netGaines Services - Tips: Security for E-mailing

Computer Tips

Examples | Extensions | Verify hoax site

Security -

E-mail attachments

Safeguard yourself from insidious, irritating and irresponsible virus attacks. Security issues are now everyone's responsibility, not just specialists. Know good 'netiquette to protect yourself and your friends, colleagues and family.

Do's

Decide if you really need to send the information as an attachment. Text documents can easily be included in the body of the e-mail. Spreadsheets and illustrated literature just can't.

Describe attachments precisely in the body of the e-mail (see examples below)

Always scan received attachments with your antivirus software. Always scan. Always.

Name your files clearly and specifically connected to a particular topic.

Only have one dot at the end of the name by letting the application put the extension on so the document has a legitimate extension like .doc, or .xls.

Make sure your preferences in Windows allows viewing of all filename extensions. It's important to see those extensions.

Don'ts

Don't just send an e-mail saying "Here's the attachment you asked for." (see below)

Don't send documents containing macros if at all possible. It's too easy to unknowingly send a virus that way. If you receive a document with macros in it, disable the macros before opening the document.

Don't add your own extension like this: draft proposal.v3 (with a dot before the v3) when you save the file. The application will add it's own extension and the file will look like this: draft proposal.v3.doc Two dots in a name can cause problems and be confusing since malicious code may be sent with two .dot extensions.

For files destined for transfer via attachments, don't use names with non-alpha characters like underscore _, dots, *, @ They can all cause problems.

Example of good 'Netiquette for attachments

Your name -

What you're sending -

The name of the attachment -

The size it is -

The format it's in -

Any other specific details -

hi, it's me Pam from netGaines

the spreadsheet we've been discussing is attached.

it's name is "Projections Sctn 4 Harold Project.xls"

it is 25k*

it's in Excel for Windows98 as an .xls document.

it has 3 worksheets in the workbook.

*(when attaching the document, you're e-mail program shows the size. This just helps confirm the legitimacy of the attachment with a number to verify.

Another example:

Hi, Pam from netGaines here. I'm sending the draft for the proposal to you. Since I'm not sure which one you'll be able to read, I'm sending two formats. One is MSWord for Windows98 and the other is MSWord 6 for Win95. They are named:

*Draft Project Harold Aug01 w98.doc 10k

Draft Project Harold Aug01 w95.doc 8k

Let's chat about revisions tomorrow.

Pam

* be as project-specific with the name as possible.

Wary Extensions

Further paranoia

Viruses have propagated just be previewing as unopened in the preview pane in older versions of Outlook Express, without specifically launching the attachment. This is due to a security hole in Outlook Express. It's only rated a one (out of a maximum of 5) on the Symantec security meter, and has only infected a few computers. If you've updated to Outlook Express 5.5 by installing Internet Explorer 5.01 Service Pak, you have the fix installed already. If not, go to the Microsoft site and get the IE 5.01 SP upgrade right away.

Viruses can get filenames of last used documents so they can even look legitimate. One virus takes a random recently used file and includes it in the subject with an .ext That's your clue, it's not a regular document extension. Plus, there's nothing in the body of the message, the message is empty. Good 'netiquette would never do that!

The moral is you can't trust attachments.

In order to use attachments, be specific, clear and professional.

Verify virus hoaxes at Symantec's site: http://www.symantec.com/avcenter/hoax.html

Top

go back to What Else

netGaines Business Services

www.netgaines.com

netgaines@netgaines.com