Posted by James Robshaw on 09 May 2006 08:13 AM
1. Most of the worms which use email to propagate use Microsoft Outlook or Outlook Express to spread. If you use Outlook, download and install the latest Outlook security patch from Microsoft. In general, keep your operating system and applications up-to-date and apply the latest patches when they become available. Be sure to get the updates directly from the vendor.
2. When possible, avoid email attachments both when sending and receiving email.
3. Configure Windows to always show file extensions. In Windows XP, this is done through Explorer via the Tools menu: Tools -> Folder Options -> View - and uncheck "Hide file extensions for known file types". This makes it more difficult to for a harmful file (such as an EXE or VBS) to masquerade as a harmless file (such as TXT or JPG).
4. Never open email attachments with the file extensions VBS, SHS or PIF. These extensions are almost never used in normal attachments but they are frequently used by viruses and worms.
5. Never open attachments with double file extensions such as NAME.BMP.EXE or NAME.TXT.VBS
6. Do not share your folders with other users unless necessary. If you do, make sure you do not share your full drive or your Windows directory.
7. Disconnect your network or modem cable when you're not using your computer - or just power it down.
8. If you feel that an email you get from a friend is somehow strange - if it is in a foreign language or if it just says odd things, double-check with the friend before opening any attachments.
9. When you receive email advertisements or other unsolicited email, do not open attachments in them or follow web links quoted in them.
10. Avoid attachments with sexual filenames. Email worms often use attachments with names like PORNO.EXE or PAMELA_NUDE.VBS to lure users into executing them.
11. Do not trust the icons of attachment file. Worms often send executable files which have an icon resembling icons of picture, text or archive files - to fool the user.
12. Never accept attachments from strangers in online chat systems such as IRC, ICQ or AOL Instant Messenger.
13. Avoid downloading files from public newsgroups (Usenet news). These are often used by virus writers to distribute their new viruses.
14. Check for the closed padlock or key symbol (SSL) in the browser window when entering your credit card details and other personal / financial information on a web site.
15. Use anti-virus software and keep the virus recognition data files up to date.
16. Install a firewall. They're not as complicated as you might think.