May 4th 2000 was the first time that many organisations got hit by a computer virus, the way it spread by getting the infected computer to send emails to addresses on its contact list was new at the time and started the trend of targeting users trust and intriguing subject headers to get people to open the mail and attachment allowing the virus to spread again. I remember the day quite well and the support lines were extremely busy as users mail systems were swamped by the volume of mail that was getting sent around. As users recognised the sender of the mail they assumed it was safe, the intriguing nature of the mail “I love You” meant it got opened time and time again and it just spread.
10 years on and many things have changed, most people recognise the importance of anti virus software and keep it updated, however the way the writers of malicious code work still prey on similar vulnerabilities of users, recently we have seen users get emails apparently from Royal Mail or DHL saying that a parcel has tried to be delivered but you the recipient were out, and so they are emailing you the details. Once you click through the website wants to download some software allowing you to view the info. And once you agree to download it you’ve got a problem…. the malware is on your machine and the problem start. It all boils down to us wanting to know what’s been delivered, even though we have never given our email address to DHL or the Royal Mail we still believe the strap line and click through. You see computers that have security software installed are great at blocking unwanted problem software, but once a user agrees to install it there’s very little the computer can do apart from to try and quarantine it. Another favourite is for a website to claim you have some malware installed and to download some free security software to remove it. In fact you have nothing to worry about on your machine until you download the false security software which disables the legitimate security software and does its utmost to stop your uninstalling the rogue software.
So 10 years on and the techniques to trap us, use the same basic techniques, trick the users! However the effort the writers of this software are taking make it seem so convincing. If in doubt, don’t install anything on your machine before checking with your IT team or with Technology Management.
There’s a nice video on the BBC website reminding us about the way we were back in the year 2000, couldn’t help but notice how basic Outlook looked 10 years ago!