NTX Tech - Computer Help for the Non-Geek

A Word about Forwarding E-Mails

Have you ever had someone contact you to complain that you sent them a virus?

David Cloyd, of CatHawk.com, explains how someone may think you sent them a virus-laden e-mail. His article is reproduced here by permission. Thanks, David.

Now, this is how your friend might get the idea that you sent them a message with a virus in it:

This is one of those instances that resulted from someone sending out messages but not using the BCC (Blind Carbon/Complimentary Copy) option.

Here's how it works:

When a message is sent out with everyone's address visible (they DIDN’T use the BCC method), then any one of those visible addresses can be used by someone who eventually gets a copy of the message. And it could be that they deliberately use it or it could be used unknown to them (by a virus).

For example, Bob sends a message to 40 friends; one of those friends is Al. Al forwards the message (all the addresses are still visible) to 40 friends; one of those is Jane. Jane sends the message to 40 of her friends (all of those 40 addresses are visible, plus the first 40 that came from Al). One of Jane’s 40 friends is Steve.

Steve reads and keeps the message.

Later (even years later), Steve gets a virus and the virus is designed to send a copy of itself to every address in every e-mail message that Steve still has on his computer. The virus sees a message with the 120 addresses (Bob’s 40 addresses, followed by Al’s 40 addresses and, finally, Jane’s 40 addresses – all of those addresses are visible).

The virus picks one address out of the first 40 addresses (the ones from Bob). The virus then creates a new e-mail message with a copy of itself in it and, then, fakes the From: part of the new message with the address that it picked (this is easy to do). It then sends the message to the other 39 addresses.

It then does the same thing with the other two groups of 40 addresses.

The virus's advantages for doing this are:

1) the address that it picked and used when faking the From: part of the message is most likely in the other 39 peoples' address books. As a result, anti-spam programs will allow it through because that address is a known good-guy (the address is in their owner's address book).

2) all of the addresses in each group are probably good addresses.

This, of course, is why we should all be using the BCC method when we send messages to a group, such as to family or to other groups: the addresses won’t be visible and can't be used in this way, which is the main reason for the BCC option.

The other thing that we should all be doing in addition to using the BCC method of addressing messages is:

Before forwarding a message, delete all of the other addresses in the message (the ones that are visible because other people didn't use the BCC method) so that only the basic message is left. That way, we are cutting the line and no one after us will ever be affected because of our actions (or lack of).

Some people say this about deleting all of the visible addresses: “That will take too much time” or “That’s a lot of work.” In that case, the polite thing to do that shows great manners is to NOT forward the message, no matter how wonderful the content might seem.