Updated date:

Are You Spreading Computer Viruses and Malware Without Knowing?


Glenn Stok is a systems analyst with a Master’s Degree in Computer Science. This informative article is based on his professional insight.

Cyber terrorists scam you into allowing them to use your computer to send malware to your friends by email. They think it's from a trusted friend, so they open the email and get the malware too. You don't even know it's happening.

The trick that these cybercriminals use is to make it look like you're getting an email from a trusted friend. So you open it and click on the attachment, which installs malware on your computer that continues to spread among your friends.


How Trusted Friends Spread Malware

Here's an example. I once received similar emails from two friends at about the same time. Both emails had a link to a site and mentioned that I should look at this interesting site. However, it didn't say why I should look at it.

It was immediately apparent to me that both my friends had a virus that spreads by looking like it is sent from a trusted friend.

Instead of clicking the link, which I knew was asking for trouble, I just deleted the emails. These types of emails can contain a link to a site that plants a virus or malware on your computer. That's why I won’t follow the link.

Getting two similar emails from two people at the same time was a clue that my friends did not write those emails.

Even if I had gotten just one, I still would not have clicked the link. I'll tell you why. If it were a real message from a friend, they would have mentioned more specifically why I should click the link.

If a friend sends me an email without having the courtesy of including a meaningful reference in the subject field, too bad, they should know better. I won't open it for my own safety.

Teach this to your friends. Spread the knowledge for their safety and yours. They need to understand to use proper computer etiquette.

How a Computer Virus Duplicates and Spreads

A computer virus can copy itself and spread to other computers.

  1. It does that by looking for email addresses in your email directory as well as any email addresses contained in the "TO:" field or the "CC:" field of emails you received from other people.
  2. Then it uses your own email program to send an email to all your friends, like the one I was talking about above. That email contains a copy of the virus as an attached file.
  3. Each time any recipient opens the attachment, the process continues. It keeps repeating this propagation from one person's computer to another.

Your friends make it easy for these viruses to spread by not hiding email addresses in the BCC (blind copy) field when they send a message to multiple people.

If any of the recipients have a similar virus, everyone else gets an email with the virus. Friends who are not computer savvy will click the link and continue spreading the virus because they think they received the email from a trusted friend.

That explains how I got two of those emails at the same time. It happens quickly. You have ten friends, and they each have ten friends. That is already 100 copies of this virus. It just keeps duplicating itself that way. They each have ten friends, and now there are 1000 copies.

By the 4th generation, there are 10,000 copies! By the 5th generation... 100,000.

You can see that a million people will have the virus just after six repeated generations of friends opening the email attachment.

That means that you are responsible for millions of cyber-attacks if you are one of the people in that chain.


How This Is Used in Cyber Warfare

Some of these viruses were created for one reason. They may be benign to you and me, but they have a purpose of attacking a specific target.

They use us to spread the attacking software in search of something specific so that it can carry out its task of destruction.

Remember what I explained about a million copies existing in just six generations. Eventually, a copy of it will reach its desired destination. Possibly finding a computer in the Pentagon or the U.S. Defense Department and sending back all the data on those computers to the host.

In May 2011 defense contractor Lockheed Martin was hit by a cyber attack made possible by malware that was carelessly introduced into their system.1

It requires a human to allow a virus to become active. Too many people allow themselves to be fooled by emails that ask to click a link that ends up freeing the malware that activates a virus. They need to learn to do their due diligence with email requests to click a link.

There are ways to investigate the actual source of the email from its header info. The sender's address is useless because it can be forged. Besides, the sender might be a trusted friend spreading copies of the virus to all their friends.

The Consequences of Cyber Warfare

This carelessness can lead to cyber warfare.2

  1. A virus might be searching for a control server of a nuclear power plant to instruct it to disable the cooling system and create a meltdown.
  2. Another might shut down the U.S. power grid or disrupt telecommunications.

Malware in Computer Chips

It has recently been discovered that the Chinese have been including malware in the computer chips we import. Malware or viruses in chips used in military applications could interfere with a weapon’s intended purpose.3

So far these viruses have been stopped in their tracks before doing anything nasty. However, many of them already had infiltrated government computers to get vital information that the hacker needed to get their hands on.

On the other hand, they may have been paid to do it for someone who wants the data with a desire to trigger something more serious.

These are Cyber Terrorist

The outcome can be catastrophic:

  • They are using the Internet to create destruction in the real world.4 The data these hackers find is sold to terrorists planning worse catastrophes.
  • They can gain control over a computer server that controls telecommunications, the national power grid, or anything related to national security.
  • Classified government information can be used against the U.S. and hinder our national security.

Don't include yourself in the chain that leads to this turmoil. Be alert to emails that you think have come from a trusted friend asking you to follow a link. Otherwise, you will be another trusted friend who spreads mayhem.


  1. Lockheed Martin hit by cyber attack. (May 29, 2011). The Associated Press (CBS News)
  2. Cyber Defense (Dec 14, 2017). North Atlantic Treaty Organization
  3. Gerald Posner (Jan 12, 2010). China's Secret Cyberterrorism. The Daily Beast
  4. John P. Avlon (Oct 20, 2009). The Growing Cyberthreat. Forbes.com

This article is accurate and true to the best of the author’s knowledge. Content is for informational or entertainment purposes only and does not substitute for personal counsel or professional advice in business, financial, legal, or technical matters.

© 2011 Glenn Stok

Reader Comments

Glenn Stok (author) from Long Island, NY on October 26, 2013:

PegCole17 - I know a number of people who fell for this tactic. When one thinks an email is from a trusted friend it is easy to think it's for real. That's why it's so important to pay close attention to detail. If the subject is strange, or there are other addresses in the To Field, I usually think twice before opening an attachment. Thanks, Peg, for stopping by.

Shasta Matova from USA on October 26, 2013:

My virus scanner is doing its regularly scheduled scan as we speak. I've gotten those vague emails and I ignore them as well, although one person did ask me why I didn't open it. I told her to be more descriptive in the emails in the future. I don't think many people realize that there are bigger implications than a virus lodging themselves in their own computer. I didn't realize that the message also gets sent to recipients of incoming mail and not just people in the address book. I appreciate this warning.

Peg Cole from Northeast of Dallas, Texas on October 25, 2013:

Thanks for this important and valuable explanation. This has happened to me, too. Receiving an email from a trusted friend is quite a disarming tactic.

Glenn Stok (author) from Long Island, NY on October 08, 2011:

sasanka7, Thanks for your comments and your question about Anti Virus protecting a PC. I have received emails from friends that contain links to viruses and spread by clicking on a link in the email. They start spreading from a friend who clicks the same email when they got it.

I, for one, break the chain because I never click these links without checking first. But the point I want to make is that these friends claim to have their anti virus up to date. So I suspect the answer to your question is NO.

Based on this experience I have to come to the conclusion that anti virus software will not necessarily protect the PC if the user clicks to allow the virus. It can only stop the virus if it starts up by some other means or when it is matched to a known virus signature.

If the software is not up to date then it can most definitely miss newer viruses.

sasanka7 from Calcutta, India on October 08, 2011:

Thank you so much Mr. Stok for your suggestion. I think your hub should be published widely.

I want to learn more from you.

1. Generally, free Anti Virus software like ‘Avast’ is being used by maximum users in India which also up dates automatically, but until it is upgraded could the Anti Virus software protect any PC?

The most alarming thing you have pointed out about the use of China made spare parts / I C/ Mother Board etc. Total Indian market has been flooded by China made spares. They are cheap but disturb much after the expiry of warranty period. This could not be cured but endure.

Thanks again for sharing.

Glenn Stok (author) from Long Island, NY on October 07, 2011:

sasanka7, To answer your question, it can be stopped by educating people to NEVER click on links in emails. Even if it comes from a trusted friend, since your friend may have let a hacker get control of their email program (by clicking a link) to send copies further. Every time someone tells me they have a virus, it turns out they let it in themselves.

sasanka7 from Calcutta, India on October 07, 2011:

Very useful information. Frequently i receive some messages, mainly from Africa that i have selected / win for some gadget / some lady is earnestly asking for help or something like that or my trusted friend request me to sign in for some site etc. Though I never open them yet in India it is seen that renowned & innocent persons are being cheated by them. How could it be stopped? Although there are some sites to help cyber crime yet it takes time to have any remedy.

Glenn Stok (author) from Long Island, NY on September 30, 2011:

Danette Watt - Thanks for the info on NPR. And thanks for following me. You left very nice fan mail too, which is very much appreciated.

Danette Watt from Illinois on September 30, 2011:

I listen to NPR and there have been a number of programs (talk shows) and news segments about cyber-terrorism, -attacks and -warfare.

Thanks for the hub, it was interesting.

Glenn Stok (author) from Long Island, NY on August 22, 2011:

samsons1, thanks for the vote up and stumble. Hopefully it will help others who might otherwise get scammed.

WannaB, You are doing the right thing notifying your friends when they have a virus that sends itself to you. Unfortunately I had the experience where I warned a friend that she had a virus and she didn't understand how I knew. So she ignored me until she started getting 200 of her contacts complaining to her that she sent them a virus. How silly is that? Thanks for your comments.

Barbara Radisavljevic from Templeton, CA on August 22, 2011:

Thanks for mentioning this. When you make your living on the internet it's easy to forget what you did as a newbie and assume all your friends have the same level of awareness that you do. I can normally spot a scam or junk mail just from the header now, and I've learned not to click any link with no other bit of information -- no matter whom it's from unless I'm expecting it. I regularly get this sort of email from someone who spends little time on line and has a Yahoo address, and I immediately delete them. I keep very few contacts in my yahoo account, so the one time I did get hacked at Yahoo, the damage was limited. In that instance, I don't think I clicked anything. I know a couple of friends were hacked once before I was. When their messages came, I spotted them at once and notified the owners of the email account, who, by that time, already knew. This is something they should teach in computer courses and books for those just getting a first computer.

Sam from Tennessee on August 22, 2011:

voted up and useful! Thanks Glenn for the 'reminder', it never hurts to be cautioned again, and just might save us expense and heart ache. I will stumble also...

Glenn Stok (author) from Long Island, NY on August 22, 2011:

BlissfulWriter, thanks for adding that. I discover many times that some friends never upgrade their anti-virus software and they think they are still protected.

BlissfulWriter on August 22, 2011:

Also, all computers should have up to date anti virus software.