French | Spanish | Portuguese | Italian | German | Japanese | Chinese | Korean | Russian | Arabic

Attachments are one of the easiest ways for a malicious hacker to attack your computer, so have your wits about you each time you open an attachment. This sidebar discusses the ways in which attachments can pose a threat to your computer and the best way to protect yourself.

An Executable File or Script File Can Do Damage

The most straightforward threat is an attachment containing an undisguised executable file or script file that you can be persuaded to run. By the beginning of the twenty-first century, most computer users know that it’s a really bad idea to execute an executable file or script file that they receive as an e-mail attachment - even if it comes from someone they know, trust, or even love - so most malefactors have taken to disguising the executables or scripts they send.

An Apparently Harmless File May Be a Disguised Executable or Script

Even if you’ve chosen to display file extensions as discussed in Article 9, the true extension of the file can be hidden behind a part of the filename masquerading as the extension.

For example, if Windows is hiding extensions as it does by default, and someone sent you the executable file New Xtina pic.jpg.exe, it would appear to be named New Xtina pic.jpg. Since JPG is a graphics file format, you might think it safe to open the file - but opening it directly would cause the executable file to run. Trying to open the file from a graphics program would cause an error, as the graphics program wouldn’t be able to open the executable file.

Even if you’d cleared the Hide Extensions for Known File Types check box on the View page of the Folder Options dialog box from Explorer so that Windows displays most extensions, a file with one of the superhidden extensions .url, .jse, .js, .shs, .lnk, .shb, .job, .vbe, .vbs, .scf, or .wsf would still appear to be a different type of file. For example, New Shakira Hit.mp3.js would appear to be named New Shakira Hit.mp3.

A Document File May Contain VBA or Other Executable Code

Even if the file is of the file type its extension suggests, it can still be dangerous. For example, a file created by a program that acts as a Visual Basic for Applications VBA host - such as a Word or WordPerfect document, an Excel workbook, a PowerPoint presentation, or an AutoCAD drawing - can contain executable code in macros or user forms that can attack your computer. VBA and other scripting languages can take extensive actions on a computer - anything from formatting a disk to installing a back-door administration program or silently e-mailing your most private files to persons unknown.

Always Virus Check All Attachments You Receive

Because of these dangers, it’s best never to open any attachment from anyone without virus checking it first. Even if you know the sender and you’ve checked their e-mail address to make sure the message and attachment are really from that person, bear in mind that their computer could be infected with a virus that’s using the e-mail client automatically to spread itself. Alternatively, your apparent correspondent’s e-mail account could have been hijacked, either at the computer or at the server, and used to distribute malware. Or the person could have sent you, intentionally and in good faith, a document that they didn’t know had been infected with a virus.

The best way to virus check all documents is to use antivirus software that monitors all the comings and goings on your PC, including the e-mail you receive and send. Such antivirus software may slow down an older PC enough to be annoying, but it’s still far better than having to disinfect a computer that’s caught a virus. Restoring data from backup takes time and effort. And having to re-create data files you’ve lost because of an attack that struck when you didn’t have a backup takes longest of all. So it’s well worth investing in an antivirus program that automatically checks all incoming e-mail and attachments - and running it all the time.

Turn Off the Preview Pane in Windows Mail

For extra security, you may want to avoid using the Preview pane in Windows Mail, because the act of displaying the message in the Preview pane can run a script that can trigger some kinds of virus. To stop using the Preview pane, choose View Layout. Windows Mail displays the Window Layout Properties dialog box. Clear the Show Preview Pane check box in the Preview Pane area, and then click the OK button. However, because the Preview pane helps you process your e-mail quickly, and because most viruses travel as attachments, most people choose to continue using the Preview pane. Some antivirus programs can also guard against this type of script.

Use the “Do Not Allow Attachments to Be Saved “ Option

As discussed in the section “Security Page Options,” earlier in this article, the Security page of the Options dialog box for Windows Mail includes a check box called Do Not Allow Attachments to Be Saved or Opened That Could Potentially Be a Virus. If you select this check box, Windows Mail won’t let you save or open attachments whose file types could contain a virus or code. These file types include executable files and scripts, of course, but also include documents that could contain VBA code or code in another scripting language. The problem with this option is that when you use it, Windows Mail typically ends up “protecting” you from a large number of harmless files that you want to work with, such as Word documents that contain customized toolbars. So if you use this option, you’ll need to toggle it on and off frequently: Keep it on until Windows Mail notifies you that it has suppressed an attachment because it might be dangerous; turn it off so that you can set your antivirus program on the file and decide if it’s a friend or a foe; and then turn it back on again so that Windows Mail is protecting you once more.

Because of all this maneuvering, many people find that antivirus software, run constantly and updated whenever possible, provides a more satisfactory solution to the problem of dangerous attachments. This is especially true because malefactors can produce new types of viruses that inhabit supposedly harmless files. For example, JPEG images used to be safe, but now they can be loaded with code that can be run automatically by an extractor program that has been surreptitiously installed on your computer. If the extractor program hasn’t been installed on your computer, the code in the doctored JPEG images does nothing.

Managing Your E-mail Messages

To keep your Inbox in order, you’ll need to manage your messages carefully, by deleting messages, moving them to folders, and being able to locate messages for reference. You may also have to move your message store, and you should certainly back it up to safeguard against data loss.

Deleting a Message

To delete a message from the Inbox, select it and click the Delete button the  button on the toolbar or press the Delete key. Doing so moves the message to the Deleted Items folder. To delete everything in the Deleted Items folder, right-click the folder, choose Empty “Deleted Items” Folder from the context menu, and then click the Yes button in the confirmation message box that appears.

Cleaning Up Messages

If you send and receive many messages, and subscribe to many newsgroups, the messages and posts can take up a lot of space on your hard disk. To reduce the amount of space taken up, or the amount of information stored, follow these steps:

1. Choose Tools Options. Windows Mail displays the Options dialog box.

2. Click the Advanced tab. Windows Mail displays the Advanced page.

3. Click the Maintenance button. Windows Mail displays the Maintenance dialog box.

4. Click the Clean Up Now button. Windows Mail displays the Local File Clean Up dialog box .

5. In the Folders For text box, make sure the right account is selected: Windows Mail for all your accounts, or a specific mail or news account by name. If it’s not, click the Select button, select the account in the resulting Windows Mail dialog box, and click the OK button.

6.Click the button for the action you want to take:

Remove Messages Click this button to delete the bodies of downloaded messages but keep the headers. Because the bodies tend to be bulkier than the headers especially for messages that have attachments, this action can recover a good amount of space.

Delete Click this button to delete all the messages both headers and bodies. This action reclaims even more space, but it doesn’t leave much behind.

Reset Click this button to delete all the messages again, both headers and bodies and reset the folder so that it will download the message headers again. This action is best saved for when an account has become corrupted.

7. Click the Close button. Windows Mail closes the Local File Clean Up dialog box and returns you to the Maintenance dialog box.

8. Click the Close button. Windows Mail closes the Maintenance dialog box and returns you to the Options dialog box.

9. Click the OK button. Windows Mail closes the Options dialog box.

Moving a Message to a Folder

You can move a message to a folder in several ways:

• From the Inbox, click the message header and drag it to the appropriate folder in the Folders pane.

• From the Inbox, right-click the message and choose Move to Folder from the context menu, or choose Edit Move to Folder. Windows Mail displays the Move dialog box. Select the folder and click the OK button.

• From a message window, choose File Move to Folder. Windows Mail displays the Move dialog box. Proceed as described in the previous paragraph.

You can also copy a message to a folder instead of moving it by using the Copy to Folder command instead of the Move to Folder command.

Moving Your Message Store

By default, Windows Mail puts your message store the file that contains your messages in a file named WindowsMail.MSMessageStore in a folder within your user account folder. This is normally a good place to store your messages, but you can move your Windows Mail message store to a different folder if need be - for example, if the current drive is getting full. The folder to which you move the message store must be empty. To move the message store, follow these steps:

1. Choose Tools Options. Windows Mail displays the Options dialog box.

2. Click the Advanced tab. Windows Mail displays the Advanced page.

3. Click the Maintenance button. Windows Mail displays the Maintenance dialog box.

4. Click the Store Folder button. Windows Mail displays the Store Location dialog box, as shown here.

5. Click the Change button. Windows Mail displays the Browse for Folder dialog box.

6. Select the folder for the new location and click the OK button. Windows Mail moves the folder and returns you to the Store Location dialog box.

7. Click the OK button. Windows Mail displays a dialog box telling you that the store location will not be changed until you shut down Windows Mail.

8. Click the OK button. Windows Mail closes the Store Location dialog box and returns you to the Maintenance dialog box.

9. Click the Close button. Windows Mail closes the Maintenance dialog box and returns you to the Options dialog box.

10. Click the OK button. Windows Mail closes the Options dialog box.

11. If you want to move your message store immediately, exit Windows Mail immediately. You’ll see an Explorer Copy window as Windows copies the files. Once the copy operation is complete, Windows Mail restarts.

Finding a Message

To find a particular message, take the following steps:

1. Click the Find button page, or choose Edit Find Message. Windows Mail displays the Find Message window .

2. Enter such information as you can muster about the message in the From, To, Subject, and Message text boxes; specify dates in the Received Before and Received After boxes if possible; and select the Message Has Attachments check box or the Message Is Flagged check box if applicable to narrow the field further.

3.Click the Find Now button. The Find Message window displays the messages it finds in a list box at the bottom of the window.

4. Double-click a message to open it.