Skip to main content

Is Your Computer Secretly Sending Malware to Your Friends?

As a technical writer with a Master's Degree in Computer Science, I share my knowledge and experience for educational purposes to help you.

Did a friend get malware from you and you didn’t know how it happened?

Did a friend get malware from you and you didn’t know how it happened?

This Is How Your Computer Could Be Spreading Malware

Hackers can use your computer to pass malware along to others. They use several methods to get their malware into your computer, such as malicious websites and links in emails.

It starts with hackers getting their malware into your computer by sending emails asking you to open an attachment. Naturally, something in the email is enticing, and you don't think twice about it.

Once you open the attachment, the malware installs itself on your computer. Then it uses your email app to send copies of itself to everyone in your email list.

When your contacts see the same request with an enticing reason to view the attachment, they freely open it, thinking it's from a trusted friend—you.

That continues to spread among all contacts. You don't even know it's happening unless a friend asks if you indeed had sent that email.

So, be alert to emails you think have come from a trusted friend asking you to follow a link or open an attachment. Otherwise, you will be another in the process that spreads the mayhem.

Use due diligence when reviewing your incoming emails.

  • You will be shielding yourself from getting a virus installed on your computer.
  • And you'll be protecting everyone in your contacts.

How I Noticed the Spreading Malware Among My Friends

I once received similar emails from two friends at about the same time. Both emails had a link and mentioned that I "should look at this interesting site."

However, it didn't say why I should look at it.

It was immediately apparent that both my friends had malware that spread by looking as if it came from someone I knew and could be trusted.

Instead of clicking the link, which I knew was asking for trouble, I just deleted the emails. These types of emails can contain a link to a site that plants a virus or other malware on your computer. That's why I won’t ever follow a link from an email.

Getting two similar emails from two people at the same time was also a major clue that my friends did not write those emails. The malware was spreading in real-time!

Even if I had gotten just one, I still would not have clicked the link. I'll tell you why. If it were a real message from a friend, they would have mentioned why I should click the link more specifically.

If a friend sends me an email without having the courtesy of including a meaningful reference in the subject field, too bad, they should know better. But, the fact remains, I won't open it for my own safety.

Teach this to your friends. Spread the knowledge for their safety and yours. They need to understand to use proper computer etiquette.

How Computer Viruses and Malware Duplicate and Spread

Computer malware can copy itself and spread to other computers by the following method:

  1. It searches for email addresses in your email directory and any addresses in the "TO:" field or the "CC:" field of emails you received from other people.
  2. Then it uses your email program to send an email to all those contacts, like the one I talked about above. That email contains a copy of the malware as an attached file.
  3. When the recipient opens the attachment, the process continues. It keeps repeating this propagation from one person's computer to another.

You Need to Use the BCC Field When Sending Emails to Multiple People

Your friends make it easy for malware to spread by not hiding email addresses in the BCC (blind copy) field when they send messages to multiple people.

If any recipients have a similar malware, everyone else gets it because it captures the additional email addresses. Then anyone who is not computer savvy will click the link and continue spreading it because they think they received the email from a trusted friend.

That explains how I got two of those emails simultaneously. It happens quickly. You have ten friends, and they each have ten friends. That is already 100 copies of the malware. It just keeps duplicating itself that way. They each have ten friends, and now there are 1000 copies.

By the 4th generation, there are 10,000 copies! By the 5th generation... 100,000.

You can see that a million people will have the same malware after six repeated generations of friends opening the email attachment.

That means you are responsible for millions of cyber-attacks if you are one of the people in that chain.

It’s crucial to check for viruses and malware.

It’s crucial to check for viruses and malware.

How Malware Is Used in Cyber Warfare

Some malware may be benign, but they have a purpose. Attackers use us to spread their malware in search of something specific to carry out its task of destruction.

Remember what I explained about a million copies existing in just six generations. Eventually, a copy of it will reach its desired destination, possibly finding a computer in the Pentagon or the U.S. Defense Department and sending back all the data on those computers to the host.

In May 2011, defense contractor Lockheed Martin was hit by a cyber-attack made possible by malware that an employee carelessly allowed into their system.1

It requires a human to allow a virus to become active. Unfortunately, too many people are fooled by emails that ask to click a link that frees the malware that activates a virus. They need to learn to do their due diligence with requests to click a link.

There are ways to investigate the actual source of the email from its header info. However, the sender's address is useless because it can be forged. Besides, the sender might be one of many spreading copies of it to all their contacts.

The Consequences of Cyber Warfare

This carelessness can lead to cyber warfare.2 Here are two examples:

  1. A particular malware might be searching for a nuclear power plant's control server to instruct it to disable the cooling system and create a meltdown.
  2. Another might shut down the U.S. power grid or disrupt telecommunications.

Malware Discovered in Computer Chips

It has recently been discovered that the Chinese have been including malware in the computer chips we import. Malware or viruses in chips used in military applications could interfere with a weapon’s intended purpose.3

So far, these viruses have been stopped in their tracks before doing anything nasty. However, many of them already had infiltrated government computers to get vital information that hackers needed to get their hands on.

On the other hand, they may have been paid to do it for someone who wants the data with a desire to trigger something more serious.

Malware Can Harm Our National Security

The result of cyber-attacks with the following three tasks can be catastrophic:

  1. They use the Internet to create destruction in the real world.4 The data they find is sold to terrorists planning worse devastation.
  2. They gain control over a computer server that controls telecommunications, the national power grid, or anything related to national security.
  3. Classified government information that's gathered can be used against the U.S. and hinder our national security.

To Summarize

Now that you know how people spread malware, remember these crucial steps to take:

  • Question strange emails that ask you to click a link even if it seems it came from someone you know.
  • Don't click links unless you are 100% sure it's safe.
  • Contact the sender by other means to confirm they sent it. If not, let them know they might have malware on their system.
  • You're in control, and you can stop the mayhem.


  1. Lockheed Martin hit by cyber attack. (May 29, 2011). The Associated Press (CBS News)
  2. Cyber Defense (Dec 14, 2017). North Atlantic Treaty Organization
  3. Gerald Posner (Jan 12, 2010). China's Secret Cyberterrorism. The Daily Beast
  4. John P. Avlon (Oct 20, 2009). The Growing Cyberthreat.

This article is accurate and true to the best of the author’s knowledge. Content is for informational or entertainment purposes only and does not substitute for personal counsel or professional advice in business, financial, legal, or technical matters.

© 2011 Glenn Stok

Reader Comments

Glenn Stok (author) from Long Island, NY on October 26, 2013:

PegCole17 - I know a number of people who fell for this tactic. When one thinks an email is from a trusted friend it is easy to think it's for real. That's why it's so important to pay close attention to detail. If the subject is strange, or there are other addresses in the To Field, I usually think twice before opening an attachment. Thanks, Peg, for stopping by.

Shasta Matova from USA on October 26, 2013:

My virus scanner is doing its regularly scheduled scan as we speak. I've gotten those vague emails and I ignore them as well, although one person did ask me why I didn't open it. I told her to be more descriptive in the emails in the future. I don't think many people realize that there are bigger implications than a virus lodging themselves in their own computer. I didn't realize that the message also gets sent to recipients of incoming mail and not just people in the address book. I appreciate this warning.

Peg Cole from North Dallas, Texas on October 25, 2013:

Thanks for this important and valuable explanation. This has happened to me, too. Receiving an email from a trusted friend is quite a disarming tactic.

Glenn Stok (author) from Long Island, NY on October 07, 2011:

sasanka7, To answer your question, it can be stopped by educating people to NEVER click on links in emails. Even if it comes from a trusted friend, since your friend may have let a hacker get control of their email program (by clicking a link) to send copies further. Every time someone tells me they have a virus, it turns out they let it in themselves.

sasanka7 from Calcutta, India on October 07, 2011:

Very useful information. Frequently i receive some messages, mainly from Africa that i have selected / win for some gadget / some lady is earnestly asking for help or something like that or my trusted friend request me to sign in for some site etc. Though I never open them yet in India it is seen that renowned & innocent persons are being cheated by them. How could it be stopped? Although there are some sites to help cyber crime yet it takes time to have any remedy.

Glenn Stok (author) from Long Island, NY on August 22, 2011:

samsons1, thanks for the vote up and stumble. Hopefully it will help others who might otherwise get scammed.

WannaB, You are doing the right thing notifying your friends when they have a virus that sends itself to you. Unfortunately I had the experience where I warned a friend that she had a virus and she didn't understand how I knew. So she ignored me until she started getting 200 of her contacts complaining to her that she sent them a virus. How silly is that? Thanks for your comments.

Barbara Radisavljevic from Templeton, CA on August 22, 2011:

Thanks for mentioning this. When you make your living on the internet it's easy to forget what you did as a newbie and assume all your friends have the same level of awareness that you do. I can normally spot a scam or junk mail just from the header now, and I've learned not to click any link with no other bit of information -- no matter whom it's from unless I'm expecting it. I regularly get this sort of email from someone who spends little time on line and has a Yahoo address, and I immediately delete them. I keep very few contacts in my yahoo account, so the one time I did get hacked at Yahoo, the damage was limited. In that instance, I don't think I clicked anything. I know a couple of friends were hacked once before I was. When their messages came, I spotted them at once and notified the owners of the email account, who, by that time, already knew. This is something they should teach in computer courses and books for those just getting a first computer.

Sam from Tennessee on August 22, 2011:

voted up and useful! Thanks Glenn for the 'reminder', it never hurts to be cautioned again, and just might save us expense and heart ache. I will stumble also...

Glenn Stok (author) from Long Island, NY on August 22, 2011:

BlissfulWriter, thanks for adding that. I discover many times that some friends never upgrade their anti-virus software and they think they are still protected.

BlissfulWriter on August 22, 2011:

Also, all computers should have up to date anti virus software.