 |
|
| Automated PC Solutions |
| VACM - Virus Alerts for the Common Man |
|
|
||||
|
||||
| VACM Home | APCS Home | Links | ||
|
||||
|
||
|
||
 |
||
|
||
|
||||||||||||||||||||||||||||||||||||||||||
In this issue:
------------------------------------
- A "cure" to protect Outlook from email viruses is bogus.
Many of our subscribers have gotten the "!000" email and
have asked about it.
Have you seen the "!000" email yet? Here's why it won't work.
***************************************************
* The Bottom Line
***************************************************
There is a supposedly "ingenious" plan for making Outlook impervious
to email worm viruses going around. This scheme sounds good, but it
was obviously written by someone who knows just enough about computers
to be dangerous. The email looks something like this:
> Here is something I learned today. A computer trick today that's
> really ingenious in its simplicity.
>
> As you may know, when/if a worm virus gets into your computer it
> heads straight for your email address book and sends itself to
> everyone in there, thus infecting all your friends and associates.
> This trick won't keep the virus from getting into YOUR computer,
> but it will stop it from using your address book to spread further,
> and it WILL ALERT YOU to the fact that the worm has gotten into
> your system.
>
> Here's what you do:
> First, open your address book and click on "new contact" just as
> you would do if you were adding a new friend to your list of email
> addresses.
> In the window where you would type your friend's first name, type
> in !000 (that's an exclamation mark followed by 3 zeros).
> In the window below where it prompts you to enter the new email
> address, type in "WormAlert." Then complete everything by clicking
> add, enter, ok, etc.
>
> Now, here's what you've done and why it works: the "name" !000
> will be placed at the top of your address book as entry #1.
> This will be where the worm will start in an effort to send itself
> to all your friends.
> But when it tries to send itself to !000, it will be undeliverable
> because of the phony email address you entered (WormAlert). If
> the first attempt fails (which it will because of the phony
> address), the worm goes no further and your friends will not be
> infected.
>
> Here's the second great advantage of this method: if an email
> cannot be delivered, you will be notified of this in your Inbox almost
> immediately. Hence, if you ever get an email telling you that an email
> addressed to WormAlert could not be delivered, you know right away
> that you have the worm virus in your system. You can then take steps
> to get rid of
> it!
>
> Be a responsible email user and do this.
***************************************************
* What You Should Do...
***************************************************
Be a responsible email user and don't believe everything you hear.
Check it out. Ask us, or someone you know who has been a computer
programmer for at least 10 years.
If you haven't already, take the precautions we have published on the
VACM archives home page. These methods, WILL stop email script viruses
from running in the first place. Specifically, read the instruction
in the "Do This First..." article at The VACM Archives
The Real Deal (let others know about this, too)
-------------------------------------------------------
Regarding this "!000" scheme, delete the email, or, better yet, hit
"Reply All" and let everyone else this bogus cure was sent to know
that it is no cure at all and will only give everyone a false sense
of security.
If you do reply to everyone that received this "miracle cure", feel
free to copy and paste the explanation paragraphs below into your
reply email.
Why it absolutely won't work...
-----------------------------------------
The "!000" scheme sounds quite logical to anyone who is not a software
developer. However, we assure you that this plan will do absolutely
nothing to stop a worm virus from sending itself to EVERYONE in your
address book. It WILL, however, give you a false sense of security if you
believe that it is a valid cure and proceed to follow its instructions.
As a programmer who has developed a lot of software that processes
the sending and receiving of email, I will tell you why this will not work.
The fact that an email worm sends to an invalid address will not stop
it from scanning and sending to the rest of your address book.
Unless the worm actually does some fairly complicated error checking to
verify that each "SendTo" address is valid (and this is not 100%
guaranteed do-able anyway) and unless the worm then ended its own
execution because of the invalid SendTo address, the worm will simply
keep on sending to all the addresses in your address book.
Think about it. Why would anyone write a virus that made sure all
the email addresses are valid? Even more unbelievable, why would a
virus writer make his virus stop sending when it hit an invalid address?
They wouldn't. They want the virus to plow through all your addresses
and whatever gets sent, great, whatever doesn't, so what. They have
spread their little virus to most of your friends, and that is
really all they are after.
What you can do...
-----------------------------------------
Here are some things that WILL actually be effective. My company
provides the "VACM" virus alert service for our clients and newsletter
subscribers and we have long advised folks to do several simply things
to "harden" their systems against email viruses.
First, add your own email address to your address book. If you get an
email virus, you will be one of the people who receives an email that
gets sent out by the virus. Having been alerted to the fact that you
now have a virus, you can then take steps to fix the problem.
Second, whenever you have an email with an attachment, NEVER double-click
the attachment. If you decide you MUST open an attachment:
1. make sure your antivirus is up to date and running !!!
2. then Right-Click on the attachment and select "SaveAs" from the
menu that pops up. Select "Desktop" as the place to save the attachment.
By doing this, a new file (the attachment) is created on your desktop
and whenever a new file is being created, your Antivirus "wakes up" and
scans the file. Basically, by doing this, you give your antivirus
software a chance to look at the attachment and scan it for virus code.
Third, the other crucial thing to do is also simple and involves
changing a few of your Windows settings.
By default, Microsoft ships Windows in a very vulnerable state in terms
of its settings. There are 3 simple things you can change.
These are outlined at The VACM Archives in the first 3
articles, starting with the one entitled "Do this first...".
If you visit our site to get the instructions for your Windows
settings, you will note that there is also a link where you can sign
up for our "Virus Alerts" newsletter. We send out alerts and remedies
in plain english as a service to our clients and subscribers.
All are welcome.
Best Regards,
Marc Deschenes, VACM Editor
The VACM Project at
Automated PC Solutions
|
*** Be sure to check out the appendix at the end of this alert
******** APPENDIX - Handy How-To Tips ********** * How To Boot into Safe Mode Shut the computer down so that the power is off.
|