There are three basic
types of email virus: an attachment virus, a HTML virus, and a MIME virus. What
makes a virus launch its attack depends on the type of virus it is.
Attachment virus
An attachment
virus is, as its name would imply, a virus that is hidden in an
attachment to an email such as a photo, movie or data file.
Attachment viruses are
the most common types of viruses. They only run when you click to open or save
them to your computer.
The name of the
attachment is always disguised in order to hide its true nature. Photos will
seem to have the usual.jpg ending. However these will also have an additional
extension, such as.vbs.
For example, a photo
could have a file name like party-1.jpg.vbs. This identifies the file as a
Visual Basic script, a type of program. However the receiver just notices
the.jpg ending, assumes it is a photograph and, eager to find out what went on
at the party, opens it without checking further.
HTML virus
A HTML virus refers
to active content code. Active content is content on a
website that is either interactive, such as a form for filling, or dynamic,
such as streaming video.
You use active content
whenever you buy something on the internet, fill in a form, vote in an online poll,
or watch a movie without having to download it first. The code for active
content consists of small programs usually written in JavaScript or ActiveX.
A HTML virus is launched
when you open the message to read it. Indeed, merely displaying the message in
a preview window can also activate the virus.
MIME virus
MIME is short for multi-purpose
internet mail extensions, a specification for formatting
messages so that they can be sent over the internet. MIME enables you to send
and receive graphics, audio, and video files via the internet mail system, as
well as text.
MIME messages contain MIME
headers. A header refers to additional date placed
at the beginning of a block of data being transmitted. Common headers include
fields for 'To:', 'Subject:', 'From:', and 'Date:'. There are further headers
for specifying other attributes such as content type', sending time, and
receiving times at all the servers through which the email passed through on
its way to you.
The creator of a MIME
virus simply introduces the virus into the header of the email. The rogue
programmer fills the email header with more information than the buffer memory
in Outlook Express can hold.
When the email is opened
in Outlook Express, the buffer runs out of room and the overflow (which contains
the virus) spills into the stack memory. The stack memory is that part of
memory programs that is run by the microprocessor. Thus the virus is executed
instead of legitimate code.
The MIME virus can run
even if the email is not opened. The code in the header can tell Outlook
Express that the message is a.wav file (a Windows format for audio files) when
it is something else entirely and Outlook Express will automatically execute
the virus.
Mischief-making
The first thing a virus
hidden in an email does is replicate itself. It will search your address book,
emails, documents, and indeed any file it can find for names and email
addresses.
The virus uses the
addresses to send duplicates of itself to your family, friends and business
associates using the same email in which it arrived. To make itself harder to
trace, it may put a name plucked at random from your address book in the
'From:' field in the email. Within minutes of being opened, the email virus
will have propagated itself to hundreds of other computers.
The virus may dump its
payload... anything from taunting messages, through the introduction of
sophisticated spyware, to destroying the content of your hard drive... as soon
as it has replicated itself or it may wait for a triggering event (such as a
particular date or action).
Paul Kennedy is
the marketing manager of Jupiter Support (Ireland). He can be
contacted by email to paul@jupitersupport.ie. You can also go to jupitersupport.ie where
you can use chat or Skype to talk with a technician free of charge.
Alternatively you can call 0766803006 to speak to a technician
and get free advice. Jupiter Support only charges a fixed fee of€19.99 to
rid your computer of any and all viruses on a no-fix/no-fee basis.
Article Source: http://EzineArticles.com/?expert=Paul_D_Kennedy
Article Source: http://EzineArticles.com/8179187
No comments:
Post a Comment