Handling Email’s File Attachments
Nowadays, advanced email clients (such as Netscape Messenger, MS Outlook, Eudora, and PC-Pine, etc.) are powerful and user-friendly. They provide features for users to run programs or open documents sent from file attachments of emails directly and easily by a simple click or key-stroke. Since a user may receive emails from many different sources, it could be dangerous if a user tries to open file attachments of emails from distrusted or unknown parties. This situation is similar to invoking programs or opening documents from an unknown floppy disk.
Furthermore, email messages with file attachments from friends, relatives or colleagues might also be harmful some times because they might just be sent in an involuntary or unconscious condition (eg. the sender’s machine is already infected by a virus). Usually messages with malicious file attachments are unsolicited ones, and would look a bit weird and out of context (eg. a colleauge suddenly sending you an attachment which is said to be a joke). In any case of doubt, it is always advisable for the recipient to double check with the sender before opening the file attachment.
While virus hoaxes (contain plain text messages only) are usually not harmful, emails with file attachments of unfriendly files (executable programs or documents with embedded macros/scripts) could be destructive. For example, opening an infected MS Word document can cause problem because the infected document may have macro viruses which can make MS Word behave abnormally. ITSC’s web page on “Anti-Viruses” explains virus hoaxes and macro viruses in more details.
In general, the following precautions should be noted when handling email file attachments:
- Usually, for most email tools, user will need to issue a command (by clicking a button or hitting a key) before a email’s file attachment is opened. User is recommended to think twice before opening an attachment from distrusted or unknown source as it could be an unfriendly program or document.
- According to our experience, when an infected Word document is opened, user will be prompted before a Word macro is executed. In this case, it is highly recommended to response with “no” (to skip running the macro) unless user is very sure that it is safe to do so.
- Generally speaking, user is advised to be very careful when handling email attachments because opening an attached file from suspicious source is somewhat like opening a file from a suspicious floppy disk.