HOME
TOPICS
ABOUT ME
MAIL

 
Never open an attachment unless you know the person who sent the file and know what the file is ñ and, most importantly, never open it unless you asked the person to send it.
  technofile
Al Fasoldt's reviews and commentaries, continuously available online since 1983

Sircam virus victims ignored a simple rule


August 1, 2001


By Al Fasoldt
Copyright © 2001, Al Fasoldt
Copyright © 2001, The Syracuse Newspapers

   If you've opened the Sircam virus attachment recently, you're probably suitably embarrassed. This new Windows virus doesn't do anything unless you double click on the attachment that accompanies the e-mail letter.
   Opening the attachment sets off a dismal series of dumb-luck events as the virus mails itself to everyone in your address book. It also mails out a random file from your "My Documents" folder. (Yes, that means your personal, private files aren't personal and private when you use a PC running Windows. Any clever virus writer can view them or send them to the rest of the world. )
   I wrote about Sircam as soon as it reached a peak, and in the days since that article I've been asked repeatedly how such an attack could have been prevented.
   The answer is simple. The Sircam virus would not have sprung to life if the person reading the mail had left the attachment alone.
   Let me put that in plain language:
   The virus hides in an attachment. If you open the attachment, you're doing a bad thing. On the other hand, if you delete the e-mail letter and then empty the trash in your e-mail software, you'll kill the virus and everything will be OK.
   The operative word here is "open." This is one of those computer gobbledygook terms that never seem to get explained properly, so here goes.
   E-mail is not just a bunch of words in a letter you get from your sister-in-law. E-mail letters often have two parts. There's a visible part and a hidden part.
   The visible part is the message itself. You get a note from Kimberly or Jason and you read it and that's that.
   The hidden part is the attachment. The only sign of an attachment in most e-mail programs is an icon somewhere in the window (at the bottom or at the top, maybe). You might also see a paper-clip icon.
   An attachment can be any kind of file. It can be a photo, a program, a Microsoft Word document or anything else. It can also be a virus, of course.
   Attachments just sit there. They're dead weight. You have to do something with them in order to use them.
   That's what "open" means. You open the desk drawer to see what's inside. You open the soup can to start heating up your lunch. You open the file ñ you tell Windows to activate it ñ to make use of it.
   And that can be very bad news. When the attachment is a virus, opening it means telling it to spring into action.
   And that's why you have to be careful with attachments. Some of them might be safe. Others might be deadly computer viruses. You literally never know. Viruses can hide as normal files. They can seem to be homework assignments from your teacher, pictures of the kids from Aunt Betty or a new MP3 song from your friend Sue.
   And the only way to treat them is to follow this rule: Never open an attachment unless you know the person who sent the file and know what the file is ñ and, most importantly, never open it unless you asked the person to send it.
   The Sircam virus might have been sent by someone you knew ñ after all, it's been infecting Windows PCs all over the world, and that means your friends might have been victims ñ and the attachment might have seemed like something you wanted. But nobody who opened the Sircam-infected attachment followed the third part of the rule.
   
   Next: Why Windows makes viruses like Sircam inevitable, and how to make one change in Windows that will give you a fighting chance to keep such viruses away.