Thursday, 30 March 2006

Virus Alerts are as Bad as Spam

Many email security products or services will warn you if they detect a virus in an incoming message. You'll receive a Virus Alert message in your inbox that either includes the original plain text message with the attachment stripped out, or has just a simple notification that "so-and-so sent you a virus, and click here to read the message in the quarantine." The intention is that you can contact the sender and tell them that they have a virus on their PC.

The problem is that these days, most virus-infected email is been sent not by users, but by other viruses. It's effectively spam, except the motivation is to take over your computer, not to sell you ... uhhh ... things. The viruses will often use the same lists of recipients as spammers do. Naturally, there's no point in contacting the "sender" of the message -- it's probably forged.

The upshot is that these virus alerts messages are now just as bad as spam. Only a tiny proportion of them are any use. Email security solutions should be more selective of which messages they warn about.

No comments:

Post a Comment