Finding Out If You’re Infected
BackBy Avner Izhar — November 2009
Q: I opened an e-mail with the subject line “A virtual card for you” and later realized that I had seen a warning message in a different e-mail that said the “virtual card” e-mail contains viruses. How do I know if my machine was infected?
A: Have you clicked on the link inside of the e-mail? Opening it by itself is usually not a problem, but following links or clicking on pictures is dangerous.
This particular e-mail is most likely nothing, but e-mail-based cybercrime is a real threat that should be taken seriously. You should have a few lines of defense against viruses and also be cautious about what you do and don’t do. A cautious user can avoid many traps.
Your lines of defense are built from a network firewall, which is usually not found in the home-user environment but is a common practice in an office environment. You should use a personal firewall, which is included in Windows versions since Windows XP Service Pack 2, but is also available as a third-party product from McAfee, Symantec, Check Point and many others. Also, you should have updated antivirus software that has plug-ins for e-mail, Web browsing and spyware scanning capabilities. Last but not least is patching your operating system with Windows update or the equivalent for your specific operating system.
With all these installed, you are still vulnerable to cyberattacks, but you are protected against 95 percent of them. What is that remaining 5 percent? That’s what’s known as zero-day attacks, which take advantage of vulnerabilities that are unknown to antivirus vendors and software manufacturing companies.
Finally, the last line of defense is the user. You should not open e-mail messages that look suspicious or come from unknown senders, and you should never click on links in e-mail messages of this sort. Especially don’t click on a link that says something like “Click here to accept your 100,000 euro lottery prize” for a game you’ve never heard of.
As for the e-mail mentioned in your question, this specific e-mail warns people not to open another e-mail message with a subject line of “A virtual card for you” and includes this description in its body:
“A new virus has just been discovered that has been classified by Microsoft and by McAfee as the most destructive ever! This virus was discovered yesterday afternoon by McAfee and no vaccine has yet been developed. This virus simply destroys Sector Zero from the hard disk, where vital information for its functioning [is] stored. This virus acts in the following manner: It sends itself automatically to all contacts on your list with the title ‘A virtual card for you.’ As soon as the supposed virtual card is opened, the computer freezes so that the user has to reboot.”
This is a well-known hoax, an urban legend that has been in circulation via the Internet and scaring computer users since January 2001. This kind of hoax will also include a request for readers to send it to everyone they know.
Meanwhile, however, some e-mail warning messages are accurate and should be taken into consideration and passed on after verifying that they are not a hoax. The verification is easy and can be done by running a quick Google search or by going to sites that specialize in urban legends, like Snopes.com.
It is also important to look at those hoax messages again and verify that previously received messages have not been transformed into an attack by a skilled hacker and are now a real threat.
Avner Izhar, CCIE, CCVP, CCSI, is a consulting system engineer at World Wide Technology Inc., a leading systems integrator providing technology and supply chain solutions. He can be reached at firstname.lastname@example.org.