warning of a new Virus on the Internet never send it on to friends in your address book, or click anywhere on it. Write down the name of the so called Virus, then go on the Internet and type in the name of the virus and the word scam. This will tell you if it is just a hoax. If so simply delete the offending email. But on the other hand your Internet search reveals that it is a real threat then you can warn your friends, NOT by forwarding the Email but creating your own warning Email to send to them.

    Most of the viruses on the Internet are put there by the very people who sell virus programs and Internet security. It is a multi Billion dollar industry and so Virus program companies never want to see it end, only grow larger. Of course there are other idiots who have nothing to do with these companies who put viruses on the Internet just to hurt or be smart.

    Also China currently is training thousands of computer hackers to become adapt in corrupting military, government, banks and civilian computers in the West, that is one of the real dangers that might be facing us as we move towards skype or computer communications. Imagine if just in Sydney alone if they shut down the computers that control traffic, airport and banks computers including shopping centres and ATM’s the chaos it would cause.

    Another dangerous place to go with your computer is on the Internet to so called “Crack Sites” these are Websites where at no cost you can download a serial or key number to activate Free a program or game for nothing this is a way many people in the past have freeloaded games and programs.

    Years ago this was relatively safe however over recent years the people and companies who spend money and time developing programs worth Dollars are finding their profits and ideas stolen.

    So to combat this they are submitting serial numbers and small programs called keygens that generate a number or key for their programs that people have downloaded free. However when you open these Number or Keygens it instantly corrupts your computer. So my advice is stay well away from Crack sites.

    Another ploy by some overseas companies is they offer you free “Speed Up” or scanning programs for your computer. Several simply run the so called free scan on your computer, As an experiment a group of computer Techs I know ran a couple of these programs on several computers. At the end of the test strangely they all showed exactly the same faults.

    At the end of the test came the same message. Free scan complete, Our program can fix the faults found and speed up your computer just send us X amount of dollars.

    So after you send them the money and the program is activated (if you are lucky) your computer seems to run a bit faster. What has really happened is the program has placed a slow down robot on your computer. This is stopped for the 12 months of your paid time. Occasionally just to remind you the program will either speak to you or place fancy messages on your screen just to remind you it’s there.

    Towards the end of 12 months the slow down robot cuts in and as you get annoyed with your computers slowness you once again pay your subscription to the speed up con-men. Just the same as renewing your subscription to a Virus program company.

    A thing that you have to realise Alan the normal Virus scanning program on your computer can scan each file or folder for over 200,000 yes that’s two hundred thousand virus signatures in less than one second (No wonder your computer needs a cooling fan on it’s Brain ‘CPU’).

    However to use a computer without a virus program you can do several things, Install ‘LINUX’ system on your computer, no problems with viruses. It runs fine along with your Windows XP program. So LINUX for Internetting and Windows XP for everything else but never connecting to the Internet.

    Apple Mac computers I believe are faster, run smoother and never have a problem with Viruses.

    The Emails your receive that are passed on Funnies that you get from someone that has also sent these Emails to everyone in their address book unknowing the real possibility nor risk as they do it in good faith not realising the risk to others they care for.

    These corrupt Emails are what they refer to in the trade as Used Condom Emails because they are passed on from and to many people they can carry corruptions and spyware not only to your computer but also to other peoples computers. It is a bit like the Aid’s Virus for computers. They are a bit like the old “Chain Letters” in many instances.

    Normally if you say to someone ‘you know those funnies you receive and pass on could carry corruptions’ they can get a bit offended, still it is not said to offend just let people be aware of might be unknowingly happening, and that is the real danger in today’s world of electronic technology.

    The problem with all the Windows operating systems is just like a protective mother they are to over protective and in this very fact leave your computer open to attack. One feature of the windows operating system is a thing called “Remote Access” this allows anyone, anywhere in the world whilst you are on the Internet to log onto your computer. It is as if they are in your home sitting at your computer.

    Normally this system will only work if you give that person or persons electronic permission to access your computer. Best thing is to disable “Remote Access” on your computer, Unfortunately you may need to check it every second day as if a corrupt email or a link from a website may override and activate remote access allowing hackers into your system and stealing personal gear.

    Another thing that you never hear mentioned is about Keyboard Viruses, whilst remotely connected to one of these hackers across the world or a corrupt Internet website, everything you type on your keyboard, Names, Phone numbers, Passwords and login words, numbers or letters also Email Address can be recorded on some hackers computer.

    So the way to avoid this is when typing in private stuff use the Onscreen Keyboard you will find in Programsaccesoriesaccessabilities never have to type manually your password Etc. just click on the onscreen keyboard.

    Cheers

    Reply
  7. Wow Ian, I doubt reputable companies use these ploys. Anyway – no matter how you enter text, my understanding is it goes through a keyboard buffer. So if you use a usb keyboard, or onscreen keyboard or automated batch process to enter data, it still puts and pulls the data from the keyboard buffer — that is unless it has changed without me knowing it (which could happen). Those keyboard hacks also pull the data out of the keyboard buffer – so the other data entry routes won’t stop the hackers from reading your keypresses – since they are not actually monitoring the keyboard, but the keyboard buffer built into all computers.

    Reply
    • ESET virus software has stopped malware and trojans within e-mail when I DID NOT open the spam e-mail. You used to have to click on it. NOT ANYMORE !

      Reply
  8. “Most of the viruses on the Internet are put there by the very people who sell virus programs and Internet security.”

    A comment based in true ignorance…

    Unfortunately many, many people believe this fallacy.

    Leo
    05-Dec-2012

    Reply
  9. I just confirmed that Outlook 2010’s preview pane no longer shows new emails arriving. I checked the “Inbox” and the “Unread Mail” view. It maintains the selection of the last email you viewed not the one that just arrived. Of course, there may be a way of overriding this but I haven’t looked into it.

    Reply
  10. Wow as someone said!!!..But I always assume the worst…So what to do??….Being very very careful helps a lot and may be the best at the moment.

    Reply
  11. I loved reading the above. It confirms in a nutshell what I regularly tell family and friends re. (e-mail) viruses but which some of them seem not to accept or willing to apply.
    One off the things I keep repeating is along the lines you suggest:”So LINUX for Internetting and Windows XP for everything else but never connecting to the Internet.
    Apple Mac computers I believe are faster, run smoother and never have a problem with Viruses.”
    I have one remark and one question:
    1. About Linux running OK alongside Windows (which is more vulnarable) and keeping both seperated with regard to internet access, I’m inclined to agree. But all too many people are so used to Windows… It is as if they are brainwashed and consider Linux to be an unsurmountable obstacle.
    2. However, saying that Macs never have problems with viruses is a very strong statement, so strong that I find it hard to believe… Could you explain why that should be so? Technically I see no way how or why Apple Mac could be totally invulnarable to viruses (or other malware). Each time some one confronts me with that kind of statement, I’m at a loss for a really correct answer. I’ll appreciate your views on this. Kind regards, Patrick.

    Reply
  12. Yup those attachments can be deadly. A month ago I decided to click on an attachment. Half an hour later I noticed my anti virus had been shut down. Not sure if I had restarted it or not during that period. I did a scan and sure as God made little green apples I was infected. With the virus removed I felt better for about ten minutes then that voice that was telling me not to click on the attachment in the first place said check again.

    I restarted the computer and scanned and sure enough it was back. I removed it with an Avira rescue disk and did an all files scan with MalwareBytes and all was well after that.

    All that time spent scanning was my own fault. I didn’t listen to my inner voice. lol.
    I invited the darn thing into my computer. I didn’t listen to my own advice. Hahaha.
    Now if I’m not sure I just open them with Linux.

    Reply
  13. For all that’s said and written about malware, viruses et al and the billions that must be being spent on fighting it, I personally wonder just what it is that goes on in the sick little minds that create and dispatch this muck out into the ether.

    It’s not even as if the could get their kicks out of watching the dismay on people’s faces when they realise that their computer is sick. They can only imagine it. Truly weird people.

    Reply
  14. Having to copy & paste to send articles is the necessary workaround in lieu of attachments. Recently some reliable contacts’ names and addresses have been hacked and attachments forwarded through those email addresses, which though only spam cause some disruption in email
    function. That implies some cautionary scrutiny into even known contacts. Attachments are definitely the devil’s playground.

    Reply
    • The other thing is to describe the attachment and how it connects you to the recipient.
      Spammers who are sending out millions of copies of the same item to names on their list cannot personalize it.

      Reply
  15. @Tom
    Almost all virus activity has shifted from the kicks hackers get from creating a virus, to malware that is used for illicit commercial purposes such as stealing credit card and log in information, and spam bots etc.

    Reply
    • Security through obscurity is only great if you are obscure enough. I bet there aren’t any viruses currently out there for the TI-994a computers but there are a lot (numerically rather than percentage) of Unix based computers.

      I know Mac users that believed that they couldn’t get viruses and others that knew they could but that there were fewer of them out there.

      Reply
  16. Why can’t my ISP filter out malware before it gets to me??…..jt

    Particularly in the case of email, many try. Gmail is a great example. But no solution is 100% secure and your email providers and ISPs face a much larger backlash when they accidentally prevent you from getting something legitimate, so they tend to be conservative.

    Leo
    08-Dec-2012

    Reply
  17. This is an old discussion thread, but I want to tell what happened to me a few years ago: I was fool enough to open an e-mail from an unknown source, and it contained just some code (computer language) plus a brief threatening message in plain English. No attachment or link. But just by opening that message I got a worm infection. I got rid of it by restoring a backup. Hopefully such things do not happen nowadays.

    Reply
  18. Hi-I did read the article, and while I understand that just opening an email will not infect my computer….I opened an email on my phone (I have a basic phone with no internet unless I pay for it (but I think Verizon gives you some ability to open emails/send emails from my phone since I am able to email)—Anyway, the opened email had no content that I could see and since someone has been stalking me (police involved) I am concerned that this person somehow sent me a virus that can track my texts or even listen to my conversations….is this possible or am I being completely paranoid?? Any information on this would be greatly appreciated-thank you.

    Reply
  19. Hi,
    This is old discussion, but read following:
    I received email with attachment fax.zip in my Outlook. I clicked on email to see it. Than I just selected (not double clicked) fax.zip file and Symantec protection alert pop up that it detected Malware infection and deleted fax.zip plus 10 other files (for example: C:\users\Peter\syswow64\wsnpoem\audio.dll)
    My Outlook is set to ask me if I want to preview any files in reading pane. I didn’t double click on zip file in email, just selected it. If I do same with any other file, outlook would ask me: Are you sure you want to preview??
    So, did just selection of the file initiated file execution?
    Thanks

    Reply
    • Outlook has safeguards to not initiate execution. If it is executable, it will warn you and ask if you want to execute it anyway.

      Reply
      • I know, but how come Symantec found another 10 files (for example: C:\users\Peter\syswow64\wsnpoem\audio.dll) already at my pc with attached file. As soon as I selected attached file, Symantec alert popup: Found malware Trojan.zbot. and list of deleted files and restart required.

        Reply
      • It seems you did not answer the question. If he did not double-click on the link, how could there already be 10 files on the computer? Or – why did Symantec delete files that were NOT part of the e-mail? Thanks. This site has been helpful to me.

        Reply
        • If an email contains malware, an AV program will find it, but modern email programs won’t execute the malware.

          Reply
  20. Hi,
    sorta related on Vesa Koistinen’s comment, what if a person sending email via infected device (PC with virus or smartphone with virus for example –let say, the viruses are computer virus and smartphone virus), not inserting any attachments at all, does the email bring the virus?

    Reply
  21. Thanks for your reply, Leo..

    Here the case:
    I open/read a plain email (only text, no attachments at all, no links written) which is sent by infected PC/smartphone. As you said, “You cannot get infected by just looking”,
    I assume I won’t get infected by that email and the email doesn’t bring/spread any viruses from the infected PC, right?

    Reply
    • You won’t get infected by looking. “won’t bring” is too vague a term. When the email is downloaded to your PC there may, indeed, be viruses in the attachments it carries. As long as you don’t cause those attachments to be opened, then you won’t get infected.

      Reply
      • @Mark Jacobs and Leo:
        Thanks for your answers..
        Ok, as long as I don’t open any (suspicious) attachments/don’t click any (suspicious) links. I’ll be fine.

        Reply
  22. Recently I have been seeing emails with .zip attachments that activate a trojan from the .zip header just by previewing it, without even unzipping the malicious file. This is worrying.

    Reply
  23. Hey everybody.

    Today I received an email in my Gmail account from a strange sender I didn’t know. I opened it and it contains a picture. As you know it is by default not shown in gmail. I press the “display the image” option and in the picture there was a suggestion to open a link which I didn’t click. But I’m so worried that even by displaying that image I might be infected by the virus. I opened it first in my Android phone but even in my mobile phone I didn’t press the display image button. I then opened it on my laptop and as I told you I press the display the image button. Do you think now I’m in danger of being affected by any virus. unfortunately I have no antivirus not on my mobile phone nor on my laptop.

    regards

    Reply
    • Displaying an image in an email won’t invite a malware infection. It does, however, notify the spammers who sent it that your email is a live address and may open you up to more spam.

      Reply
  24. Hi Leo. I read your article already a few weeks ago, and all what you said made sense to me – as is the case for all the other articles you published by now, and I have read many of them.

    But in a German newsletter, which I subscribed to and which came from the highly regarded (I’ll translate into English, the official name is in German) “German Federal Bureau for Security in IT” I read something on 28 April 2016 that really made me nervous. After that I posted my concerns on http://superuser.com/questions/1071213/can-you-get-a-virus-simply-by-opening-an-email (not sure if I’m allowed to post this URL here!), so if you like you can read the details there, it doesn’t make sense to just copy & paste all my statements from there to here – in case I’m supposed to do that, let me know.

    So my question: Do you still stick to your statement “You cannot get infected by just looking”, even in 2016?

    Reply
  25. I would like to alert folks that some spam emailers are able to defeat your mail settings to not show images from unknown senders. Recently Verizon switched residents of my state from Yahoo to AOL Mail and images are being shown in spam emails despite being set not to. I have switched off the preview pane in AOL mail and will see if this works but wanted others forced by Verizon into AOL to be aware.

    Reply
  26. What about looking at source code- or message source? Is that a safe way to check out an email before decidign whether to open or not?

    Reply
  27. “Never open an attachment unless you expect it, you’re positive you know what it is, and you trust the sender.
    Never click on a link in an email message unless you’re positive you know where it’s going, and you trust the sender.”

    Those 2 points can’t be stressed enough. A spammer can sent an email with a malware attachment or link and make it look like it came from a trusted contact. So I’d say trusting the sender is not enough. Just don’t open any attachment unless you were expecting it, even if it comes from a “friend”.

    Reply
    • “Another layer of protection is to set Windows File Explorer to turn off hide extensions for known file types. ” – Or a company. Fake invoices are a pretty popular popular ways of spreading malware and some of the emails can be very convincing.

      Reply
  28. Another layer of protection is to set Windows File Explorer to turn off hide extensions for known file types. It’s a stupid default which allows hackers to disguise executable files as .jpg or .pdf etc.

    Gmail is great for this, as it refuses to send or receive emails with executable files, even hidden within .zip or .rar files. If you ever need to send an executable file in Gmail, change the extension and tell the recipient to change it back to .exe. That way they’ll also know that you’re are sending them the file and you can let them know what it is. A better method, however, would be to send it via Dropbox or OneDrive etc.

    Reply
    • Technically you are correct, but the average user or even tired experienced user might not pay attention to that.

      Reply
  29. Dear Leo,

    When I read all these comments I´m really astonished viewing that in the USA there are that much problems with viruses and malware.
    I´m living in Portugal (Europe) and I´m paying for Avast Premium and for having Malware Bites. I´m using also the protected browser from Avast
    and never have any problem with viruses or malware. The only thing that Malware bites is blocking are PUP´s….for the rest my computer is clean.

    From a map about risk zones in Europe it appears that Portugal seems to be in a low risk zone. Could that be the reason all is running that smoothly?

    Reply
    • Low risk zone sounds like a reasonable explanation. I think it could be like the Mac vs. PC issue. Macs have been less targeted for viruses because they are a smaller market share, and so more work and less lucrative than PC’s to attack. I’m sure the US “Market” is much more lucrative, and thus we get more attacks.

      Reply
  30. Why not add paypal as a method for folks to support your site?
    I started to do so today, but did not want to enter any credit card info.
    Just a suggestion…

    Reply
  31. I noticed the ad for the CyberPower Intelligent LCD Series UPS in the latest newsletter that lead me here. While I’m sure it’s a fine product it suffers from what I consider a near fatal deficiency; that is nearly all of its outlets are spaced close together. Unfortunately this is a universal affliction of these types of devices.

    I have found that a permanent supply of 1foot extension cords with a pass through plug on one end (like on Christmas tree light strings) are really useful in overcoming this problem. I have 5 wall wart type supplies connected to my UPS and it isn’t possible without these helpful little cords. You can either connect your wart to the end of the cord and still have the receptacle at the back of the plug available or in many cases you can plug the wart into the pass through plug if you have a conventional plug in the receptacles on each side of it.

    You can see what I’m talking about at: https://www.cyberguys.com/product-details/?productid=113741&rH=1214. I have no connection with these folks and Amazon has similar products from Ziotek.

    Now, of course, you have to decide if I’m a kook and have created a malicious Cyberguys link to lure you in to some malware trap. If you’re leery Google “power strip liberator” or Ziotek cords. Your choice.

    Reply
  32. For dubious email links and attachments I sandbox the web browser(Chrome) using free version of Sandboxie or my email reader. (Outlook)
    I have not run a real time malware program since Microsoft stopped supporting Defender et al.
    I run Malwarebytes , Adwcleaner and Hijackthis every few months just in case. Nothing found for the last few years.

    Reply
    • None of those programs you mentioned are real antivirus programs. If you don’t run a real-time antimalware program, you might consider running a periodic antivirus scan with one of the popular free AVs such as Antivir, Avira or AVG,

      Reply
      • I realise this Mark :)
        The point of the exercise is to demonstrate, to myself at least, that malware normally requires some input from the computer operator.

        Reply
        • I hope you keep good up to date backups. Since the turn of the millennium, I’ve only got hit with malware twice. Not bad, but when hit it still would have been very serious. Both times, I simply restored from my backup. Even so an AV program is a good idea. The most effective malware sits on your computer quietly doing its damage like stealing passwords or sending spam etc. I

          Reply
  33. hi mark i opened an email and attachment on the computer at the local library,and then quickly deleted it, i suspect it could have had spyware in it. could it be possibly it has planted spyware on my home computer even though i opened and deleted it at the library?thanks rob

    Reply
    • Unless you accessed that email on your computer, it wouldn’t have infected your computer. In order to get infected you have to run that malware program on your computer. And libraries that do security correctly, use software which reloads the OS from scratch daily. It’s still a risk using a library computer as it can contain key loggers or malware which might steal your logins and even if they are doing it correctly, you might get hit after malware has hit the machine earlier that day.

      Reply
  34. Hi Leo, I too opened an unknown email with no links or attachments via the yahoo mail app but am know a lot less worried thanks to your thread. I’m not the most computer savvy however with things like this so I have a few questions that I would appreciate you or your team could help me with.
    1 the message simply asked how I was and am i right in assuming that it was sent to verify if my email address was live so the source could send more emails in future?
    2 I clicked reply to see the email address it was sent from but didn’t actually send a reply. Was that OK to do?
    3 Does it matter how many times you open an email like that? and am guessing no?
    And finally…
    3 regarding AV programmes is avg free sufficient for protection or is Avg pro or similar programmes that you have mentioned in this thread essential?

    Reply
    • 1. That’s a reasonable assumption.
      2. Unless you click send, it only creates the email and sends nothing to the spammers.
      3. Leo recommends the built in Windows Defender (or Microsoft Security Essentials for older versions of Windows), although he also has good words for AVG, Avast and Avira.

      The free versions find malware just as well as the paid versions. The paid versions have more features. You’d have to decide whether you find that you want those features. Personally I’m happy with Defender and the built in Windows firewall. I have Malwarebytes and a Avira installed, but not in real time scanning mode.

      Reply
  35. A small number of my email subscriptions have advertising feeds that are not controlled by the email sender, just like you see on many websites. Can you get malvertising problems from those? Due to that concern I allow Thunderbird to block the remote content in those messages.

    Reply
    • You wouldn’t get any malware from the remote site unless you clicked on that link and went to that website. Blocking remote content would further protect against even seeing that web content in your email. Most email programs and webmail sites automatically block downloading remote content. It’s a good idea to keep that block in place and on a case by case basis allow remote content from sites you trust.

      Reply
  36. Leo wrote: “Viruses are usually attachments, but they;re often also transmitted by links in the email that people click on”.

    Can you elaborate on what happens when a link is clicked? Does just going to the site transmit viruses or malware or is further action (e.g. download) required?

    Reply
    • Both. Sometimes simply visiting the site is enough, depending on many things. More often, though, it’s a download that they somehow trick you into actually running. (For example a fake Adobe Flash update.)

      Reply
  37. I just opened an email message that my account was hacked and the name was my main email account, it said on the message that the timer starts when i opened the message, I am in trouble rn and I can’t calm down tbh, I just deleted it right after reading the message, there was no links or attachments to it, just a full message concerning about my email and such. It did actually knew my password though i already changed my password on before the hacker even send the message earlier

    Reply
  38. Thank you for the reply, I can rest in peace now, well not literally but yeah
    The link you gave me is actually what happened with me earlier, thank you so much for linking that
    I will be more careful from the future.

    Reply
  39. Received an fake confirmation email saying “thank you for your purchase “ with a bunch of numbers , It looked off but I opened it and it automatically started a download I clicked off it fast . Has the phone been hacked ?

    Reply
  40. Hi,

    What’s with previewed JPGs though? If one of those “I Hacked Your Device”? emails is landing in your inbox… Some of these don’t contain text, but just an image, usually a JPG. If the mail app displays/previews the JPG (as it’s not set to just receive PLAIN-txt), can the machine (macOS) get infected by just previewing/displaying the file? As opposed to a user actually double-clicking and “opening” the file? Isn’t it opened > meaning “running” already when previewed?

    Thx.

    Reply
    • You wouldn’t get malware from a .jpg image file. If it’s opened as an image, it wouldn’t execute any malware program even if one were hidden in the .jpg file via steganography (hiding a file another file). Although, it it’s a remote image, it can alert a spammer who sent it that your email address is valid which can result in receiving more spam.

      Reply
  41. Hi Team Leo,
    I had an eyebrow raising email experience earlier today. Opened my gmail account and after opening email from a near neighbour (with whom I have had a recent dispute) the email started moving up and down on the screen as if someone else had control of the pc or was somehow viewing the same screen and using the vertical slider button on side of screen to cause the page to slide up and down (I took my hand off mouse entirely and it made no difference).
    As this near neighbour has a computer geek son could they have somehow gained this level of control as a result of exchange of a few unfriendly emails in the past week? There were no attachments or links involved, just plain text sent and reply emails. Are there any special scans or other things I should do to ensure the privacy of my email account has not been compromised as it includes financial and personal information not for viewing by others particularly bad near neighbours. Thanx & regards. Peter

    Reply
    • Extremely unlikely. More like dirt in the mouse, or phantom (or not-so-phantom) touches on a trackpad. Clean the mouse, reboot the computer, and I’d expect things to return to normal.

      Reply
  42. Technically you are correct, but the average user or even tired experienced user might not pay attention to that. overall article is best

    Reply
  43. I’m not a technical person. I get emails/messages notifications I have viruses. Run apps that say no threats/viruses. What do I do?? Battery effected I think. Will factory reset help? Help!!! Please!!!

    Reply
  44. At times I find it necessary to attach documents or images to my email, with a person, or some firm, government agency, or service. I have read that PDF is a safe way to do so, and, thankfully, on my laptop, it’s easy to arrange. You convert documents and even images to PDF by hitting Control+P, choosing to save in PDF format, and downloading.

    I’m wondering however if my information is correct that PDF is safe and if so, whether in general people are aware of that and not put off by receiving and opening a PDF attachment as they might be by an attached image.

    Reply
  45. Thanks Leo. I had one other question about attachments. Is there any difference between opening an attachment of an email downloaded to your computer, eg, by Outlook, versus opening an email attachment if you don’t download your emails to your computer, eg, you view gmail on mail.google.com? Is the latter safe to do?

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.