|
|
Managing the Threat from E-mail Borne Malicious Code
Today 's most common distribution medium for computer viruses is electronic mail. In the early days when all e-mail messages were written in plain text, the only place where a virus could reside was within an attachment. The virus writer had to convince curious users to save and execute the attachment in order to have the malicious code executed. Various methods of social engineering have been proven to be effective for this task. However, a cautious user who has antiviral software and checks attachments before opening them was relatively safe before HTML messages appeared.
HTML messages allow the use of different fonts, colours and even the insertion of pictures in e-mail messages. But HTML is much more powerful than that. It is also possible to inject "invisible "programs written in special scripting languages into the body of the message. These programs, called scripts, are capable of creating simple animation, automating office tasks and many other useful things. On the other hand, the scripts are also powerful enough to do something undesirable and malicious.
Fortunately, the scripts functionality is somewhat limited and they are usually not capable of causing serious damage such as deleting files or sending your credit-card details to somebody. However, in MS Outlook the scripts may be allowed to run special program modules known as ActiveX controls. These are not bound with any restrictions and can be programmed to do anything with your PC.
The last very important point is that to make a hidden script run, it is not always necessary to open the message. It could be enough for the message to be shown in the MS Outlook preview panel to get a PC infected. It is not enough to just protect a PC against viruses in message attachments. The message body itself can contain a virus, the most widespread and dangerous viruses seen to date have used active scripting.
Reflex ScreenMail disables all redundant HTML functionality such as scripting. Combined with the thorough scanning of the message attachments for viruses, Reflex ScreenMail creates reliable protection for users of MS Outlook & MS Outlook Express. |
|
