E-mail worms

What is an e-mail worm?

An e-mail worm is similar to a virus that replicates itself using e-mail.

The infected e-mail looks like it came from my account. Am I infected?

Anyone can fake an email that appears to come from you and it will never have come near an Institute machine (one analogy is someone writing a letter and signing your name which can be posted anywhere). The messages the virus send out contain a new copy of the virus to infect other people and it spreads because people open the messages thinking they are from people they know. There are numerous other ways in which people obtain your address and then fake a message appearing to come from you to fool the recipient into opening it. For example, social engineering, trawling web pages or even an infected users address book and mail folders.

Why aren't these worms blocked before they get to me?

The worms get through as they are originating from a valid source. Some MTA's run virus checking software which reject any nasty programs. . All mail from outside the department is relayed through a scanning system which tries to block know viruses and worms and also adds spam tag headers for futher filtering by the recipient.

All Institute UNIX based machines are practically immune to spreading email viruses. All Institute Windows machines run virus detecting software which is pedantically updated regularly to stop infection by viruses. Together this makes it almost impossible for someone using an Institute machine to contract a virus that sends email using their e-mail address.

Departmental and University advice is just to delete such mail. For more details see the information on junk mail.