Drug Rehabilitation that works

This is the second in a series of twelve articles written by Orthus for the non-technical managers at small to medium sized companies who operate smaller networks and may lack a sophisticated in-house information technology department. 

Step 2 Look Out for E-Mail Attachments and Internet Download Modules

Cost: Minimal – No additional investment

Technology skill level: Low to medium

Participants: Everyone using the electronic facilities

WHY?

One of the most common methods of transferring computer viruses is by embedding them in attachments that accompany e-mails or materials downloaded from attractive websites. Recently, attackers have become adept at capturing address books and embedding viruses in attachments that appear to come from people you know. Companies should have strict policies about what can and cannot be downloaded or opened on their systems.

You share important information via e-mail and attachments allow us to send reports, copies of files, spreadsheets, photos, cartoons, music, etc. You update and expand the software on computers using sources on the Internet and vendors encourage this Step by passing on some of their delivery savings if we use this mechanism.

Website designers take advantage of built-in capabilities to check your machine to make sure you have the needed software tools to access their content, and if anything is missing they automatically arrange for the installation for you.

All of this is quick, easy, and saves you from dealing with a lot of technology mumbo-jumbo.  Anyone who writes a software program can distribute it on the Internet through the Web or by sending you a copy attached to e-mail. You are at the mercy of the program author when running it on your computer.  Any task that you can do on your computer, this program can also do. If you delete a file, send e-mail, or add or remove a program, your newly installed program can do this too.  And an intruder can do these tasks, unbeknownst to you, through the program you have just installed and run.

 

WHAT HAPPENS IF I’M NOT CAREFUL?

E-mail text, e-mail attachments, and download modules are excellent conduits for malicious code. By opening an e-mail attachment or accepting a downloading install option, the code is copied into your technology environment (sometimes in temporary files that you cannot easily see) and can attack your system through vulnerabilities (see Step 8).

Malicious code that lodges in your computer will usually attempt to spread itself to other computers using e-mail attachments.  If your computer is compromised, everyone in your electronic address book will receive e-mail from you with an attachment that can attack his or her system.  The volume of e-mail alone can strangle a network to a halt. In addition, the malicious code can corrupt and delete files and software running on your system.

 

If you do not take steps to prevent it, software to spy on your Internet usage will be loaded on your computer to track the websites you use and report on web-accessed accounts.  Key tracking software to intercept, store, and transmit the sequences of key types for accounts and passwords can also be installed on your machines.

 

GETTING STARTED

Educate all e-mail users to do the following:

1. Do not use the “preview” function for e-mail contents.

2. Do not open an attachment that the anti-virus software has indicated is malicious 3)

3. Do not open e-mails (delete them instead) from someone you do not know, especially if the subject line:

- Is blank or contains strings of letters and numbers that are nonsense

- Tells you of winning a contest you never entered or money you should claim

- Describes the details of a product that you might like

- Notifies you of a problem with instructions to install software on your machine

- Notifies you of a billing or account error for a service you do not use.

4. If you know the sender or decide to open the e-mail, check to make sure the contents along with the names of attachments and the subject line make sense.

 

ADDITIONAL STEPS

Set up your browser to alert you to Internet module downloading and do not accept them from sites you do not know, especially if e-mail from an unknown recipient has sent you to the site.

Delete and do not forward chain e-mails (similar to chain letters) and do not use the unsubscribe function for services to which you did not subscribe initially since this only alerts an attacker that a active address has been located and makes you a more valuable target.

Deactivate the use of java scripting and Active-X in your browser and only activate them temporarily for specific web pages.

When you are considering buying a software program, look for a clear description of the program and its features and make sure the source of this information is reputable.

NEXT…

In our next article in this series we’ll discuss the importance of anti-virus protection. 

Tags: BUSINESS, Program, Securing, SIZE, SMALLTOMEDIUM, step