Indepth: Spam and Viruses

Welcome to the P&L Advice & Guidance articles. You can return to the main site by either selecting the link below to read more articles or the P&L Logo for the home page.

Return to: Advice & Guidance / Indepth: Spam and Viruses

We all experience SPAM in our inboxes.Getting a virus, trojan or other nasty can really ruin your day, not to mention the impact it can have on your IT systems. They can completely destroy your systems and can cost thousands of pounds to put right.

First of all, some definitions of things you may have heard of.

Viruses. These are designed to wreak havoc on IT systems. Sometimes they are malicious, setting out to cause trouble whilst in others they are perceived to be a bit of fun by the creator.

Spam. This is email that was neither expected nor asked for. At best, they clog up your inbox and waste your time. At worst, they can contain some of the things presented in this article.

Trojans. These are pieces of software that sit on your computer, programmed to take specific actions. For example, they could send out emails to everyone in your address book or give an operator access to your computer, controlling it remotely so they can use it for illegal purposes, like fraud and theft. If the fraud is detected back to a PC, it'll be your PC rather than the criminal's, thereby hiding their identity.

Spyware/Adware. These sit on your computer and observe activity, the keys you press on your keyboard, for example. This information can then be transmitted back to the sender who uses it to work out your passwords before emptying your bank account.

There are two main ways you can catch these nasties; opening emails and visiting websites. The best way to prevent catching one is to stop it getting to your computer or server in the first place.

We all want to be 100% virus, spyware and adware free.Here are the main methods of prevention.

Firewalls. This is like a security gate, watching everything coming in and out, taking action to prevent unwanted activity. This is the first line of defence as it sits at your internet server or router, stopping unwanted visitors getting to your systems.

Email Security Software. Packages are available which read all incoming emails and analyse them for nasties. They will also identify spam and send it to a folder in your inbox called "spam" or "Junk email". You can then decide whether the email is legitimate or whether it should be deleted. Never, ever open an attachment in an email unless you are convinced that the sender is genuine and that the attachment will be clean. Opening attachments is how email nasties get into your system. Also, never open or unsubscribe to spam email – all that does is let the sender know they have found a genuine email address, so you will become a future target.

Internet Security Software. These stop nasties from being downloaded from websites. They often give you a warning box saying that you are visiting a dangerous site, so you can quickly close it down and go elsewhere. They will often include pop-up blockers that prevent you from seeing unwanted advertising pop-ups.

Regular updates. New threats are discovered every day, so you need to keep your security software up-to-date. Good quality software will automatically connect to the internet every time you switch your computer on and download the latest updates so you always have the most recent protection.

Regular scanning. Even with updated, quality security software, some things will occasionally get through. Your software should provide a regular scanning facility that automatically searches your computer and server for anything that sneaks past, either on a daily or weekly basis. You can then take action to remove it before it causes too much damage.

Good quality security systems will provide some form of notification or quarantine facility. For example, a daily email telling you which items have been sent to a spam folder so you can identify those which are genuine and that you want. You can then tell the system that the emails or sender are genuine so that it doesn't consider them as spam in the future.

Security needs to be considered for all aspects of your systems. A well-secured system will have appropriate security on each item to provide multi-layered protection. For example, you may have a UTM firewall sitting between your network and the internet connection, with further security on the server and another layer of security on each PC.

Don't forget about laptops – they potentially need a higher level of security than office-based PCs because of the various different ways they may connect to the internet.

If you follow this advice you should greatly reduce the chances of malicious nasties taking over your systems.