An ESC! Magazine Editorial

March 31, 1999

How 'Melissa' Ruined It for the Rest of Us
-- or --
How to Avoid Getting It in the First Place

by Michael R. Potter

The Internet took a big hit this week.  The trust wall built up by the legions of Internet users over the last few years was torn down and destroyed in less than one day on March 29, 1999.  How?  Melissa struck. 

Before I get all the way up on my soapbox, let me give you a little background...

A Little Background
What -- or who -- is Melissa?  Melissa is a new form of Internet borne computer virus.  A Microsoft Word macro virus specifically. Basically what it does is force itself out through the Microsoft Outlook program via the first fifty entries in the address book when opened by an unsuspecting user.  From there is is sent over and over and over again until many avenues of the Internet become clogged and slow down from the sheer number of e-mail messages bearing Melissa zipping around.

For the original Melissa virus to work, several conditions need to be met first:  You must be running a Windows based computer.  You must be using Microsoft Outlook for e-mail (not Outlook Express).  You must be using your address book in Outlook.  When you receive an e-mail message containing the virus as a Word document attachment, you must open that document in Word and allow the macro code to run.

It is important to note that there are now a number of Melissa variants out there which are not as specific about the requirements of your system before they trigger and cause their "damage".  Many of the variants will now work through any e-mail program.

What Can You Do?
Before you panic, there are a few simple things you can do to prevent your system from becoming infected with the Melissa virus or any other macro virus.

First, NEVER open an attachment directly from your e-mail program.  This goes for both EXE (executable) and DOC (Word Document) attachments.  ALWAYS save your attachments to a temporary folder on your system first.  Then SCAN your temporary folder for viruses using an up to date virus checker like Norton AntiVirus.  Don't have a virus checker?  GET ONE NOW and UPDATE IT WEEKLY.  If you are having trouble connecting to your particular virus manufacturer's web site, you could alternatively go to ZDNet's Hotfiles web site: They have the latest updates for most of the major anti virus packages.

Second, if you are opening a document which was e-mailed to you, NEVER allow the macros to run when Microsoft Word asks you if you'd like to run them.

Finally, ask people to send you attachments in "safe" formats like ASCII (plain text) or RTF (Rich Text Format).  Or better yet, embed the text of their document directly within the e-mail message.  This avoids attachments altogether.

The Soapbox: Why Am I Bothered By All This?
The most insidious thing about Melissa is that it sends itself out using your own address book.  This means that the attachment looks like it is coming from you when an unsuspecting user gets the message.  If that person trusts you, they may very well open up the document without following basic security precautions, thereby infecting the system.

Keep in mind that Melissa is not commonly thought of as a destructive virus because it doesn't harm your hard drive or your files in any way.  It simply reproduces itself over and over.  However, I believe it should be thought of as destructive since the biggest thing it destroys is the trust you've worked hard to establish amongst friends, family, business associates and co-workers.

No longer can anyone trust that the document they are receiving is harmless.  They can no longer trust you!

Is All Lost?
Not at all.  At this point there is still a lot which can be done to prevent this type of thing from happening.  The best thing you can do is follow my suggestions outlined above for your own protection.  Always be careful of what you are downloading or opening via attachments.  If you suspect a file to be malicious, either delete it outright or send it on to someone with the expertise to determine if it's going to cause you harm.  Do all of this just to the point of paranoia, but don't go past it!  Keep a level head and you'll be fine.

Thanks for listening!

Michael R. Potter
ESC! Magazine