Email Security Intelligence - How A Virus Sent An Email To All My Contacts

Every day, users receive emails from companies they aren’t familiar with. It seems harmless enough, but opening a malicious email can compromise your private information.

For years cyber thieves have been using malware to hijack email accounts and use them to send messages to all of your contacts in your address book. Once hackers get their malware into your device by sending emails and manipulating you into opening an attachment, the malware installs itself on your computer and uses your email app to send copies of itself to everyone in your email list.

Your contacts will receive the same request to open the attachment, believing the sender is legitimate and trustworthy. The virus will continue to spread unless a contact brings it to your attention, at which point you can attempt to minimize the damage. This article will discuss the different types of malware viruses that you should be aware of, as well as prevention methods so that your business doesn’t fall victim to an attack.

What Is Malware?

Malware is any software that is used to cause harm and can come in the form of viruses, worms, Trojans, ransomware, adware, and more. Because of this, it’s more important than ever for IT security and business employees to understand malware warning signs.

Malware that can send an email to an infected system comes in several different forms. For example, spam emails will often aim to take advantage of your email client to send free advertising to your contacts. Bots, Trojans, viruses, and worms can send email messages on infected computers. A worm can copy itself as an attachment to an email message, delivering itself to all of your contacts.

Besides sending out unsolicited emails, malware can cause damage to your system and make changes without your knowledge. Trojans download programs, software, and illegal files to your computer. Bots take control of your computer without your knowledge to attack websites, financial institutions, and other networks. Email-based malware leads to productivity loss, as well as uses system resources, and may delete important messages. 

Likewise, email viruses can take many different forms including:

• Email spam: unsolicited email that usually spreads malware through links in the message. These links take the victim to a fraudulent website that steals their data or to other sites containing malware that infects their device.
• Multipartite virus: simultaneously attacks executable files and boot sector and can also wipe the hard drive or solid-state storage device.
• Resident virus: a virus that immediately installs itself on the victim's device as soon as an infected email is opened. Even if the primary virus source is removed, the virus remains in the system.
• Virus hoax: messages that contain a false warning about a threat that often instructs the recipient to take some action. These messages are a socially engineered email virus.
• Macro virus: written in a macro language used in other software programs, particularly Microsoft Excel and Microsoft Word, and is transmitted through a phishing email message containing a malicious attachment. The infected documents are often shared by forwarding the email, spreading, and infecting other devices.
• Spambot: programs that harvest email addresses to build mailing lists for sending spam.

Email viruses are dangerous as they gather the victim’s private information and contacts. An email virus can cause serious damage so quickly that by the time the victim realizes it, the damage is already done.

How A Virus Sent An Email To All My Contacts?

You might have inadvertently clicked on a link that contained malware, which accessed and allowed unauthorized access to your contacts and infected your computer. Alternatively, you downloaded a malware program that gave away full access to your laptop.

 In the worst case scenario, your email account may have been hacked, and the hacker then had access to all of your contacts.

When a person's computer becomes infected with a virus, the virus may send emails to all of the person's contacts without their knowledge or permission. The email may contain a message from the virus creator that looks like it comes from the person whose computer is infected. The email may also contain an attachment that, if opened, will infect the recipient's computer with the virus.

Viruses can spread quickly through email because people are often trusting of messages that appear to come from people they know. They may also be less likely to have security software installed on their computers that could detect and stop the virus before it has a chance to spread.

Once a computer is infected with a virus, the virus can do any number of things, including sending emails to all of the person's contacts. Viruses can also delete files, steal information, or even take control of the person's computer.

Maybe you've been there. You open your inbox to find a message from a colleague or client, asking why you sent them an email with a link to a shady website. Except...you didn't send that email. In fact, you don't even recognize the website. What's going on?

It's possible that your email account has been hacked, and someone is using it to send spam emails to your contacts. But more likely, what's happened is that your account has been infected with a virus known as a "worm."

Worms are particularly insidious types of malware, because once they infect your computer, they can spread themselves to other computers by sending emails from your account. And if those other computers are also infected, the worm can keep spreading, like a virus, until it reaches thousands or even millions of computers.

One of the most famous examples of a worm is the Blaster Worm, which first appeared in 2003. The Blaster Worm didn't just send spam emails; it also caused infected computers to crash and displayed a message telling the user to pay a "fine" of $300.

Fortunately, worms like Blaster are relatively rare these days. But that doesn't mean you're safe from email-based malware. In fact, many types of malware are spread via email, including viruses, Trojan horses, and ransomware.

So what can you do to protect yourself?

Warning Signs Your Account Has Been Compromised

Slow computer

The most common way to conclude your device is infected with malware is a slow computer. The operating systems will start to take a long time to boot and programs that suddenly take a long time to load out of nowhere.  Fans may start running despite a small workload.

Applications opening and closing

Applications on a computer opening and closing at random may also be a sign that the device has been infected. This may be normal for specific applications, however, it’s important to identify legitimate applications. A tell that sign that something is wrong is strange applications popping up during the system boot process.

Lack of storage

Depending on the type of malware, the number of files saved on your computer may increase. Files that are suspicious may take up a lot of space on a computer’s hard drive. Do not open any programs that you haven’t heard of or installed and research the name of the program to decide if it’s malicious.

Pop-ups and System Crashes

Unwarranted pop-ups on your desktop are a sign of adware and system crashes can be a sign of a computer infected with malware. Systems must be up to date and working properly to identify if malicious software is causing the crashes.

10 Steps To Prevent Your Account From Being Hacked

Protecting yourself online is a necessity in today’s digital era and can help protect your business, family, and friends while helping to prevent your email from being hacked. Some tips include:

• Use a password manager and two-factor authentication wherever possible.
• Endpoint protection should be the last line of defense, instead consider a multi-layered security system with proactive protection accompanied by expert, ongoing system monitoring, maintenance, and support.
• Don’t open suspicious links in an email or text.
• Use a VPN on your computer and your phone.
• Don’t use public Wi-Fi or public computers unless absolutely necessary.
• Implement a strong antivirus.
• Secure your router and Wi-Fi.
• Keep your computer and smartphone OS up-to-date.
• Keep all of your computer and smartphone apps regularly updated.
• Consider putting a credit freeze on your account.

The Bottom Line

Remember that after restoring your account it doesn't have to happen again in the future if you follow best practices to protect your account, starting with using a strong and unique password. Staying vigilant is the most important thing you can do to prevent harm from the genuine threat of sending malicious links to your contacts. Businesses should consider implementing two-factor authentication when given the choice as well as adding an alternate email address to their primary email contacts list. While antivirus software can play an important role in protecting against email viruses, it must be implemented as an element of a comprehensive, multi-layered cloud email security solution to effectively combat advanced attacks.