Helping people with computers... one answer at a time.

It's extremely unlikely to get a virus by just looking at an email these days. The same applies to spyware.

I have read various articles that state that viruses can be downloaded just by opening an email, without having to click on an attachment. I'm wondering if spyware is the same. Does it require me to physically click on an attachment for the spyware program to run or can the spyware be activated simply by opening an email to view it? And can the spyware be launched a second time on a different computer if I click on it again?

This whole "can I get a virus just by reading email" question has been around a very long time. These days it's not really much of a risk at all, but once upon a time there was a very real danger.

And, of course, you can still face that risk with a misconfigured email program.

Part of the question being asked here also is would spyware be any different?

In a word: no.

In all honesty, the line between viruses and spyware has become so blurred that it's almost impossible to draw a distinction between the two. Spyware often propagates in the form of viruses, and viruses often install spyware. Which is which, and what's what is pretty academic and, in my opinion, just not that important to the average user.

"Most malware authors have moved on to techniques that are apparently much more successful."

With the exception, of course, that you do need both anti-virus and anti-spyware protection, as the tools use different techniques to target what they protect you from. And yes, it's doubly confusing since many anti-virus programs will trap some spyware, and conversely many anti-spyware tools will eliminate some viruses.

The real takeaway to remember to keep yourself safe is simply: don't worry about the differences, and make sure you have protection from both.

Now, back to email.

Long, long ago (in internet time - maybe 5 years or more in "real" time), email programs would, when you open a message, display all the content in that message. That included not only pictures but if the message was HTML then many would also do things like run any Javascript that was part of the message.

As a result, malware (a term that encompasses both viruses and spyware) was created that would leverage HTML, or Javascript, or even simply display images - often along with known operating system vulnerabilities - to actually attempt to infect your machine if a specifically crafted malicious email message were simply displayed. That got even worse with the advent of the preview pane in many email programs, which would display your incoming email even if you had stepped away from your computer.

You could get infected just by looking, and you didn't even have to be there to look!

Yikes!

Needless to say, that was (relatively) quickly addressed by most of the email programs with a few not-so-subtle changes:

  • Javascript was typically not supported when email was displayed.

  • Images were not displayed by default.

  • Vulnerabilities were patched.

  • Spam filters also started to take on the role of simple virus checkers, and would junk email with suspicious content.

  • And of course anti-malware software began checking email as it arrived.

I'm sure you're at least familiar with the image blocking step since it's something you see frequently today. In almost all popular email programs images will not be displayed in an email unless that email is from someone you've indicated you trust.

Unless you explicitly turn them off, there are now enough safeguards in place with modern email programs and web based email services that the chances of getting infected by simply viewing an email are extremely remote. Most malware authors have moved on to techniques that are apparently much more successful.

Like tricking you into clicking a link, or opening an attachment.

When that happens, and it's a malicious link or attachment - all bets are off.

Article C4188 - February 25, 2010 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

6 Comments
Karl
March 2, 2010 10:09 AM

One thing you can do is, right click the email in question a box will open click properties. This will allow you to see what is in the email without opening it. My rule of thumb is, if in dought toss it out. There is very few emails i recieve that i will trust enough to open now days.

Frank
March 2, 2010 1:14 PM

The real problem today with message panes is that displaying the message tell the spammer you are real.
I always turn off message panes in new email client installs.

If you have "display images" off by default, then this is not true.
Leo
03-Mar-2010

Karl
March 2, 2010 11:43 PM

Sorry i meant to say right click the email, then click (view message source)

James
March 3, 2010 4:23 AM

Using Thunderbird, I use View > Message Body As > Simple HTML - better than Text and safer and quicker than Original HTML.

connie tyler
March 3, 2010 4:17 PM

I have received 3 emails from unknown people using a hotmail address and after opening two of them, I just deleted the 3rd because the letters in the message were scrambled and didn't make sense. Do you think that these emails were viruses or trojans or whatever that can harm my computer? I have a good anti-virus program and use spybot as well but they show nothing is amiss.

Alex Netherton
March 7, 2010 2:32 PM

Connie, the gibberish you see is an attempt by SPAMmers to circumvent your SPAM blocker or your e-mail program's junk mail filter. Some programs or pictures, if opened in a plain text program like Notepad, will show gibberish, but most of that stuff is just spammers trying to make an email look legitimate.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.