Securing Outlook


Product Life Cycles
Back
Microsoft Messenger

I received this from a friend on Compuserve who got it from somebody who got it from ...

You get the idea. But it all makes pretty good sense to me.

Securing Outlook:

I have been using Outlook for several years and have yet to be infected by any malicious virus, worm, trojan, etc. There are a few settings changes that will make Outlook as safe as any other email program, coupled with a good, regularly updated anti-virus program, a firewall and plain old common sense.

The following applies to all versions of Outlook, full and Express.

1. In Control Panel, go to Folder Options and then the File Types tab.
Scroll through and find all script file types listed. The common types include JScript (JS), JScript Encoded Script (JSE), Windows Script Component (SCT), Visual Basic Script (VBS), Visual Basic Script Encoded (VBE), Windows Script Component (WSC), and Windows Script File (WSF). For each and every one, make sure that they are set to open with Notepad. If they aren't, click the Change button and select Notepad as the default program. Then click Edit or Advanced, highlight Edit and click Set Default.

2. Still in Folder Options, go to the View tab and uncheck Hide Extensions for known file types. One trick that malicious virus emailers use is to make the virus file name "something.jpg.exe" With file extensions hidden it appears to be an innocuous picture file ie. something.jpg, but when opened, the virus program is executed and does its nasty work.

3. Back in Control Panel, go to Internet Options, then the Security tab. Click on Restricted Sites, then Custom Level. Set everything in there to Disable or High Safety. Click OK all the way out and close Control Panel.

4. In Outlook, click Tools, then Options, then the Security tab. Depending on the version, there will be something on that page asking what security zone to use for Outlook. Select Restricted Sites Zone. Outlook Express 6/XP has a new feature where you can be warned if another program tries to send email and also an option to disallow saving or opening attachments that could potentially be a virus.

5. Create an entry for yourself in the default address book. If by chance a trojan or worm sends email to all entries in the book, you would at least get a quick heads-up, rather than an angry friend on the phone yelling that you sent him/her an infected email.

6. Full versions of Outlook, 98 and later, have the option for preview pane and that has been targeted as a potentially unsafe feature, since the email is essentially opened when viewed this way. A safety workaround if one wants the convenience of the preview pane, is to go to View, Current View and select either By Conversation Topic or By Sender. Then click the + next to each topic or sender to view the sender, subject and recipient. If the email is unwanted and/or suspicious, it can be deleted without opening it.

7. Get a good anti-virus program, and most importantly, keep it updated!!

8. A software firewall can also provided some email protection. Zone Alarm Pro has a feature that will change the extension of file attachment so they can be investigated thoroughly before opening or executing.

9. Use your own God-given brains. If you aren't expecting a file from someone, DON'T OPEN IT!! Don't click on any old link that appears in an email. Hover the mouse cursor over it and look at the status bar to see what the URL really is. When in doubt, don't do it!