MessageLabs FAQ - Email AntiVirus Service

A virus is a software program designed to spread itself by infecting files and system areas of a storage device, such as a hard drive. You can't get a virus just by reading a plain-text e-mail message or Usenet post. Be careful of encoded messages containing embedded executable code (i.e., JavaScript in an HTML message) or messages that include an executable file attachment (i.e., an encoded program file or a Word document containing macros).

There are two types of anti-virus filters, one that blocks known viruses based on their signature and another that blocks new or unknown viruses based on behaviour. Many Anti-Virus companies use a combination of commercial engines to increase their chances of stopping a virus.

Many of the latest viruses forge the sender's email address. The technique, commonly known as spoofing, is used in order to cause confusion and attempt to hide the identity of the true virus sender. The Sobig and Klez family are examples of viruses that employ spoofing techniques. The difficult part is stopping new and unknown viruses. A heuristic algorithm that checks the structure and behaviour of the email attachment is a popular approach, although it takes years of data-acquired experience and expertise to create one that works well.

Phishing is the process of luring unsuspecting Internet users to a fake website by using authentic-looking email with the real organisation's logo, in an attempt to steal passwords, financial or personal information, or introduce a virus.

Short for malicious software, it is software designed to infiltrate or damage a computer system without the owner's informed consent. Malware includes computer viruses, worms, trojan horses, most rootkits, spyware, dishonest adware, crimeware and other malicious and unwanted software.

It is a type of malware that is installed on computers and collects information about users without their knowledge. The presence of spyware is typically hidden from the user. Spyware programs can collect various types of personal information, such as Internet surfing habits and sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software and redirecting Web browser activity. Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet or functionality of other programs.

It is any software package which automatically plays, displays, or downloads advertisements to a computer after the software is installed on it or while the application is being used.

It is a type of program that is often confused with viruses. Trojan Horse is not a virus, but simply a program (often harmful) that pretends to be something else. For example, you might download what you think is a new game; but when you run it, it deletes files on your hard drive. Or the third time you start the game, the program e-mails your saved passwords to another person.

This is a class of malware destined for one specific organisation or industry. These threats are of particular concern because they are designed to capture sensitive information. Targeted attacks may include threats delivered via SMTP e-mail, port attacks, zero day attack vulnerability exploits or phishing messages. The home user is the most targeted sector. Financial industries are the second most targeted sector, most likely because cybercriminals desire to profit from the confidential, sensitive information the financial industry IT infrastructure houses.

A self-replicating computer program. It uses a network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or devour files on a targeted computer.

A computer threat that tries to exploit computer application vulnerabilities that are unknown to others, undisclosed to the software vendor, or for which no security fix is available. Zero-day exploits (actual code that can use a security hole to carry out an attack) are used or shared by attackers before the software vendor knows about the vulnerability.

All MessageLabs services are based on a per user, per month subscription, plus a one-off minimal set-up fee.

You simply pay a fixed monthly cost based on the number of users connected. Each service can be purchased separately or you can bundle multiple services to provide complete security protection.

All pricing quotes are individually tailored for each client’s specific requirements and MessageLabs offers discounts for both scale and multiple services. To find out more, speak with a sales consultant.