Charlie Robinson Florida Elder Law Attorney




410 South Lincoln Avenue
Clearwater, Florida 33756-5826
Phone: 727.441.4516 Fax: 727.447.7578
E-mail: elderlaw@charlie-robinson.com
 		 Search our library

 

 

 
About Us  
What's New  
People We Can Help

 

Resources

 

Respite Room

 
Site Map  
The Future
Of Law
Practice 		 
  Certified Elder Law Attorney

 

 
NEWS ITEM:
8/21/2002   Who Sent Me This? Klez spoofing more than just annoying
Source:  
Who Sent Me This?
Klez spoofing more than just annoying

The Klez virus uses a variety of menacing tactics designed to make even the most patient person scream.

The virus takes advantage of Microsoft software vulnerabilities and collects email addresses from  address book and other documents on an infected computer and sends itself off to those addresses.

The virus spoofs the From address on the email, making it appear the virus is being sent from a completely innocent and uninfected person.  Klez is a master at forgery.

The virus usually arrives in an email with a random subject line and message body such as hello, how are you, etc.  The email appears to be from somebody known to the recipient.

In one week our office  received over 38 virus detection warnings that appear to be from us.  We do not have the Klez virus. An infected computer with our address in its files is sending emails that look as if they have come from us. 

  • Emails from our office will be from "name@charlie-robinson.com," example:  louiser@charlie-robinson.com. 

  • The subject line of emails to our clients will always contain the file name and file number (unless replying to YOUR email).

  • We only attach Word and Excel documents. 

  • Our office will not send out jokes.

  • Emails from rclaw.com are being generated by a virus-infected computer and are infected with Klez.  Delete them.
    •

There are many Klez variants.  The latest, W32.Klez, is hitting more home users than corporations.   Take steps to protect your computer now.

  • Run anti-virus software and update it weekly.

  • Use the Microsoft update website, particularly their Critical Updates, at least once a month.

  • Treat email attachments and any other unknown programs with caution.

  • Delete emails that look suspicious to you.

  • Make sure that you can see file extensions on your computer.

  • Watch for email attachments with the following ending: ".exe"  ".com"  ".bat"  ".scr"  ".pif"  ".shs"  ".js"  "hta"  ".vbs".  Treat these files as you would hazardous waste material.

  • Be aware that most software is out-of-date even on the installation CD or website download.  Check for updates and patches immediately after installation.

If your computer becomes infected,  scan your system with updated anti-virus software to determine exactly which variant you have. Then use the appropriate tools to remove it.   There are many good anti-virus programs available.  The key to security is to update whatever software you choose regularly.

 

How do I prevent email viruses?

Rule 1: Identification - Understanding the nature of the attachment is the first step towards email safety. Any executable type attachment has the potential to be infected. This covers a wide range of extensions. Complicating matters is that, by default, Windows suppresses file extensions. Enable your system to view the extensions.

Rule 2: Intent - An executable type attachment should not be opened unless it was specifically requested or expected. Since email viruses are sent to and from addresses found on infected computers, just knowing the sender is no proof of intent. In fact, odds are an email virus will arrive from someone you know and the sender does not know that the virus-infected email has been sent from his machine. If you receive such an email from someone you know, email that person and ask if they intended to send you the attachment. If you don't know the sender, stifle your curiosity and delete the email.

Rule 3: Necessity - This is the simplest rule to follow, but one that many people ignore. If you do not need the attachment, don't open it. Delete the email instead.

Rule 4: Disable scripting - To date, email viruses have taken advantage of security vulnerabilities found in Microsoft Outlook and Outlook Express. However, any mail client that supports HTML and scripting should be considered at risk. For instructions on securing your particular mail client, use the Help in your program or go to the manufacturer's site.

Rule 5: Patch your system - Microsoft routinely releases approximately 100 security patches per year. Microsoft simplifies the process by providing a Windows update site. The site will automatically scan your system and provide a list of recommended updates. Any included in the "Critical Updates" section should be installed. Of course, security is an ongoing process as new vulnerabilities are constantly discovered. Make it a point to visit the update site to ensure necessary patches are in place.

Rule 6: Virus Protection - Be sure to have up-to-date virus protection software such as Norton Anti-Virus (as used by our office) or McAfee. Check the software site often for updates.

 
We are not infected with the Klez virus.  We don't know if you are infected.  You may be.  Even if you are not, somebody out there who is infected has your address and our address on their computer and may be spreading the Klez virus.

We plan to continue our anti-virus security measures.  We hope that you will too.

 

 

All contents © 2006 The Law Offices of Charles F. Robinson