-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Cyber Security Tip ST04-010
Using Caution with Email Attachments
While email attachments are a popular and convenient way to send
documents, they are also a common source of viruses. Use caution when
opening attachments, even if they appear to have been sent by someone
you know.
Why can email attachments be dangerous?
Some of the characteristics that make email attachments convenient and
popular are also the ones that make them a common tool for attackers:
* Email is easily circulated - Forwarding email is so simple that
viruses can quickly infect many machines. Most viruses don't even
require users to forward the email--they scan a users' computer
for email addresses and automatically send the infected message to
all of the addresses they find. Attackers take advantage of the
reality that most users will automatically trust and open any
message that comes from someone they know.
* Email programs try to address all users' needs - Almost any type
of file can be attached to an email message, so attackers have
more freedom with the types of viruses they can send.
* Email programs offer many "user-friendly" features - Some email
programs have the option to automatically download email
attachments, which immediately exposes your computer to any
viruses within the attachments.
What steps can you take to protect yourself and others in your address book?
* Be wary of unsolicited attachments, even from people you know -
Just because an email message looks like it came from your mom,
grandma, or boss doesn't mean that it did. Many viruses can
"spoof" the return address, making it look like the message came
from someone else. If you can, check with the person who
supposedly sent the message to make sure it's legitimate before
opening any attachments. This includes email messages that appear
to be from your ISP or software vendor and claim to include
patches or anti-virus software. ISPs and software vendors do not
send patches or software in email.
* Save and scan any attachments before opening them - If you have to
open an attachment before you can verify the source, take the
following steps:
1. Be sure the signatures in your anti-virus software are up to
date (see Understanding Anti-Virus Software for more
information)
2. Save the file to your computer or a disk
3. Manually scan the file using your anti-virus software
4. Open the file
* Turn off the option to automatically download attachments - To
simplify the process of reading email, many email programs offer
the feature to automatically download attachments. Check your
settings to see if your software offers the option, and make sure
to disable it.
* Consider additional security practices - You may be able to filter
certain types of attachments through your email software (see
Reducing Spam) or a firewall (see Understanding Firewalls).
_________________________________________________________________
Both the National Cyber Security Alliance and US-CERT have identified
this topic as one of the top tips for home users.
_________________________________________________________________
Authors: Mindi McDowell, Allen Householder
_________________________________________________________________
Produced 2004 by US-CERT, a government organization.
Note: This tip was previously published and is being re-distributed
to increase awareness.
Terms of use
<http://www.us-cert.gov/legal.html>
This document can also be found at
<http://www.us-cert.gov/cas/tips/ST04-010.html>
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRlSavexOF3G+ig+rAQIHOAf9GOq5Zd6jbPFBr7Co70kvCOlOEA+b0r3Y
LBVvD3ycAufXExo+3iuYDWP2HpOSXnqiZY8UGiMLXKDcGdNuKfzMCaNEADfVs45S
BXYl9SiFMeOB/ddt+xdP75BI54c/xO0eAsVQlZJBKF1i+BUj6nZSE9SsdFsU34PI
3YsPsTzeSTrT8bFNxszCkvdraYKLrkB1BOhonBv5LLX80Erpwhzlfl0cvhKkjuLe
dZhXbCcrfB2tEy+Yx52TcFRemmSMJbuYTH7NNiTX4j8BJNjIcYZHJlw6eoGadApx
bisXMmu95HgoaIppI1xcSw5808iJJkv6kHymkhq89B5CV+thZNxTDQ==
=TKWY
-----END PGP SIGNATURE-----
