Helping people with computers... one answer at a time.
It used to be possible that simply viewing a malformed email could allow a virus to spread, but that's no longer the case with modern mail programs.
New malware (including viruses) appears every day and it seems like they're constantly getting smarter and craftier. And of course, each new piece of malware is an opportunity for even more people to become infected.
In the past, asking if you could catch an email virus just by reading your email would get laughs from the techie geeks in the crowd. "Of course not!" they would giggle.
Then came Outlook. Not only could opening an email infect your machine, but for a while, you didn't even have to be present to do it.
And the geeks stopped giggling.
For a while.
Fortunately, today things are different.
•
Of HTML, DHTML and Javascript
HTML is the "language" of the web - it's the way web pages are encoded and described to your browser so that it can draw, display, and make the web pages appear as the designer intended.
DHTML, for Dynamic HTML, and Javascript, a programming language, added to HTML something it didn't have by itself: the ability do do things. By "doing things," I mean things as simple as turning this portion of this sentence red when you move your mouse over it to interactive games that you can play in your browser.
Your browser and the HTML that was displayed in it became a platform for computer programs.
Then along came email.
HTML email
Email used to be plain text only and much of it still is.
But someone had a bright idea: what if we made email more flexible and gave it all of the richness of HTML formatting? In HTML-formatted email, words can be bold or underlined and we can put pictures in it, and much much more.
Email could be "pretty" and as complex as a magazine page.
And since many email programs simply used the same code as the web browser, email messages could now do things.
Then along came malware.
Malware in email
If email could "do things," like run small programs within the window in which they were being viewed, it didn't take long for hackers to exploit this and start writing malware that not only took advantage of that, but also exploited other vulnerabilities that those programs could access.
Vulnerabilities that would allow them to infect your machine with more malware.
Simply because you opened your email and looked at it.
Before it got better, it got worse.
Then, along came Outlook.
The Preview Pane's Role
I say "Outlook," but in reality, any email program that offered what we now call a "preview pane" could be vulnerable. Outlook was simply one of the earliest and one of the most popular.
The scary scenario worked like this:
-
You leave your email program open on a view of your inbox with the preview pane showing.
-
You have the "most recent" email selected and its contents are shown in the preview pane.
-
You leave.
-
You get more email. Outlook dutifully keeps the selection at the most recent and updates to select the newly arrived message1. As a result, it also updated the contents of the preview pane with the contents of the new message.
-
If the new message contained malware that infiltrated by trying to execute Javascript, that would run and infect your machine.
Your email program "looked" at a message and your machine was infected and you weren't even there.
Fortunately, that didn't last long.
Modern email programs and sites don't do that
Needless to say, that possibility was fixed quickly.
The most dramatic fix is that Javascript and almost all other scripting that might be used to allow an email message to "do something" no longer works. Period. For good or for evil, you can't put scripting into an email message and expect it to work.
Along the way, the vulnerabilities related to email-based exploits2 have also been getting fixed - regularly and quickly.
Add to that the images aren't even displayed by default by most email programs any more (for reasons related to spam, but it also increases your security with respect to malware) and today's situation is very, very different.
You cannot get infected by just looking
Opening an email is a safe thing to do.
Having your preview pane open is a safe thing to do - even if you're not around.
Email programs and email services now no longer allow the things that once upon a time made looking at an email risky.
However...
You CAN get infected if...
The one thing missing from the discussion above is: attachments.
The ability to attach an arbitrary file to an email message actually pre-dates HTML formatted email. It remains a convenient way to transfer a file from one place to another.
Unfortunately, the word "arbitrary" is appropriate. Any file can be attached to an email, including programs that would infect your machine with malware.
That's why one of the admonitions relating to internet safety is to never open an attachment you're not expecting and that you don't know is safe.
You can get infected by just looking at the contents of an attachment.
Email safety rules
So, let's review the rules for safe email:
-
Keep your versions of Windows, your browser, and your email program up to date with the latest patches.
-
Run appropriate anti-malware software to help keep your system clean.
-
Keep your anti-malware software up to date and most importantly, allow them to keep their databases of malware information as up to date as possible as well.
-
Never open an attachment unless you expect it, you're positive you know what it is, and that you trust the sender.
-
Never click on a link in an email message unless you're positive you know where it's going and that you trust the sender.
(This is an update to an article originally published April 28, 2004.)
1: This behavior has also changed over the years and I believe Outlook now no longer changes which message is selected.
2: One example: there were at one point exploits in the software used to display images such that malware could attach itself to maliciously crafted image files. Not only have those exploits been resolved, but most email programs no longer display images from untrusted senders by default.
Article C1931 - December 1, 2012 « »
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
December 4, 2012 10:31 PM
For all that's said and written about malware, viruses et al and the billions that must be being spent on fighting it, I personally wonder just what it is that goes on in the sick little minds that create and dispatch this muck out into the ether.
It's not even as if the could get their kicks out of watching the dismay on people's faces when they realise that their computer is sick. They can only imagine it. Truly weird people.
December 5, 2012 12:27 AM
Having to copy & paste to send articles is the necessary workaround in lieu of attachments. Recently some reliable contacts' names and addresses have been hacked and attachments forwarded through those email addresses, which though only spam cause some disruption in email
function. That implies some cautionary scrutiny into even known contacts. Attachments are definitely the devil's playground.
December 5, 2012 4:59 AM
@Tom
A great deal of virus activity has shifted from the kicks hackers get from creating a virus, to malware that is used for illicit commercial purposes such as stealing credit card and log in information, and spam bots etc.
December 6, 2012 12:39 AM
The other great myth, again based in ignorance, is that the are no viruses or malware that will run on a Linux platform...
December 6, 2012 6:45 AM
Why can't my ISP filter out malware before it gets to me??.....jt
08-Dec-2012
•
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.