Hi, in light of the fact that I need to log in to my email on another computer other than my own, I’d like to know if there’s such a thing as malware/spyware/virus that could get onto an email account simply by logging in to it on said computer (without opening attachments, bad messages or uploading files, but just by opening the account), and than bring itself onto my computer when I subsequently log in to my email on it.
Generally the account isn’t infected as such, but hijacked by harvesting your logon details. If the computer that you used had been infected it could capture all of your logon information for more than just your email account. So you have to trust that that computer is clean or don’t use it.
It isn’t too dissimilar to answer given in one of your other topics. Since your email account is in an OS environment as such it would be quite hard to run code.
You will notice that many answers in this forum won’t give you a 100% guarantee on something never happening, there are just too many permutations.
The predominant issue in relation to email accounts, those email servers (be they for webmail or regular email program) is there being hacked and that doesn’t require your logging on and sending out spam. Or as mentioned your logon information harvested and used to send out spam.
I’m not really worried about that, since f(as an example) regarding someone getting my logon password, gmail has a list of recent logons and their IP addresses, so I’d see any suspicious logons.
But malware getting into my account from a computer and then bringing onto mine when I log on my PC, that’s something that concerns me. Which is why I wanted to know if such a type of malware/spyware exists.
Though you don’t think it does.
If you look at it in the same way that an infection works on your system. First the infection has to get on to your system (and just logging on to your email account isn’t going to do that) and then it has to run (something else on your system calling it) and that requires the assistance of your operating system.
This is unlikely to be present in a mail server, yes a mail server has to have a back-end operating system, but that too is unlikely to be the same as a conventional desktop OS but a Server OS. This should really be tied down and restricted to prevent this. Some of these servers may well even be using a non windows server version.
You’re more likely to get infected by email spam/phishing if your account was hacked or the logon details harvested. Then it is simple to try and get you to run an attachment or click on a link to take you to a site where you are likely to be the target of a driveby download.
By the way, just to clarify; I don’t think that the (hopefully non real) situation I’m concerned about is considered “infected” per se. It’s more a fear of a piece of spyware creeping into and than sitting on a email account just waiting to crawl out onto the next computer the account’s logged onto with. I don’t think that would be considered “infected”, but rather the account’s being used as a vehicle to carry the spyware around to another computer.
Are your thoughts the same regarding the above?
Things don’t just crawl out, they need to be activated/run and to do this from a mail server is highly unlikely even it it had been hacked.
You’re more likely to have what I have already covered, receipt of spam, social engineering scams or phishing emails. These may come with links to suspect sites where you may come into contact with driveby attacks or trying to get you to open attachments.
When someone’s concerned and gets a reassuring answer and says he hopes that answer’s correct, it doesn’t mean he doesn’t put value in it (or he wouldn’t ask as you correctly point out) but rather in this case, hopes there ins’t such a malware that the responder hasn’t yet heard of (it’s always possible, which is why I hope he’s right that it doesn’t exist).
No one can ever give you a 100% not this can’t happen - if you seek that kind of assurance you unlikely to get it anywhere. No one can say what might happen tomorrow as that is unknown.
The best advise anyone can give you is to have a robust backup and recovery strategy; regularly backup your system (drive imaging software) at least weekly, so you can recover from such eventualities.
Plan for the worst and hope for the best, as they say if you fail to plan then you plan to fail.
Though I’m not really worried about that eventuality, since I’m backed up.
I was concerned about spyware crawling onto my email account and from there onto my PC and stealing information, not a system failure. But you say there’s no such a thing as spyware as such, so thank you.
When you first experience a real problem virus or otherwise you will sing from a different hymn sheet. I have never used my drive image software to restore after a virus attack I haven’t had one since using avast (over eleven years).
But I have used it for other computer relates issues, for me if the problem is going to take more than 30 minutes I go back to the last weekly image backup. It has saved me a lot of grief over the years.
You won’t believe the hassle if you ever have to restore back to a certain date - just setting browsers, email programs, customisations, ad-ons, etc. etc… A bad windows update comes to mind.
Its your system and your choice, but what I can’t fathom is why all of these questions you have been asking and then trusting to luck if you ever get hit.
I just spent several hrs. doing a clean install of Windows 7 Ultimate Sp1 on a system. (It originally had Vista on it.)
It then took another day to do all of the updates and installation of the programs I wanted. No Fun…
I just spent another 25 minutes doing an image backup because I never want to go through that ordeal again on that system.
For my computer, creating a drive image would take many hours every time.
I create restore points very often as a system backup option if needed.
You misunderstood what I said, I only said general viruses and malware don’t concern me for the purposes of this question regarding spyware going into and then coming from an email account to my computer.
But in general, I’m VERY concerned, cautious and careful to prevent viruses and malware, which is why I use the programs below (Avast, Malwarebytes Anti-malware & anti-exploit, SuperAntiSpyware, MCshield and WinPatrol). In addition to those, I use Ccleaner very often and AdwCleaner periodically. I also disabled the Flash plugin on Chrome, only to be enabled when absolutely needed (good thing Chrome finally removed the Java plugin, not that I’d use it anyway).
Obviously I try to keep safe browsing habits as well.
It is precisely due to caution I generally exercise, that I got concerned when the above-discussed question about the email spyware occurred to me, thus I was focusing only on that in this thread (at least till now).
I’d love to hear your suggestions if you think I should add anything to the list.
Lets see how you feel after your first serious issue where you have to start from scratch.
As I said I can’t understand why with the questions you asked before and your stating “But in general, I’m VERY concerned, cautious and careful to prevent viruses and malware,” why you wouldn’t convert this caution into action and have a robust Backup and Recovery strategy.
As Bob mentions System Restore won’t give you that as it isn’t a full backup, it doesn’t cover everything.
How would you recommend I create a system image when Vista Home Premium doesn’t have that capability (it only backs up files)? Is there a 3rd party program you’d suggest?