Why my pc was never infected by viruses, worms and trojans from email attachments

Long before my blogging days, I have always read from the forums I frequented, read from websites and in signs in most internet shops that I should be very careful of any email I receive that has an attachment.

They were right, because back then and even up to now, viruses, worms, trojans and other badware are spread through email via attachments. However I was a bit puzzled. If that were really true, then how come my computer has never been infected by such badware when in fact I had the habit of checking out what those email attachments were. Plus, the rise of email groups which we used in classes to share notes, lectures and readings also needed to have a look at attachments to emails I’ve received.

I’m not kidding, the only way my computer was ever invaded by viruses, et. al were through infected diskettes and later on flash drives from my classmates and friends or from the internet shops I visited. Thankfully, despite the many invasions, my anti-virus programs have successfully fended off any badware that has ever managed to touch my computer.

Still, I was puzzled as to how come there are still reports, stories and warnings about the spread of new destructive viruses via email all over the world? My friends, classmates and teachers were being infected too and even consulted me on what to do once their PCs have been ravaged by badware.

I helped them clean-up their PCs, encouraged them to use the same anti-virus tools and other security apps I use and even repaired the PCs of some of them. Still, they get infections from email attachments.
This prompted me to think deeper into the matter.

Since we were practically using the same set of security apps (AV, firewall and other tools) what else could be considered as a “point-of-vulnerability” or entry on their PCs.

The answer dawned upon me when one of my friends while using my desktop computer asked why Outlook was in such a ‘pristine’ state, he accidentally launched it and the auto-configuration wizard greeted him. I answered, “What is Outlook for anyways?”

Yes, though I’m geek and a blogger, back then I have no idea what Outlook was for. Going back, the conversation went on like this (I’ve already translated it into English and restored it from my half-life memory)

James: You don’t know what Outlook is for? It’s an e-mail client.

Me: What’s an email client?

James: WTF? You’re a geek and you don’t know what an email client is?

Me: Dude, I’m a geek but I did not invent the internet, email or an email client.

James: It’s a program that handles your email for you. With it you don’t have to be online all the time to read and reply to email.

Me: Sounds cool. But why use an email client when I could access my email using a web browser?

James: But you need to be online to do so.

Me: But isn’t that how email works? You need the internet to do email.

James: Not with an email client. Like Outlook, it downloads all you email on your computer so that you can read it even when you’re not connected to the internet. When you make replies to email, it saves it so that when you do get back online it then those replies are sent.

Me: I see. That is neat. But wait, when you say it downloads all your email on your computer does that mean the attachments are included?

James: Of course, what good is an email client if attachments wouldn’t be downloaded as well.

Me: Aha! That’s it!

—–

And that is the “point-of-entry” I’ve been looking for. That’s the explanation why warnings about opening email attachments still prevail to this day. That’s the reason my PCs have never been infected from an email attachment. All this time I’ve been accessing my email directly on the internet where my email providers (Hotmail and then Gmail) were scanning the attachments for me. My ignorance of email clients have been saving me from viruses, worms, trojans and other badware that is the scourge of using computers since time immemorial.

I’ve recently installed Mozilla Thunderbird on my notebook, just to try it out. After a few days, I was back to using Gmail on the web browser. It’s so much better and safer.

5 Comments

    1. Outlook Express comes with Windows and is just an email client. While most people that I know don't use it, those that do usually use it for IMAP accounts, since it is still just about the best email client you can use for IMAP. They also use it for backing up their saved mail from Gmail.

      Outlook is part of MS Office and is the most popular email client in corporate environments, mainly because it's more than just an email client. It is also a calendar, scheduler, PIM, ToDo list, and a lot more, and offers syncing with PDA's through ActiveSync.

      And since it is part of Office, it is well integrated into other Office applications, like Word, and allows you to share a single addressbook with those applications. That can be really handy when you want to mail a letter to a number of people in your Outlook addressbook and print out the envelopes with the names & addresses on them, easily.

      apps last blog post..When Grandma died, she took her Christmas cookies with her

      Reply

  1. I used Outlook Express for about a week, till something nasty was downloaded automatically in some spam email and I had to go through the trouble of removing it. Luckily my computer didn't get infected by it because it was never executed, just downloaded. I went back to webmail pretty quick after that.

    It's not just Outlook/Outlook Express that can cause an issue. Email clients like Thunderbird and The Bat! can, as well.

    That is only one way people get malware on their computers through email. The usual problems with email attachments is when people get files from unknown sources or other infected people that look like fun little games or flash files. They don't think and download them and run them and get infected.

    Also, many have the settings in Windows set to hide known file extensions and don't know they are clicking an EXE. They see "picture.jpg" in Explorer and don't know the real file extension is hidden and the file is really "picture.jpg.exe" or some other type of malware file. Never hide your file extensions!

    Today there is an increasing problem with malware getting on PC's through flash ads. That's right…your favorite site could be delivering you malware and not even know it. There has been at least one ad appearing on sites that use Adsense that has been responsible for infecting people. The ads on MySpace have infected millions.

    As a webmaster, do your site's visitors a favor, if you can, and only use text based ads in Adsense, and never agree to any type of flash ads on your site.

    As a PC owner, use some sort of flash blocker when surfing the web and only activate flash files if you positive that they are safe. From what I understand, there is no flash blockers for IE, so using IE can be pretty dangerous, in this respect.

    Also, make sure your Java is up to date and uninstall the older versions in Add/Remove Programs. Old versions of Java can be dangerous. And Java doesn't remove old versions automatically, when you upgrade. You have to do this yourself.

    There is a vulnerability in an older version of Java that lets malware be installed on your PC. This is how Winfixer, Virtumundo, Vundo gets on computers, mostly through ads on sites. If you have ever had that, you know how nasty it can be and how hard it can be to remove (not all antiviruses can detect it and very few can remove it)…and now you know how it got on your computer and what you have to do to prevent it from happening again.

    apps last blog post..When Grandma died, she took her Christmas cookies with her

    Reply

  2. I am using Mozilla Thunderbird for some time now. Hindi naman ako na-iinfect ng mga virus mula sa app na yun. Sa usb thumdrives at diskette mas possible pa… I don't think Thunderbird is not automatically downloading attachments from the internet. Kelangan ko pa i-download kapag nabasa ko yung emails e…

    Reply

Leave a Reply