by Steve Lopez

A few months ago in ETN we discussed computer security (see the issue for April 22, 2001). If you think I was kidding about viruses, check out this story.

Someone has written a not-so-clever e-mail virus that spreads itself by reading the victim's address book and sending itself to every address it finds. So, for example, if your buddy Marty gets the virus in his e-mail and opens the attachment, his computer gets the virus. Then, if your e-mail address is in the address book for Marty's e-mail program, you get an e-mail sent from Marty's address: it looks just like he wrote it, plus it has some bogus file attached. If you open that file, you get the virus. Then everyone in your address book gets a copy, and on and on.

However, you're safe if you don't open the attachment. Just delete the e-mail immediately.

How do you recognize the bogus e-mails? That's the not-so-clever part. The doofus who wrote it wasn't too imaginative when he created the actual text part of the e-mail. You'll get an e-mail from a friend and the entire text reads as follows:

Hi! How are you?

I send you this file in order to have your advice

See you later. Thanks

That's it. How lame. Nobody writes e-mails that are that lame. In fact, that text was what tipped me to the fact that it was a virus. The first time it was sent to me, I looked at the text -- all it says (basically) is "open the attachment". To which the proper response should be, "How stupid do you think I am?"

However, there is a slightly clever twist to the story. The e-mail may arrive in one of many different languages. I've been sent the e-mail four times in two days, and it's arrived in three different languages and with three different file attachment names. Now that part's a neat little trick.

So why am I telling you this? Because I've received this bogus virus-carrying e-mail four times in about 36 hours and it's been from a "chess person" each time -- either a customer or an acquaintance. Chess is a pretty small world -- everybody knows everybody, it seems, so the chances are pretty good that you'll get one of these bogus e-mails sometime soon (if it's not already happened to you).

What should you do if you see one of these pop up in your mailbox? What you should NEVER EVER DO is OPEN THE ATTACHMENT! If you do that, your computer will get the virus. Just delete the dang thing.

Before you delete it, you might want to fire off a return e-mail telling the sender that he's likely contracted a virus -- this is how I found out about it in the first place. I sent a reply to the first one, saying that I never open e-mail attachments. The sender sent back a reply confirming that it was indeed a virus he'd contracted and thanking me for catching it.

Get yourself a good anti-virus program and run it. And if you have an e-mail program that automatically opens attachments, ditch that sucker and get one which allows you to control whether or not attachments will be opened.

Summing it up:

And do be on the lookout for this virus. As far as I know, it does no real damage to a computer -- it's just a self-spreading annoyance virus that is sent automatically to all e-mail addresses in a victim's address book. But I've been sent this virus four times in just over a day -- each time by someone I know from the chess world -- so you may soon be seeing the little bug land in your e-mail box. Just remember this -- if you don't open the attachment, you don't contract the virus.

You can e-mail me with your comments, suggestions, and analysis for Electronic T-Notes. But leave out the viruses this time, k?