Recently we’ve been focusing on email security risks regarding viruses. We’ve examined Viral email attachments and forwards, and today we look at the most well hidden kind of virus of them all: a virus hidden in the email body.
Viruses inside emails… how do they work?
Malicious content can be found inside the body of an email. These days, HTML is such a common element of emails, because it is used to embed pictures and links into the message body. However, HTML can also be used to embed viruses: scripts that execute automatically and can subsequently infect your computer with a virus. That’s why so many mail programs block HTML display by default and users must click a button to display the content, depending on whether you evaluate the content as being from a trustworthy source. As a rule, this precaution should never be turned off.
Hidden viruses in URLs
Surprisingly, an innocent looking URL could be a virus in disguise. While you may see a harmless link that leads you to a website, it could also execute a viral script or even link to a completely different URL that exposes you to a self-downloading virus.
The same rule applies to this as to email attachments: never open an attachment from an untrusted source.
The reason why the various tactics like malicious attachments and hidden html work is because the entire email is designed to fool its recipients. Users tend to be looking for useful information or to solve a problem and an email that offers up this facility on a plate is the best way to fool an email user.
Keep these points in mind:
– Don’t make quick decisions when filtering email
– Don’t trust suspicious or unexpected sources
– Don’t participate in email forwarding
– Don’t open suspicious attachments
– Invest in thorough email security to prevent these emails getting through in the first place