return to Qube5 Labs

created 12-17-2001   last updated 11-26-2005
 
Stop your email from assisting the next virus.
 
Why you should MUST use "BCC"
 
 
      BACKGROUND: The Old "Bogus Name" Trick
  There has been advice bouncing around the net about a trick to slow a virus from using your address.
 
The trick involves creating an entry in your address book with the name "!000" (the first character is an exclamation point). Give it a bogus email address name like "!000.virus.warning". This should now be the first name in your address book. Many viruses (viri?) start sending email using the address book, from the top, in sequential order. In theory the virus or worm will try to send to !000 and will be unable because it is not a valid address. Some claim the viral worm will stop at this name, others say it will keep going.
 
No matter which occurs, at the very least you should get an email notification back saying the mail was undeliverable. That will warn you that your computer is infected.
 
Anyway in a nutshell that is what I've seen from a number of sources. Personally I think this is good advice (adding a bogus name to the address book) even if it will only work for viral worms that send sequentially from the address book. Its free, its easy to do, and if it only provides protection 5% of the time then it s worth the cost.

 
The problem is some viruses "harvest" email addresses from actual emails you receive.
 
For example Aunt Jane sends an email to you, your mom, and ten other people. You now have 13 email addresses (Aunt Jane's, your own, and 11 others). You forward the email to 10 more people including your cousin Bob on the coast. Cousin Bob now has an email with 23 email addresses. Cousin Bob forwards the email to 25 buddies on the bowling league, including Ethel from the shipping department and Sid from marketing. Ethel (and the other bowlers) now have an email with 48 addresses. Ethel gets a virus, the virus sifts through her email folders looking for addresses. It finds Cousin Bob's email and sends itself to the other 47 addresses. Perhaps even worse is Sid, who promptly emails the people he does not know with his latest pyramid-get-rich-scheme. (Spammers, you got to hate'em)

 
      I think most of us have seen email that's been forwarded multiple times and has lots of names, most of whom you don't know.
 
Here are some very simple steps to stop this from happening:
 1) get an antivirus program and keep it updated!!! This is not an option YOU MUST DO THIS. If you don't want to pay for a full featured AV program consider getting free anti-virus software at either of these sites:
    http://www.free-av.com/
    http://www.grisoft.com/html/us_index.html    I personally use Grisoft AVG on the home computers
(Grisoft now calls the product AVG Anti-Virus free Edition)
 
Every month or two I encounter a virus on someone´s computer that was recognized over a year ago (most of the time it is SCORES of viruses). This means either the computer did not have AV software or it has been over 12 months since the files were updated. Most of the time the computer has files that are years out of date. The AV software works a lot like the police. They wait for a crime to be reported, catch the criminal, and take a mug shot. The AV software companies make the book with all the virus mug shots available to the individual agents in the field, one of those agents is on your computer in the form of AV software. The agent can always identify a known viruses, that is why its very important to provide it with the current mug shots. (Most AV software companies refer to these mug shots as "virus signatures").
 
Most computers the last few years have come with "free" commercial grade anti-virus software. The problem is it is only free for a few months. After that you either pay up or can no longer get new virus definitions. Do yourself a favor and get Grisoft AVG. It is free for home use and they do a great job of providing updates. Get it, install it, and schedule automatic updating. Your computer will thank you, your email contacts will thank you.
 2) protect email addresses (part 1). If you are sending to multiple people, then use the "BCC:" field to blind copy. This keeps all the other names hidden. Even if everyone knows each other, you are preventing the names from being forwarded to someone else. This takes us to step 3.
 3) protect email addresses (part 2). If you are forwarding an email you can delete the lines that show who received it the first time. Ever gotten an email that was forwarded multiple times and has 138 lines of names and comments like "this is funny". Delete all the excess chatter and you also make it easier to read the meat of the email. (to delete just highlight text with your mouse and hit the Delete key)

Steps 2 & 3 also help in protecting addresses from spammers

 4) periodically email yourself. Add your address to the BCC when sending email, see if anything is being attached.
 5) turn on file extensions. Most people know not to open an ".EXE" attachment. But its becoming common to mask the name. In Windows Explorer turn OFF the option to
     "Hide file extensions for known file types"
Suddenly instead of seeing an attachment called "winner.jpg" (which you might click) you will see "winner.jpg.exe".
And its not just .EXE files that will infect you; .BAT, .COM, .SCR are all examples of executable file extensions. These are just few that can infect a computer if executed.

 
  For the more adventurous of you out there, consider replacing Microsoft Outlook for another email program like Eudora or Pegasus. I currently use used Eudora and liked it. I used Pegasus for a few years and it is quite capable and is entirely free. Eudora offers a free version that display small ads in the lower right corner.
 
The problem with Microsoft Outlook is not that its a bad product. The problem is Outlook is very popular and has security holes. I'm sure Eudora, Pegasus, and all the others have their share of security holes, the difference is the virus writers aim at the largest group. There is not always safety in numbers. If you use Outlook you should at least be aware of which one you have installed. "Outlook" and "Outlook Express" are two very different programs, related only by name and parents. Some viruses are so specific that they work on "Outlook" but not "Outlook Express" and vice versa.
 
UPDATE: I started using Mozilla Thunderbird in February 2004. Version 1.0 has now been released and I whole heartedly recommend it over Eudora and Pegasus.
Get Thunderbird
Get Thunderbird here
 
If you have any questions about how to accomplish these steps please for assistance. Due to high volumes of spam mail besure and put "RE: Blind a virus" in your subject line. Remain vigilant and we all sleep better.
 
technically paranoid,
Qube5 Qube5
Being paranoid I'd like to point out that all software and company names used are probably trademarked and protected by the respective owner. But really who doesn't know this already?
return to Qube5 Labs

©2000-2006 Qube5 Laboratories ¤ Jacksonville, Florida USA    Page last updated 2005.10.16 ±
current date and time current date current time      visits by keyboards counter (counter reset 20051016)