June 21, 2004
Q: I get many notifications (sometimes five or more a day) of viruses found in e-mail addressed to me. The notification does not tell what I should be doing with the notification information to help nip the viruses at their source.
None of the sources brought to my attention by (my service provider) are addresses that I have knowingly ever been in contact with. What should I be doing to improve this situation? — Bob
A: Navigating through one’s in-box these days has become about as tumultuous as trying to get around on the Los Angeles freeways as a tourist. You aren’t sure what to read, what to believe and most importantly what to do and when to do it. Between all the spam, "phishing" attempts and viruses and worms that we get sent on a daily basis, it isn’t uncommon to receive twice as much junk as the good stuff.
One of the more recent onslaughts to our collective inboxes is the bevy of warning messages about an infected message either from our Internet service provider (ISP) or from our anti-virus programs. Many uninitiated email users become concerned that they are doing something wrong and must do something about it, or, even worse, think that these messages mean that they have contracted a virus or worm.
The good news is that none of the above applies, and the better news is that your protection system(s) are working as intended.
The majority of today’s email-borne viruses and worms randomly send themselves from infected systems to virtually everyone in the infected computer’s address book with a "spoofed" return address so as to confuse the recipient. The "sou rce" of these messages is the hundreds of millions of other computers that are connected to the Internet. So nipping the viruses at their source is not likely.
As long as your e-mail address exists in other user’s address books, you will be receiving these types of messages. Also, the more people who have your e-mail address in their address books, the more likely it is that these types of messages will increase over time.
Your ISP is providing a service to you by scanning and removing any (known) malicious code from the infected messages and notifying you every time it does so on your behalf.
If they were not doing this, you would be on your own to detect and remove these messages before you inadvertently opened one of the infected attachments that generally accompany them. In other words, you should be giving your ISP an "atta boy!" for providing you this very desirable additional layer of protection.
If you don’t want them to do any detection on your behalf, you can contact them and have them turn it off on your account. But I don’t recommend this unless you have your own mail-server-based virus detection (like most businesses do) to provide the same service. Relying solely on a desktop level anti-virus program as your one and only protection against malicious code in today’s environment is a little risky unless you are very technical in nature.
If you just don’t want to see these warning messages, you may be able to have your ISP continue to remove malicious messages and turn off the notification.
Ken Colburn is president of Data Doctors Computer Services and Data Doctors Franchise Systems and host of the "Computer Corner" radio show at noon Saturdays on KTAR (620 AM). Readers may send question to