Back in the 80s when I first got online, it was absolutely correct to say "don’t worry, your system cannot be infected with a virus simply from opening an email message." When the Good Times virus hoax first appeared, that reassurance was part of the mantra in trying to fight the hoax. It’s been repeated over and over and over – and unfortunately, it’s no longer true.

Thanks to the advent of HTML mail, your system can be infected just by opening an email message now. And if your mail client has a preview pane that shows you the contents of a message before you’ve opened it, you don’t even have to open the message to be infected!

Of course, some people aren’t vulnerable. Mail clients that don’t display HTML avoid this problem. Most of the viruses in this category (so far) have been specifically created to take advantages of flaws in Microsoft Outlook and Outlook Express. I haven’t heard of any HTML-based viruses that attack Macintosh users. But since there are huge numbers of Windows users out there with email programs that do display HTML messages, most people are vulnerable to these viruses.

What you can do to protect yourself is to:

  • Install a good antivirus program and keep it updated – mine actually checks for updates twice every day.
  • Disabling the preview pane in your email program is also a good idea.
  • If you can disable HTML display, consider doing it (I’m rather unhappy that I can no longer do that in the latest version of Eudora Pro).
  • Do not use Outlook or Outlook Express for email. They simply have too many security problems, and no matter how many patches you install from Microsoft, new holes seem to be found every week.
  • Be very cautious about using webmail.

Most of these viruses are worms – they’re designed to not only harm an infected system, but to actively try to spread themselves to more systems, usually through your email program. The Melissa virus was one of the best-known of those. The KAK worm is the one I’ve personally encountered the most frequently. Most of these viruses actually come to public attention because of the way they spread themselves to more systems.

Using a filtering service like Brightmail can also help to protect you – they have responded to most of the recent virus outbreaks by automatically filtering infected messages to protect their users. I wouldn’t trust them (or any other third party) to be my only defense, but I certainly consider them part of my defense against email-borne viruses.

You should also think about the possibilities of getting script-based viruses from usenet messages if your ISP isn’t filtering out HTML posts and your newsreader does display HTML. I absolutely love the fact that Forte Agent does not display HTML, because I know that there is no way for me to have a problem simply from reading a usenet message.

Honestly, I’m not an alarmist. I’ve seen way too many virus hoaxes myself, and I take every new alert with many grains of salt until I’ve personally verified it with a trusted resource. I think it’s highly irresponsible, though, to give anyone a false sense of security by spreading a maxim that was once true, but is now false. Yes, your system can be infected with a virus simply from reading email. Please be careful.

Originally published February 3, 2001