Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

A question about opening e-mail attachments


  • Please log in to reply
5 replies to this topic

#1 GonraHil

GonraHil

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 11 June 2018 - 12:28 PM

Good Afternoon,

 

I was wondering how I should go about the following:

 

I am in the process of requesting a reference from a former manager of mine, and I am pretty sure they said they wanted to send it via e-mail.

 

If I was to open an attachment they sent at the library instead of at home, would my computer be safe from potential viruses if I later went home and opened up the same e-mail account? Or, would I have to use a different e-mail account from then on?

 

Thank you for your time, I look forward to a response.  :)

 

**Gonra**

 



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:26 PM

Posted 11 June 2018 - 12:39 PM

You should not open an email if you don't recognize the sender.

You should not open any attachment unless you know the sender and have confirmed the attachments contents.

 

An attachment containing malware will infect any computer that it is opened in if the malware is capable to infect

based on several things such as exploitable insecure programs and operating systems.

 

In your case you are being a bit too paranoid knowing that you know the sender and you know what the attachment contains.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,008 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:06:26 PM

Posted 11 June 2018 - 06:17 PM

Not only that, but opening a message on one computer for reading is utterly disconnected from doing the same thing on another.

 

Each computer has to talk to the e-mail server and get the server's copy of that message before it can do anything with it.  What's there is there, no matter how many locations or machines you happen to read it from.

 

When we add to all this the fact that e-mail propagation of viruses has gone the way of the dinosaur with the advent of on-download scanning by virtually any antivirus/security suite I can name before it even gets to your inbox (or the attachment ever gets on to your computer's hard drive) there's not an awful lot of reason to worry.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 


#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:26 AM

Posted 12 June 2018 - 05:57 AM

You don't have to worry about malware in the case you explained.

 

Just one remark: if you open an attachment on a computer at the library, depending on the setup, it is likely that the attachment is saved to disk and then opened.

Since the document you want to view is very personal, I would delete the attachment from the library computer's disk when you are finished.

 

It's also possible that all your documents and files are deleted once you are finished using that computer, but again, that depends on the way it was setup.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#5 GonraHil

GonraHil
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 21 June 2018 - 10:37 PM

Thank you all very much for your speedy and thorough responses.

 

 

In your case you are being a bit too paranoid knowing that you know the sender and you know what the attachment contains.

Yes, I do know this person in a work environment, but not their web browsing habits. I figured how this person surfs the web, or uses their device(s) would potentially play a part in determining whether or not opening their attachment would be safe to begin with. Since viruses in e-mails have apparently fallen to the wayside according to britechguy, I'm not too concerned.

 

Not only that, but opening a message on one computer for reading is utterly disconnected from doing the same thing on another.

 

Each computer has to talk to the e-mail server and get the server's copy of that message before it can do anything with it.  What's there is there, no matter how many locations or machines you happen to read it from.

 

I realize that if there is a virus with the attachment, a computer will receive it if a user clicks to open or download it. I suppose what I meant to ask was whether or not it could infect the email account as well as the computer it was opened from.

 

...with the advent of on-download scanning by virtually any antivirus/security suite I can name before it even gets to your inbox (or the attachment ever gets on to your computer's hard drive) there's not an awful lot of reason to worry.

That's interesting, because I once sent an attachment to a friend, and when I checked to see if it had been correctly sent, I noticed gmail said the files were scanned with Avast. At that time, I believe I had been using that AV. So, are you saying that email accounts use multiple virus scanners when you send emails with attachments?

 

Didier Stevens:

 

I am almost positive the library computers delete everything and reset after each use, but I will be sure to delete each attachment file before closing out of the session just in case. Thank you for the heads up!  :)

 

Again, I do appreciate the responses, and thank you all for your assistance on this matter. It has proven to be most helpful.

 

**ArchimedesNose** 


Edited by GonraHil, 21 June 2018 - 10:38 PM.


#6 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,008 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:06:26 PM

Posted 21 June 2018 - 10:55 PM

What I am saying is that your e-mail service provider does virus scanning of messages as they pass through their own servers, or at least many of them do.

 

In addition, some people have antivirus or security suite software that will scan what they're sending as outgoing mail.  Virtually everyone who's using a modern antivirus or security suite on their own computer also has scanning of individual e-mail messages (and their attachments) upon download, with quarantining if they're found to be infected.

 

When you couple that with the fact that most e-mail providers long ago stopped allowing things like .exe files (and several other common vector file types) from even being attached to messages, the probability of getting an infection via e-mail messages themselves, rather than end user actions they may try to dupe the recipient into taking (e.g., clicking on links, etc.), is virtually zero.

 

As time marches on and different infection vectors are identified, defenses against same become part of protective software and the behavior of even moderately aware users.  They become ineffective once that takes place.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users