“Here You Have” Virus: Hype Versus Risk
The mainstream media is swooning over the recently discovered “Here You Have” virus, which spreads via malicious links in email messages. The virus, also called Imsolk, has infected some high-profile companies including Disney, Proctor & Gamble and Wells Fargo, according to reports.
It’s typical that the viruses that get the most attention are those that happen to infect big-name organizations. (Note that ABC News reports that ABC/Disney itself was infected by the virus.) In this case, the virus itself is not that scary. Sure, it’ll infect your computer, disable your security protections, spread through removable drives and network shares, and send itself to everyone in your contacts list. But a lot of viruses do that. And yes, it’ll overwhelm your network if you allow it to run rampant, which is what appears to have happened at some of these large companies. But, the thing about Here You Have is that it’s avoidable if you follow some simple precautions:
- Never click on email links.
- Run a good-quality security suite that includes antivirus and anti-spyware protections. The major security programs have already been updated with protections against Here You Have.
And, if you’re in a corporate setting:
- Filter spam at your network perimeter.
- Block unnecessary attachment types, like the .SCR file type used by Here You Have.
Want to know the viruses that scare me? The ones no one hears about because they are too sneaky. The ones that work silently, slipping into your computer without any interaction from you. The ones that can’t be removed with standard security tools. The ones that secretly record your keystrokes and quietly commandeer your computer. The ones that only infect a few computers at a time so as not to be detected.
That’s not to say you shouldn’t be wary of Here You Have, especially since it appears new variants of the virus are arising. But remember, the viruses that do the most damage don’t always make the headlines.
Honestly, you have to be a complete dope to click on an e-mail virus such as this one, so what does this say about ABC/Disney?
HOWEVER, Microsoft Outlook opens up the accursed “Preview Pane” by DEFAULT, and it wouldn’t surprise me if this is how the virus has been propagating. Microsoft should be sued both for keeping Preview Pane the default after all these years, AND for not even providing an easy way to deploy Outlook with that capability turned off and the safer “Autopreview” enabled.
I haven’t come across “Here You Have” virus, but thanks for the warning. My friend has the “My Security Shield” virus, and that appears to be a really bad virus.
Albatross: I hate Outlook’s Preview Pane for exactly that reason, and I recommend people turn it off. Unfortunately many programs, Outlook included, go for convenience over security. Is it any wonder people have trouble keeping their computers clean when software vendors add to the problem?
Carol: My Security Shield is an example of scareware, rogue security programs that pretend to be the real deal and try to con you out of your money while disabling real protections. IMO those are far worse threats than a virus like Here You Have which can easily be avoided by not clicking on the link. Your friend is welcome to contact me for help getting rid of the scareware. Malwarebytes (http://www.malwarebytes.org) may be of help.