Viruses and Chain letters

"Don't break the chain!"  Since before the advent of computers and email chain letters have been a problem for the postal service.  There are different stripes of chain letters out there:  ones that promise good luck, or money via Pongi (pyramid) scams, ones that swear they'll help you find your soul mate, or guarantee any number of other things.  The one thing they all have in common is that they all try to get you to copy the letter and pass them on to as many people as possible.  The more the better because it'll improve your luck (or get you more money).  Some of them cajole you by saying how great you'll be for forwarding such a helpful letter.  Some appeal to your sense of greed.  Some prod you with fear ("Don't do this and something horrible will happen to you!").  Some of them appeal to your sense of humanity or fair play or even guilt.  Most use the carrot and stick reward system:  pass it on and you get a reward; fail to and you'll get punished.  All, except most Pongi schemes, manipulate your superstitiousness.  Fortunately, I'm not superstitious so I've successfully thrown out literally HUNDREDS of chain letters, both physical and email, and not only am I still standing but it's had no effect on my luck, one way or the other!

One very successful chain email comes from people who are, or claim to be, Nigerian officials.  The person, usually a high-ranking government official, will claim that a VERY large sum of money has been "misplaced" due to instabilities in the government of Nigeria but this person knows where the money really is because he was in charge of it's disbursement.  One way or the other he'll express a desire to do business in the US with this money and, in exchange for you harboring the money in your bank account, he'll give you a generous percentage.  Have you ever heard the saying "If it seems too good to be true it probably is."?  This is one of those cases!  If you contact this person he'll ask you to forward all pertinent info about your bank accounts  (bank name, branch, address, phone, your name, address,  phone, account #, and several other items).  Once you supply the person with all the info there will, indeed, be a money transfer- they will have all the info they need to drain your bank accounts!  Be careful!

In fact, they are a sort of virus as they generally serve no real purpose aside from making certain people rich (pyramid schemes), fomenting panic (in letters that warn of false viruses, the end of the world and whatnot),  and clogging up the email servers.  I suppose those who are really gullible and "break the chain" could indeed view any problems in their lives as a direct result of their inaction and who knows what the end consequences would be to them, their psyche, or the people around them?  A person's obsessions have a strange way of affecting other people in a negative fashion.

While some letters carry a "feel-good" atmosphere they get forwarded and encapsulated so many times that the list of headers and the attachments within attachments within attachments reach ridiculous proportions, destroying the innate beauty of such letters as these.  (I fail to see why people are so lazy that they pass on letters that are in such poor condition.)

In the US chain letters are illegal and I believe there are penalties and fines for people who are caught distributing them.  There are good reasons for this.

Email chain letters are more insidious because there's no easy way to control or punish the malicious people who start them, nor the easily-fooled, the superstitious, or any other category of person who keeps the chain going.  In fact, it's pretty much impossible to stop them.  There's only one way:  we, as users, have to be aware that these things are all bogus.  We have to take control and destroy these chain letters ourselves.  They are no better than viruses.

However, before I delve into viruses and what you can do to protect yourself from them, I want to point out something that can be dangerous: chainmail virus hoaxes.  Some of these letters contain hoaxes about viruses that don't exist and warn you to automatically delete any messages with a certain subject or an attachment of a certain name.  That's ok except for the legitimate messages that get deleted as a result (the subject given is usually a commonly used one in normal emails).  The worst form of chainmail hoax, one that many people fall for, is the virus hoax that tells you to look on your computer for a file with a certain name or icon.  It tells you that, if your computer has the offending file then you've been infected by the virus and you  should immediately delete the it.  You should ALWAYS be wary of ANY email that tells you to delete ANY files on your computer.  At best, you'd be deleting a file that will not have any real adverse effect but, most of the time, these hoaxes target files that are important, or even required, for your computer.  You can, possibly, do damage to your  computer that only an expert can undo, and maybe not even then!  If you get ANY messages from ANY person, I don't care who, warning you of a virus you should always verify the information at the website of a reputable antivirus software maker such as http://securityresponse.symantec.com/avcenter/hoax.html, or http://us.mcafee.com/virusInfo/default.asp?id=hoaxes.  For a list of antivirus software makers go to http://antivirus.about.com/cs/antivirusvendors/.

Remember:  just because it comes from someone you trust doesn't mean it's a trustworthy letter.

Which brings me to the other subject of this message:  viruses.

There are lots of different kinds of computer viruses out there.  Some are pretty much benign or mildly annoying while others can replicate themselves very quickly via email and still others can cause serious problems on your computer.  The vast majority of viruses are acquired while online, perhaps 95%.  Of the other 5% it is possible to acquire viruses from software you purchase although this is rare.  Most legitimate software will not have viruses unless the software developer doesn't keep their antivirus software current.  It's more likely that shareware and freeware programs will have viruses but even this is not too common.  Even rarer is the possibility of getting a virus from hardware you purchase.  But, if the manufacturer of the hardware is careless, or has a nasty person in their employ, it is possible.  Back in the late 90's a major computer manufacturer didn't keep their antivirus software updated and, as a result, many machines they made became infected before they realized it.

As a computer expert once pointed out to me the only real way to keep your computer from becoming infected is to NEVER TURN IT ON.

However, since most people don't buy a computer to use as a paperweight, this advice isn't very practical.

If you never use the internet, buy blackmarket software, or use shareware and freeware then the chances that your computer will be hit by a virus are very small - so small that you probably have little to fear - ever.

Honestly, anyone going online (to the Internet or BBSes or a network or anything else) should be using antivirus (AV) software and a firewall.  To not use these programs is to invite viruses and invasion of your computer by various parties (both hackers and government agents).  The AV program works as a preventative medicine to catch and destroy viruses as soon as they enter your computer's environment.  The firewall works to prevent illegal accessing of your computer by other people on the internet, including blocking backdoors and trojans.  These two programs, along with keeping the software updated (as often as possible, but minimally every week), will make your computer a virtual fortress (although not impregnable) and will spare you lots of headaches, frustration, worry and aggravation.

There are many kinds of viruses that can invade your computer: worms, trojans, etc.  I'm not going to list them or define them for you - look at the info provided on a professional AV/firewall website.

The most common ways of getting viruses online are from emails and visiting websites that are booby-trapped with them.

Normally these are not mainstream, commercial websites but are usually off-the-beaten-path, hacker/phreaker/pirate, or porn websites.  Just be aware that any place you go to has the potential to house a virus, no matter where you go.

Most people, however, get their viruses from email.  They almost always come as an attachment (a file attached to the letter) that starts working when you try to open or run the file.  Usually the file is a .exe (executable) file, a .bat (batch) file, or a .com (command) file, but it can also be a file for Microsoft Office (because of the macros in the Office programs) or other program, a website link, or some other kind of file.

One thing you may want to do is turn off any preview feature your email program has because some viruses activate when previewed.  Check the help for your email program to do this.

If you receive an email from someone, especially someone you don't know, be very careful about any attachments.  Often there will be a misleading subject (eg: "Here's the file you asked for!").  There may be a short letter but often there's nothing.  In addition, most virus emails are not signed with a person's name.  Sometimes an included letter will be nonsensical or simply tell you to "Check it out!  It's really cool!"  Whatever the source of the email here are some tips to tell you if it's valid or a virus email.  The following assumes you don't have an AV program.  If you do then check out any and all suspicious attachments with it!

1. Is it from a stranger?

2. Is the subject one that encourages you to open the attachment?

3. Is there no message in the letter or is it very short, also encouraging you to open the file?

4. Is the letter unsigned?

5. Is the subject or file name pornographic?

6. Does the file look like a game?

If all or most of these are true it's probably a virus  and should be deleted (I don't care HOW interesting it seems!) immediately and completely (highlight the email then hold down shift and press delete to do this).

If the email is from someone you know and fits the description above and your friend didn't specifically (and, preferably, verbally, not by email) tell you they were sending such a file it's probably infected.  Immediately send this note to the sender:  "Hi, I got your email with the attachment named [put filename here], dated [date here], with the subject [subject here].  However, because of the suspicious nature of the letter I am concerned  that you didn't really send me this letter.  In fact, I'm worried that your computer has been infected by a virus and that it automatically sent itself to me (and probably other people) through your email program.  If the file is legitimate please email me so I can proceed to check it out.  But, if it's not, please tell me (and everyone else in your email address book) immediately because it's a virus and it's infected your computer!  Thanks so much!"

If it's suspicious then you should be suspicious.  Just because the letter says "Try it, it's great!" doesn't mean you should try it.  After all, if I offered you cyanide and said "It's great, try it!" would you?