It used to be scary easy.
It used to be that simply viewing a malformed email could allow a virus to spread. Thankfully, that’s no longer the case with modern mail programs.
In the past, asking if your machine could catch a virus just by reading email got laughs from the geeks. “Of course not!” they chuckled.
Then came Outlook.
Not only could opening an email infect your machine, but for a while, you didn’t even have to be around to have it happen!
The geeks stopped chuckling.
Fortunately, today things are different.
It used to be that email programs would automatically run programs embedded in email messages when displayed, and occasionally those could be malicious. This is no longer the case, and you will not get a virus from looking at an email. It remains important to be skeptical with links and attachments, and to keep all software as up to date as possible.
HTML is the “language” of the web. It’s the way webpages are written and described so your browser can display them as the designer intended.
Your browser, and the HTML displayed in it, became a platform for computer programs.
Then came email.
Email used to be plain-text only, and some of it still is.
But email began to be encoded using the same language as webpages: HTML. In HTML email, words can be bold or underlined, we can insert images, and more. Now email could be as “pretty” and complex as a magazine page.
Since many email programs simply used the web browser to display HTML, email messages could also now do things.
Then came malware.
Since email could “do things” like run small programs within their display window, it didn’t take long for hackers to write malware not only taking advantage of that, but exploiting vulnerabilities those programs could reach. Those vulnerabilities allowed them to infect your machine with more malware.
All because you opened your email and looked at it.
Before it got better, it got worse.
Then came Outlook.
The Preview Pane
I say “Outlook,” but any email program offering what we now call a “preview pane” was vulnerable. Outlook was one of the earliest and most popular.
It worked like this:
- You left your email program open with the preview pane showing.
- You had your most recent email message displayed in the preview pane.
- You walked away.
- You got a new message. Outlook, keeping the selection at “most recent”, selected the newly arrived message and updated the preview pane with its contents.
Your email program “looked” at a message and your machine was infected. You weren’t even there.
Fortunately, this didn’t last long.
Modern email programs and sites don’t do that
That possibility was quickly fixed.
Along the way, vulnerabilities related to email-based exploits have also been getting fixed, regularly and quickly.
Additionally, images aren’t even displayed by default by most email programs. This is done for reasons related to spam, but it also increases your malware-related security.
Today, things are very different.
No, you cannot get infected by just looking
Opening an email is a safe thing to do.
Having your preview pane open is a safe thing to do, even if you’re not around.
Email programs and email services no longer allow the things that once upon a time made looking at an email risky.
You can still get infected if…
The one thing missing from the discussion above is attachments.
The ability to attach an arbitrary file to an email message predates HTML-formatted email. It’s a convenient way to transfer a file from one place to another.
Unfortunately, the word “arbitrary” is appropriate. Any file can be attached to an email, including programs that would infect your machine with malware.
That’s why one of the admonitions you hear over and over is to never open an attachment you’re not expecting
and that you don’t know for certain is safe.
You can get infected by just looking at the contents of an attachment.
Email safety rules
This post was written by Leo Notenboom and was first posted to AskLeo.com
Do you find this article helpful? Your Friend might too. So, please Share it with them using the Share button above.
Will you like to get notified when I post new updates? Then Follow me on any of my social media handles: Google News, Telegram, WhatsApp, Twitter, Facebook, Pinterest.
You can also drop your email address below if you wish to be notified by mail.