Can Simply Opening an Email Trigger a Virus?
Is it possible to get a computer virus by simply opening an email? It's true that email has been and remains one of the most popular attack vectors. Hackers, spammers, scammers, phishers and other cyber-miscreants are all knocking on the door of your inbox. But is it really that easy to slip in, and wreak havoc on your computer? Let's find out...
Viruses and Other Threats in Your Email
Can you get a virus just by opening an email? The likelihood of your computer becoming infected by an email-delivered virus just by opening a message was once terrifyingly large. But the vulnerabilities that made it so were quickly addressed years ago by developers of email clients and antivirus software. Today, you have to do some pretty foolish things to catch a virus via your email inbox.
But myths, urban legends and endlessly repeated tales of Cousin Vinny, who has a friend who knows a guy that lives near the police station in a major city, who got a virus by opening an email -- those die hard on the Internet. And ironically, these tales live on and are propagated largely by... email. I still get occasional warnings about the Hallmark Virus, and similar missives warning me not to open emails with certain subject lines, or a horrible uncurable virus will wipe out my hard drive.
Today, you may be able to (unwisely) disable some of the multiple safeguards built into your email client. You may be using an ancient version of Outlook Express that doesn’t contain any safeguards. Maybe you've stubbornly clung to your copy of Windows XP, or you've refused to install any of the security updates available for newer versions of Windows. You may even eschew virus protection that includes email-scanning in real time.
Some people don’t send or read HTML; they stick with old-school plain text email. That’s a sure way to avoid triggering embedded malicious code, but it makes for a poor email experience. Also, it doesn’t entirely protect against email-borne malware.
Beyond the First Click: Other Email Threats
Just to be clear, I'm talking about that first click -- simply opening and viewing an email message that has arrived in your inbox. The likelihood of being infected just by clicking to open a message sitting in your inbox is vanishingly small. I'd venture to say it's zero if you have an updated email client, you allow Windows to automatically update, and you have anti-virus protection. But once you open that email, other dangers lurk.
It's the second click that'll get you in trouble.
Files attached to either plain-text or HTML email can contain viruses. That is why it is so important not to click on any attachment whose sender you do not know and trust. Even if you do know and trust the sender, caution is needed. The email sender's addresses can be faked, or the sender's computer may have been compromised, so it’s vital to use anti-malware software that scans every email attachment. You may even want to call the sender, to be sure the attached file is legit.
The bad guys out there rely mainly on social engineering to entrap victims these days. Typically, that means a phishing email that masquerades as something from a trusted sender, urging you to click on a link in the email. Some typical ploys are messages that promise juicy gossip or racy photos. These messages often try to pique your curiousity by mentioning celebrities, public figures or current events. Have You Heard The Sad Truth About Justin Bieber? Willie Nelson Confirms Unfortunate News! Awkward Moments That Wedding Photographers Should Not Have Captured!
Other emails may pretend to be from a company that you know, such as your bank, Amazon, FedEx, Paypal or eBay. Oh no... your account is about to be suspended! One false click and you could be dealing with a nasty virus, or caught in the snare of identity thieves. Some malicious emails will instruct the recipient to call a phone number to restore access to a blocked account, release a package for delivery, or verify details of a financial account. Always look for the customer service number of a business on their website, not in an email. See my related article Have You Been Phished? for more information on email phishing, and how to defend against it.
One of the things I like about web-based email, and GMail in particular, is that you're protected from most of these threats without installing any software at all. If a message with a suspicious link or attachment comes your way, it's either blocked completely, or a warning is displayed that the content may be malicious. My GMail spam folder catches about 200 bogus messages every day. Yahoo Mail and Microsoft's Outlook.com are some other examples of webmail services.
If you use webmail, or you're conscientious about keeping your desktop email software up to date, there is no reason to fear that you will catch a virus simply by reading an email. But do be careful about clicking on links, opening attachments, or calling phone numbers that appear in emails. That's where the trouble starts.
Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 13 Jul 2022
|For Fun: Buy Bob a Snickers.|
Is Software Piracy a Victimless Crime?
The Top Twenty
Hard Drive Partitioning Myths, Mistakes, and My Advice...
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Can Simply Opening an Email Trigger a Virus? (Posted: 13 Jul 2022)
Copyright © 2005 - Bob Rankin - All Rights Reserved