Virus-laden emails have become a curse. Every day for the past few months, IS personnel receive notices of some new Internet worm, virus or trojan that we need to be prepared for.
You can help stop the epidemic by thinking about - and modifying - your email habits. Think VKERS (virus curse) and follow the simple rules:
You should only read a message or open email attachments that pass all of these tests.
The Virus test: Does this email contain a virus? Is your anti-virus up-to-date and running?
The Know test: Is the email from someone that you know?
The Expect test: Were you expecting email with an attachment from this sender?
The Received test: Have you received email from this sender before?
The Sense test: Does email from the sender with the contents as described in the Subject line and the name of the attachment(s) make sense? For example, would you expect the sender – let's say your Mother – to send you an email message with an attachment entitled: "AnnaKournikova.jpg.vbs"? (that attachment would likely have infected your PC)
You should apply these five tests – VKERS (think Virus curse) – to every piece of email with an attachment that you receive. If any test fails, toss that email. If they all pass, then you still need to exercise care and watch for unexpected results as you read it.
Now, given the VKERS tests, imagine that you want to send email with an attachment to someone with whom you've never corresponded – what should you do? Here's a set of steps to follow to begin an email dialogue with someone.
Before you send the email, check the attachments for Viruses. This is again based on having an up-to-date virus-checking programs, which is available at no extra cost - call 8555.
Since the recipient doesn't already Know you, you need to send them an introductory email. It must not contain an attachment. Basically, you're introducing yourself and asking their permission to send email with an attachment that they may otherwise be suspicious of. Tell them who you are, what you'd like to do, and ask for permission to continue.
This introductory email qualifies as the mail Received from you.
Hopefully, they'll respond; and if they do, honor their wishes. If they choose not to receive email with an attachment from you, don't send one. If you never hear from them, try your introductory email one more time.
If they accept your offer to receive email with an attachment, send it off. They will Know you and will have Received email from you before. They will also Expect this email with an attachment, so you've satisfied the first three requirements of the KRESV tests.
Whatever you send should make Sense to them. Don't use a provocative Subject line or any other social engineering practice to encourage them to read your email.
The VKERS tests help you focus on the most important issues when sending and receiving email with attachments. Use it every time you send email, but be aware that there is no foolproof scheme for working with email, or security in general. You still need to exercise care. While an anti-virus program alerts you to many viruses that may find their way to your home computer, there will always be a lag between when a virus is discovered and when anti-virus program vendors provide the new virus signature. This means that you shouldn't rely entirely on your anti-virus programs. You must continue to exercise care when reading email.
Back to Help