Windows 7 : Protecting Yourself Against Email Viruses

12/14/2010 8:52:26 AM
Computing veterans will remember that way back when the primary method that computer viruses used to propagate themselves was the floppy disk. A user with an infected machine would copy some files to a floppy, and the virus would surreptitiously add itself to the disk. When the recipient inserted the disk, the virus copy came to life and infected yet another computer.

Most of us haven’t even seen a floppy disk in years, but that didn’t stop the spread of viruses. On the contrary, the Internet’s now firm foothold in the mainstream has been a boon to virus writers everywhere, who happily adapted to the new reality and soon began propagating their malware either via malicious websites or via infected program files downloaded to users’ machines.

However, by far the most productive method for viruses to replicate has been the humble email message: Melissa, I Love You, BadTrans, Sircam, Klez. The list of email viruses and Trojan horses is a long one, but they all operate more or less the same way: They arrive as a message attachment, usually from someone you know. When you open the attachment, the virus infects your computer and then, without your knowledge, uses your email client and your address book to ship out messages with more copies of itself attached. The nastier versions also mess with your computer by deleting data or corrupting files.

You can avoid infection by one of these viruses by implementing a few commonsense procedures:

  • Never open an attachment that comes from someone you don’t know.

  • Even if you know the sender, if the attachment isn’t something you’re expecting, assume that the sender’s system is infected. Write back and confirm that the sender emailed the message.

  • Some viruses come packaged as scripts hidden within messages that use the HTML format. This means that the virus can run just by viewing the message! If a message looks suspicious, don’t open it; just delete it. (Note that you’ll need to turn off the Windows Live Mail Reading pane before deleting the message. Otherwise, when you highlight the message, it appears in the Reading pane and sets off the virus. Click Menus in the toolbar (or press Alt+M), click Layout, deactivate the Show Reading Pane check box, and click OK.)


    It’s particularly important to turn off the Reading pane before displaying Windows Live Mail’s Junk E-mail folder. Because many junk messages also carry a virus payload, your chances of initiating an infection are highest when working with messages in this folder. Fortunately, Windows Live Mail is sensible enough to turn off the Reading pane by default when you open the Junk E-mail folder.

  • Install a top-of-the-line antivirus program, particularly one that checks incoming email. In addition, be sure to keep your antivirus program’s virus list up-to-date. As you read this, there are probably dozens, maybe even hundreds, of morally challenged scumnerds designing even nastier viruses. Regular updates will help you keep up. Here are some security suites to check out:

    Norton Internet Security (
    McAfee Internet Security Suite (
    Avast! Antivirus (
    AVG Internet Security (

Besides these general procedures, Windows Live Mail also comes with its own set of virus protection features. Here’s how to use them:

In Windows Live Mail, click Menus (or press Alt+M) and then click Safety Options. Windows Live Mail opens the Safety Options dialog box.

Display the Security tab.

In the Virus Protection group, you have the following options:

  • Select the Internet Explorer Security Zone to Use. From the perspective of Windows Live Mail, you use the security zones to determine whether to allow active content inside an HTML-format message to run:

    Internet Zone— If you choose this zone, active content is allowed to run.

    Restricted Sites Zone— If you choose this option, active content is disabled. This is the default setting and the one I recommend.

  • Warn Me When Other Applications Try to Send Mail as Me— As I mentioned earlier, it’s possible for programs and scripts to send email messages without your knowledge. This happens by using Simple MAPI (Messaging Application Programming Interface) calls, which can send messages via your computer’s default mail client—and it’s all hidden from you. With this check box activated, Windows Live Mail displays a warning dialog box when a program or script attempts to send a message using Simple MAPI.

Sending Messages Via CDO

Activating the Warn Me When Other Applications Try to Send Mail as Me option protects you against scripts that attempt to send surreptitious messages using Simple MAPI calls. However, there’s another way to send messages behind the scenes. It’s Collaboration Data Objects (CDO), and Windows 7 installs it by default. Here’s a sample script that uses CDO to send a message:

Dim objMessage
Dim objConfig
strSchema = ""

Set objConfig = CreateObject("CDO.Configuration")
With objConfig.Fields
.Item(strSchema & "sendusing") = 2
.Item(strSchema & "smtpserver") = ""
.Item(strSchema & "smtpserverport") = 25
.Item(strSchema & "smtpauthenticate") = 1
.Item(strSchema & "sendusername") = "your_user_name"
.Item(strSchema & "sendpassword") = "your_password"
End With

Set objMessage = CreateObject("CDO.Message")
With objMessage
Set .Configuration = objConfig
.To = ""
.From = ""
.Subject = "CDO Test"
.TextBody = "Just testing..."
End With
Set objMessage = Nothing
Set objConfig = Nothing

The Warn Me When Other Applications Try to Send Mail as Me option does not trap this kind of script, so bear in mind that your system is still vulnerable to Trojan horses that send mail via your Windows 7 accounts. However, in the preceding example, I’ve included code to handle SMTP authentication (just in case you want to try out the script and your ISP requires authentication). In practice, a third-party script wouldn’t know your SMTP password, so a CDO script will fail on any account that requires authentication.

  • Do Not Allow Attachments to Be Saved or Opened That Could Potentially Be a Virus— With this check box activated, Windows Live Mail monitors attachments to look for file types that could contain viruses or destructive code. If it detects such a file, it disables your ability to open and save that file, and it displays a note at the top of the message to let you know about the unsafe attachment.

File Types Disabled by Windows Live Mail

Internet Explorer’s built-in unsafe-file list defines the file types that Windows Live Mail disables. That list includes file types associated with the following extensions: .ad, .ade, .adp, .bas, .bat, .chm, .cmd, .com, .cpl, .crt, .exe, .hlp, .hta, .inf, .ins, .isp, .js, .jse, .lnk, .mdb, .mde, .msc, .msi, .msp, .mst, .pcd, .pif, .reg, .scr, .sct, .shb, .shs, .url, .vb, .vbe, .vbs, .vsd, .vss, .vst, .vsw, .wsc, .wsf, and .wsh.


What do you do if you want to send a file that’s on the Windows Live Mail unsafe file list and you want to make sure that the recipient will be able to open it? The easiest workaround is to compress the file into a .zip file—a file type not blocked by Windows Live Mail, Outlook, or any other mail client that blocks file types.

Click OK to put the new settings into effect.
Other -----------------
- Windows 7 : Understand Internet Explorer’s Advanced Security Options
- SOA with .NET and Windows Azure : WCF Services - Overview
- SOA with .NET and Windows Azure : Web Services (ASMX and WSE)
- Windows 7 : Enhancing Your Browsing Security (part 6) - Managing Add-Ons
- Windows 7 : Enhancing Your Browsing Security (part 5) - Encoding Addresses to Prevent IDN Spoofing
- Windows 7 : Enhancing Your Browsing Security (part 4) - Thwarting Phishers with the SmartScreen Filter
- Windows 7 : Enhancing Your Browsing Security (part 3) - Changing a Zone’s Security Level
- Windows 7 : Enhancing Your Browsing Security (part 2) - Adding and Removing Zone Sites
- Windows 7 : Enhancing Your Browsing Security (part 1) - Blocking Pop-Up Windows
- Windows 7 : Configuring Internet Explorer Security - Enhancing Your Browsing Privacy (part 4) - InPrivate Browsing and Filtering
- Windows 7 : Configuring Internet Explorer Security - Enhancing Your Browsing Privacy (part 3) - Enhancing Online Privacy by Managing Cookies
- Windows 7 : Configuring Internet Explorer Security - Enhancing Your Browsing Privacy (part 2) - Clearing the Address Bar List
- Windows 7 : Configuring Internet Explorer Security - Enhancing Your Browsing Privacy (part 1)
- Windows 7 : Managing Windows Firewall (part 2)
- Windows 7 : Managing Windows Firewall (part 1)
- Windows 7 : Checking Your Computer’s Security Settings (part 2)
- Windows 7 : Checking Your Computer’s Security Settings (part 1)
- Securing Windows 7 : Thwarting Snoops and Crackers (part 2) - Locking Your Computer Manually, Automatically
- Securing Windows 7 : Thwarting Snoops and Crackers (part 1) - First, Some Basic Precautions
- Windows 7 : Working with the Command-Line Tools (part 3) - Working with System Management Tools
- First look: Apple Watch

- 10 Amazing Tools You Should Be Using with Dropbox

- Sigma 24mm f/1.4 DG HSM Art

- Canon EF11-24mm f/4L USM

- Creative Sound Blaster Roar 2

- Alienware 17 - Dell's Alienware laptops

- Smartwatch : Wellograph

- Xiaomi Redmi 2
Popular tags
Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8