|
Rule 2: Intent
- An executable type attachment should not be opened unless it was
specifically requested or expected.
Since email worms are sent to
addresses found on infected users' machines, just knowing the sender
is no proof of intent - they may well be infected. In fact, odds are
an email worm will arrive from someone you know and the sender is
oblivious to the viral email being sent from their machine. Worse,
today's worms spoof the From address, so it may well be that it's
not even from the person you think it is. If there's any question as
to the intent, see Rule 3 below.
Rule 3: Necessity
- This is the simplest rule to follow, but one that many people
ignore. If you do not need the attachment, don't open it. Delete the
email instead.
Rule 4: Secure your client
- To date, many email worms and viruses have taken advantage of
security vulnerabilities found in Microsoft Outlook and Outlook
Express. However, any mail client that supports HTML and scripting
should be considered at risk.
Rule 5: Patch your system
- Microsoft routinely releases approximately 100 security patches
per year. Keeping abreast of these and understanding which are
applicable to your system can be a daunting task. To help ease the
pain, Microsoft provides a
Windows update site.
The site will automatically scan your system
and provide a list of recommended updates specific to your operating
system. Install any updates marked as "Critical". And remember -
security is never passive. It's an ongoing process and new
vulnerabilities are constantly discovered. Visit the
Windows update site
monthly to ensure all necessary patches are installed. |
