Menu Close

Yes, You Can Get a Virus Simply By Reading Email

Back in the 80s when I first got online, it was absolute­ly cor­rect to say “don’t wor­ry, your sys­tem can­not be infect­ed with a virus sim­ply from open­ing an email mes­sage.” When the Good Times virus hoax first appeared, that reas­sur­ance was part of the mantra in try­ing to fight the hoax. It’s been repeat­ed over and over and over—and unfor­tu­nate­ly, it’s no longer true. 

Thanks to the advent of HTML mail, your sys­tem can be infect­ed just by open­ing an email mes­sage now. And if your mail client has a pre­view pane that shows you the con­tents of a mes­sage before you’ve opened it, you don’t even have to open the mes­sage to be infected!

Of course, some peo­ple aren’t vul­ner­a­ble. Mail clients that don’t dis­play HTML avoid this prob­lem. Most of the virus­es in this cat­e­go­ry (so far) have been specif­i­cal­ly cre­at­ed to take advan­tages of flaws in Microsoft Out­look and Out­look Express. I haven’t heard of any HTML-based virus­es that attack Mac­in­tosh users. But since there are huge num­bers of Win­dows users out there with email pro­grams that do dis­play HTML mes­sages, most peo­ple are vul­ner­a­ble to these viruses. 

What you can do to pro­tect your­self is to:

  • Install a good antivirus pro­gram and keep it updated—mine actu­al­ly checks for updates twice every day.
  • Dis­able the pre­view pane in your email program.
  • If you can dis­able HTML dis­play, con­sid­er doing it (I’m rather unhap­py that I can no longer do that in the lat­est ver­sion of Eudo­ra Pro).
  • Do not use Out­look or Out­look Express for email. They sim­ply have too many secu­ri­ty prob­lems, and no mat­ter how many patch­es you install from Microsoft, new holes seem to be found every week.
  • Be very cau­tious about using webmail.

Most of these virus­es are worms—they’re designed to not only harm an infect­ed sys­tem but to active­ly try to spread them­selves to more sys­tems, usu­al­ly through your email pro­gram. The Melis­sa virus was one of the best-known of those. The KAK worm is the one I’ve per­son­al­ly encoun­tered the most fre­quent­ly. Most of these virus­es actu­al­ly come to pub­lic atten­tion because of the way they spread them­selves to more systems. 

You should also think about the pos­si­bil­i­ties of get­ting script-based virus­es from Usenet mes­sages if your ISP isn’t fil­ter­ing out HTML posts and your news­read­er does dis­play HTML. I absolute­ly love the fact that Forte Agent does not dis­play HTML, because I know that there is no way for me to have a prob­lem sim­ply from read­ing a Usenet message. 

Hon­est­ly, I’m not an alarmist. I’ve seen way too many virus hoax­es myself, and I take every new alert with many grains of salt until I’ve per­son­al­ly ver­i­fied it with a trust­ed resource. I think it’s high­ly irre­spon­si­ble, though, to give any­one a false sense of secu­ri­ty by spread­ing a max­im that was once true but is now false. Yes, your sys­tem can be infect­ed with a virus sim­ply from read­ing email. Please be careful. 

Orig­i­nal­ly pub­lished 3 Feb­ru­ary 2001
Pho­to by Michael Geiger on Unsplash