Information Technology Reference
In-Depth Information
wish in a “From” line or other part of an email message. Although
many email users are responsible when using this capability, some
have chosen to take advantage of the technology for their own
goals. As a result, you indeed have no way to be sure just who really
sent an email message.
The use of scripts within email attachments, which we discussed
earlier, further compounds this issue. As I have already noted, these
scripts can work as programs that run when you try to read the
email messages or attachments. When these programs are running
on your computer, they may have access to some of your materials,
including any address books or listing of email addresses you might
have. If these programs can gain access to your addresses, then they
also can generate new email to those people. As a result, scripts or
programs in an attachment you receive could, in fact, send new
email to your friends under your name. Depending on the circum
stances, you might not even know the email was sent; you could be
reading the email note with little indication that a script was com
municating with your friends behind the scenes!
Why is e-mail susceptible to viruses and worms?
We have already noted that email may contain scripts for send
ing more email to your friends and acquaintances, and these scripts
can be activated when you open an email or attachment for reading.
Of course, such processing is not limited to sending email. Exactly
the same approach could be used to imbed programs in your email
containing viruses and worms. If a virus is contained in an email at
tachment, then opening the attachment likely will run that virus pro
gram. You can see how email is a convenient, efficient way for
viruses to spread; many people open attachments without consider
ing first whether they are expecting the file, if they know the sender
(which, as we discussed, may not be worth anything), or if their
email handler automatically scans attachments for viruses.
The best way to protect your computer from emailed viruses
is, as with browsers, not to give these embedded scripts a chance
to run. Turning off scripting and other automated options in
email-related applications will provide some measure of defense.
Another approach is to employ software filters to scan messages
as they arrive. This approach, however, has its own limitations, as
we will discuss in the next chapter.
 
Previous Page
Next Page
The Tao of Computing
Search WWH ::




Custom Search
Home