Answer: No! - Not Directly!
For a virus to spread, it must be executed. Reading a mail
text message does not execute the mail message.
BUT
Opening an email attachment can spread a virus to your machine:- Running a program which has been sent as an email attachment - especially if that program is someting like an animated greeting card or joke image, can expose you to very damaging viruses. NEVER run any program you have recieved by email without first saving it to disk and then scanning it with a virus scanner (which must have uptodate virus definitions to be effective). Be paranoid about this - SCAN EVERYTHING - no matter what it is or who it comes from! JCU has a site licence for SOPHOS go to Standing Offers and Agreements for full information.
- Opening a Microsoft Word or Excel document (possibly Access and Powerpoint also) exposes you to the threat of a macro virus (this is not a real big virus, just one that is hidden in the document or speadsheet in it's macro code). Once again, your defence is scanning the attachment with a good uptodate macro virus scanner before opening it. You should have Word set to ask you before opening documents containing macros. It is also good form not to send documents containing macros as email attachments without warning the recipient as most savvy users will get warning messages when they go to open them.
- Some email clients (Microsoft Outlook principally), will just go ahead and open up Word documents or Excel spreadsheets without asking! If that Word document makes reference to an attached template which contains a macro virus, you normal defence mechanisms will be bypassed. Microsoft have posted a fix at: http://www.microsoft.com/security/bulletins/ms99-002.asp If you use Outlook and have Office or Word on your computer, then you MUST get and apply this fix! This is the only known case where just viewing an email can cause you a problem.
Hoaxes
If you get anything called "Good Times", DON'T read it or download it. It is a virus that will erase your hard drive. Forward this to all your friends. It may help them a lot."Good Times" was one of the first of a long line of similar hoax email messages. It may as well have been a virus due to all the time it has wasted and the millions of email messages sent and recieved both spreading the hoax and refuting the hoax. Other spread around this University are: "Deeyenda", "PenPal Greetings" and "It Takes Guts to Say 'Jesus'".
How to Identify a Hoax (from CIAC)
There are several methods to identify virus hoaxes, but first consider what makes a successful hoax on the Internet. There are two known factors that make a successful virus hoax, they are: (1) technical sounding language, and (2) credibility by association.If the warning uses the proper technical jargon, most individuals, including technologically savy individuals, tend to believe the warning is real. For example, the Good Times hoax says that "...if the program is not stopped, the computer's processor will be placed in an nth-complexity infinite binary loop which can severely damage the processor...". The first time you read this, it sounds like it might be something real. With a little research, you find that there is no such thing as an nth-complexity infinite binary loop and that processors are designed to run loops for weeks at a time without damage.
When we say credibility by association we are referring to whom sent the warning. If the janitor at a large technological organization sends a warning to someone outside of that organization, people on the outside tend to believe the warning because the company should know about those things. Even though the person sending the warning may not have a clue what he is talking about, the prestigue of the company backs the warning, making it appear real. If a manager at the company sends the warning, the message is doubly backed by the company's and the manager's reputations.
Individuals should also be especially alert if the warning urges you to pass it on to your friends. This should raise a red flag that the warning may be a hoax.
IT&R Policy on Virus Warnings
Information Technology and Resources policy is to not respond to alerts about individual viruses whether from responsible authorities, the press or individuals. Users who are responsible in their computing practice (using a virus/macro virus checker with up-to-date definitions and not opening or executing any unknown files), should experience few problems whether alerted or not. Alerts which relate to actual individual viruses are primarily a marketing tool of anti-viral software manufacturers while hoax alerts only cause unnecessary worry. Neither have any place in JCU communications systems.Virus and Hoax Links
AUSCERT virus information (recommended) at
http://www.auscert.org.au/Information/Sources/virus.html
HoaxBusters: Department of Energy Computer Incident Advisory Capability Team at
http://HoaxBusters.ciac.org/
Learn about computer virus myths, hoaxes, urban legends, hysteria, and the implications if you believe in them. at:
http://www.Vmyths.com/
Symantec Anti Virus Research Center at
http://www.symantec.com/avcenter/index.html
McAfee Associates Virus Hoax List at
http://vil.mcafee.com/hoax.asp
Dr. Solomons Hoax Page at
http://www.drsolomons.com/vircen/index.cfm
Datafellows Hoax Warnings at
http://www.Europe.Datafellows.com/news/hoax.htm
